Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A5FxtElQLl-RBCXSEPljGrkCDA4.roa
File: A5FxtElQLl-RBCXSEPljGrkCDA4.roa (raw, json)
Hash identifier: 8LRm0fgAtL8iG/EMt6XCgZNYlVSbeUOkBronYqbSl4M=
Subject key identifier: 03:91:71:B4:49:50:2E:5F:91:04:25:D2:10:F9:63:1A:B9:02:0C:0E
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018CCE962FE03D16D0436B402B44B094ADDA
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A5FxtElQLl-RBCXSEPljGrkCDA4.roa
Signing time: Wed 03 Jan 2024 09:09:58 +0000
ROA not before: Wed 03 Jan 2024 09:09:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204145
IP address blocks: 45.157.199.0/24 maxlen: 24
45.157.196.0/24 maxlen: 24
45.157.197.0/24 maxlen: 24
45.157.198.0/24 maxlen: 24
89.35.179.0/24 maxlen: 24
45.130.220.0/24 maxlen: 24
45.130.221.0/24 maxlen: 24
45.130.222.0/24 maxlen: 24
45.130.223.0/24 maxlen: 24
185.50.73.0/24 maxlen: 24
185.50.74.0/24 maxlen: 24
185.50.75.0/24 maxlen: 24
185.50.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:96:2f:e0:3d:16:d0:43:6b:40:2b:44:b0:94:ad:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Jan 3 09:09:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=039171b449502e5f910425d210f9631ab9020c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:25:ef:fb:2b:6a:28:f0:4e:7f:58:50:53:e3:
39:0b:c1:f4:06:54:0f:b2:8b:25:4b:a4:e7:c0:a6:
2b:af:e0:46:b4:d0:03:6f:b1:c1:9d:96:f8:11:bd:
9f:a9:80:68:06:d9:2d:56:c2:17:2e:06:0d:84:36:
d3:79:79:1f:27:42:03:56:51:00:1a:42:05:e3:03:
eb:14:f0:54:b6:7c:52:f4:3c:bd:16:56:0d:54:e0:
a5:78:6b:8a:e6:45:a9:14:21:f7:d1:50:c6:d7:15:
6c:11:d7:3a:11:2d:82:44:08:5d:b3:09:7a:4a:3a:
a5:40:f7:ba:6a:c3:00:2c:97:75:9e:c5:c7:58:6a:
3a:d9:b7:ee:7f:a9:dd:ae:16:58:1f:83:09:59:ed:
85:49:16:fa:08:70:56:c7:f7:88:c3:f3:a7:8b:08:
bc:da:c8:3b:e4:30:a9:0f:95:44:a3:da:a8:83:bf:
af:17:dc:88:11:ab:d7:2b:ea:4c:bf:02:bf:51:13:
fd:20:b3:2b:84:8a:8a:71:90:ad:fa:a0:dd:53:e8:
b8:5a:20:fa:12:0e:76:69:1d:6b:0d:10:2a:4d:49:
6f:8c:21:c8:8c:26:00:fd:7f:b1:14:df:4e:47:81:
04:51:6e:a9:11:99:df:82:44:e0:2b:88:ab:59:e3:
c9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:91:71:B4:49:50:2E:5F:91:04:25:D2:10:F9:63:1A:B9:02:0C:0E
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A5FxtElQLl-RBCXSEPljGrkCDA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.220.0/22
45.157.196.0/22
89.35.179.0/24
185.50.72.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:bf:25:78:b5:76:b3:ee:85:d7:c8:9b:fa:4d:d8:20:95:60:
97:be:ca:66:22:ae:0a:db:b3:c4:64:09:65:ea:c3:11:59:db:
3a:c0:e3:63:6d:84:f6:08:c1:8f:37:29:90:32:40:41:ec:3e:
3d:17:b1:7f:ce:78:88:03:c2:51:36:b6:2e:1f:5b:12:53:67:
81:dc:e5:3b:52:df:20:fe:66:a7:72:04:54:bd:f5:be:58:d5:
db:61:d3:54:3f:19:60:eb:fe:c6:9a:5d:e3:6d:e4:b5:61:19:
bd:89:f5:35:1e:ca:36:54:3b:5e:0a:9c:bd:d1:a2:1c:86:c6:
b4:6c:b4:3b:2b:07:77:df:7e:04:77:54:3a:9e:a0:5a:bb:fa:
55:f2:c4:6d:ee:06:f9:9c:3f:92:6a:df:18:3e:1d:00:2e:9c:
22:59:a4:05:85:5c:a9:d1:83:7b:f9:4f:93:7f:6f:95:72:4a:
f3:85:25:a5:ae:bd:20:1a:16:a4:31:4a:d7:a8:cc:79:f0:19:
fa:60:0d:a3:d1:9d:94:7d:fd:68:e8:7c:5b:4b:81:c9:18:43:
c3:bc:74:24:32:96:94:32:d8:25:77:90:37:84:72:86:65:84:
87:ba:97:fa:9d:4c:e0:7a:4b:67:27:86:e5:bf:7e:ea:9d:12:
5b:6f:72:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzOli/gPRbQQ2tAK0SwlK3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMTAzMDkwOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzkxNzFiNDQ5NTAyZTVmOTEwNDI1ZDIxMGY5NjMxYWI5MDIwYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SXv+ytqKPBOf1hQU+M5C8H0BlQP
soslS6TnwKYrr+BGtNADb7HBnZb4Eb2fqYBoBtktVsIXLgYNhDbTeXkfJ0IDVlEA
GkIF4wPrFPBUtnxS9Dy9FlYNVOCleGuK5kWpFCH30VDG1xVsEdc6ES2CRAhdswl6
SjqlQPe6asMALJd1nsXHWGo62bfuf6ndrhZYH4MJWe2FSRb6CHBWx/eIw/Oniwi8
2sg75DCpD5VEo9qog7+vF9yIEavXK+pMvwK/URP9ILMrhIqKcZCt+qDdU+i4WiD6
Eg52aR1rDRAqTUlvjCHIjCYA/X+xFN9OR4EEUW6pEZnfgkTgK4irWePJkwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAORcbRJUC5fkQQl0hD5Yxq5AgwOMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvQTVGeHRFbFFMbC1SQkNYU0VQbGpHcmtDREE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYLcAwQC
LZ3EAwQAWSOzAwQCuTJIMA0GCSqGSIb3DQEBCwUAA4IBAQDTvyV4tXaz7oXXyJv6
TdgglWCXvspmIq4K27PEZAll6sMRWds6wONjbYT2CMGPNymQMkBB7D49F7F/zniI
A8JRNrYuH1sSU2eB3OU7Ut8g/mancgRUvfW+WNXbYdNUPxlg6/7Gml3jbeS1YRm9
ifU1Hso2VDteCpy90aIchsa0bLQ7Kwd3334Ed1Q6nqBau/pV8sRt7gb5nD+Sat8Y
Ph0ALpwiWaQFhVyp0YN7+U+Tf2+VckrzhSWlrr0gGhakMUrXqMx58Bn6YA2j0Z2U
ff1o6HxbS4HJGEPDvHQkMpaUMtgld5A3hHKGZYSHupf6nUzgektnJ4blv37qnRJb
b3Lp
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:20 2025 by rpki-client