Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/6NNeb9WJxqeKlESh9iN6VAytSKs.roa
File: 6NNeb9WJxqeKlESh9iN6VAytSKs.roa (raw, json)
Hash identifier: n4bz/p4X/ToJdwoCnq3SxFiEoB/i4/PUDPQorSP81H8=
Subject key identifier: E8:D3:5E:6F:D5:89:C6:A7:8A:94:44:A1:F6:23:7A:54:0C:AD:48:AB
Certificate issuer: /CN=97de85c684fcff83ec4148ab5f6f67cd1504f93d
Certificate serial: 018CC64AFC6199CA7380F2FD022BFA70FE34
Authority key identifier: 97:DE:85:C6:84:FC:FF:83:EC:41:48:AB:5F:6F:67:CD:15:04:F9:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l96FxoT8_4PsQUirX29nzRUE-T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/6NNeb9WJxqeKlESh9iN6VAytSKs.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200698
IP address blocks: 185.212.109.0/24 maxlen: 24
185.212.108.0/22 maxlen: 22
185.212.110.0/24 maxlen: 24
185.212.108.0/24 maxlen: 24
185.212.111.0/24 maxlen: 24
45.156.250.0/24 maxlen: 24
45.156.251.0/24 maxlen: 24
45.156.249.0/24 maxlen: 24
45.156.248.0/24 maxlen: 24
45.156.248.0/22 maxlen: 22
185.164.32.0/22 maxlen: 22
185.164.33.0/24 maxlen: 24
185.164.34.0/24 maxlen: 24
185.164.32.0/24 maxlen: 24
185.164.35.0/24 maxlen: 24
185.99.2.0/24 maxlen: 24
185.99.3.0/24 maxlen: 24
185.99.0.0/24 maxlen: 24
185.99.1.0/24 maxlen: 24
185.99.0.0/22 maxlen: 22
2a00:8620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fc:61:99:ca:73:80:f2:fd:02:2b:fa:70:fe:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97de85c684fcff83ec4148ab5f6f67cd1504f93d
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8d35e6fd589c6a78a9444a1f6237a540cad48ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:4d:c2:62:df:93:16:20:9a:7d:f1:07:f1:
42:57:86:14:29:9d:ec:05:5d:9a:05:d7:8b:00:7a:
d3:09:b2:bd:1a:c2:67:d6:7c:85:60:2a:c9:86:6d:
31:3f:04:33:a7:69:f5:79:b6:5f:f0:4b:ca:23:91:
68:75:70:bc:ed:c6:67:46:2b:49:92:c1:e6:d8:e3:
5d:e8:b8:44:a0:9c:24:c5:62:2f:86:c4:9e:c1:d0:
23:a2:71:a5:38:4a:0d:f4:08:17:6f:e0:6d:51:8a:
91:72:2a:5f:49:ce:0c:01:ce:d9:69:e2:39:3e:f6:
94:7e:fc:00:a0:37:67:18:07:fe:c3:13:0a:a4:27:
3e:ef:8c:04:ca:78:d8:c1:09:69:f5:45:bd:1b:1a:
16:8d:5c:1d:4a:be:f7:f7:5c:3f:bb:c8:5b:8a:44:
72:b3:26:a9:81:83:61:4a:0d:dd:19:f5:80:4b:bc:
04:14:bb:e9:da:00:39:c9:6a:df:4a:45:ba:05:89:
e6:d5:e1:22:ef:33:44:b7:2a:66:0f:2e:5a:24:9d:
34:98:58:8e:fc:32:56:ee:de:50:06:2a:82:be:92:
14:8d:0d:c0:12:0f:f8:68:c4:e0:ec:83:b5:32:f8:
27:d0:00:33:3c:75:f5:58:22:a4:e9:e4:80:85:56:
ec:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D3:5E:6F:D5:89:C6:A7:8A:94:44:A1:F6:23:7A:54:0C:AD:48:AB
X509v3 Authority Key Identifier:
keyid:97:DE:85:C6:84:FC:FF:83:EC:41:48:AB:5F:6F:67:CD:15:04:F9:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l96FxoT8_4PsQUirX29nzRUE-T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/6NNeb9WJxqeKlESh9iN6VAytSKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/l96FxoT8_4PsQUirX29nzRUE-T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.248.0/22
185.99.0.0/22
185.164.32.0/22
185.212.108.0/22
IPv6:
2a00:8620::/32
Signature Algorithm: sha256WithRSAEncryption
0a:2e:21:05:18:d6:14:06:fe:18:d8:f8:75:5e:64:9f:3d:63:
67:fb:78:c3:6e:d1:bf:cb:e4:23:7d:79:54:08:b6:9c:d4:df:
ec:f7:f1:96:64:f7:2c:8c:69:6d:c6:ec:d3:a7:8c:9a:91:76:
f8:83:50:40:85:1d:eb:25:ba:c9:de:e3:85:9e:21:1b:ec:db:
85:35:2b:01:6e:af:77:d7:f6:a5:58:a1:2e:1c:02:73:c4:bd:
77:38:10:2c:50:bc:1f:82:af:a2:66:64:f3:d4:50:af:df:9e:
c5:53:30:44:87:e9:36:00:69:a4:cf:a3:90:aa:d3:cf:02:5a:
f9:13:68:6c:ce:6e:64:dc:81:be:78:62:f6:28:e0:18:f9:2e:
fb:45:a4:3b:d2:60:a6:e4:86:9a:72:60:5d:55:04:aa:26:e9:
af:f3:a7:14:f7:1f:83:92:a5:66:a5:fc:22:1c:65:77:03:7c:
ec:a6:11:d6:1c:86:b4:ed:d5:b5:9e:3a:ea:f4:89:8e:62:c5:
59:0b:97:3f:5e:bc:da:fc:27:33:b2:cd:bc:f2:20:cf:8a:5c:
9f:e1:94:8c:aa:5b:01:40:e8:60:89:93:42:f3:a3:e9:58:11:
b8:ee:f0:a0:78:1d:f2:86:db:b6:1b:4b:34:c3:c4:02:4c:d1:
7e:92:1b:df
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGSvxhmcpzgPL9Aiv6cP40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZGU4NWM2ODRmY2ZmODNlYzQxNDhhYjVmNmY2N2NkMTUw
NGY5M2QwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQzNWU2ZmQ1ODljNmE3OGE5NDQ0YTFmNjIzN2E1NDBjYWQ0OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikdNwmLfkxYgmn3xB/FCV4YUKZ3s
BV2aBdeLAHrTCbK9GsJn1nyFYCrJhm0xPwQzp2n1ebZf8EvKI5FodXC87cZnRitJ
ksHm2ONd6LhEoJwkxWIvhsSewdAjonGlOEoN9AgXb+BtUYqRcipfSc4MAc7ZaeI5
PvaUfvwAoDdnGAf+wxMKpCc+74wEynjYwQlp9UW9GxoWjVwdSr7391w/u8hbikRy
syapgYNhSg3dGfWAS7wEFLvp2gA5yWrfSkW6BYnm1eEi7zNEtypmDy5aJJ00mFiO
/DJW7t5QBiqCvpIUjQ3AEg/4aMTg7IO1Mvgn0AAzPHX1WCKk6eSAhVbs2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOjTXm/VicanipREofYjelQMrUirMB8GA1UdIwQY
MBaAFJfehcaE/P+D7EFIq19vZ80VBPk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDk2RnhvVDhfNFBzUVVpclgyOW56UlVFLVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kYjQ1MjYtZTBlZi00ZTIyLThmZjkt
NTAzMGQwYWU2ZWJjLzEvNk5OZWI5V0p4cWVLbEVTaDlpTjZWQXl0U0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kYjQ1MjYtZTBlZi00ZTIyLThmZjktNTAzMGQwYWU2ZWJj
LzEvbDk2RnhvVDhfNFBzUVVpclgyOW56UlVFLVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZz4AwQC
uWMAAwQCuaQgAwQCudRsMA0EAgACMAcDBQAqAIYgMA0GCSqGSIb3DQEBCwUAA4IB
AQAKLiEFGNYUBv4Y2Ph1XmSfPWNn+3jDbtG/y+QjfXlUCLac1N/s9/GWZPcsjGlt
xuzTp4yakXb4g1BAhR3rJbrJ3uOFniEb7NuFNSsBbq931/alWKEuHAJzxL13OBAs
ULwfgq+iZmTz1FCv357FUzBEh+k2AGmkz6OQqtPPAlr5E2hszm5k3IG+eGL2KOAY
+S77RaQ70mCm5IaacmBdVQSqJumv86cU9x+DkqVmpfwiHGV3A3zsphHWHIa07dW1
njrq9ImOYsVZC5c/Xrza/Cczss288iDPilyf4ZSMqlsBQOhgiZNC86PpWBG47vCg
eB3yhtu2G0s0w8QCTNF+khvf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:00 2025 by rpki-client