Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/sKAnMMNbcqj51qlB_e3twNPhKfo.roa
File: sKAnMMNbcqj51qlB_e3twNPhKfo.roa (raw, json)
Hash identifier: dBiOLTwfy6fEj3S2ZSzjgrhwJnwRhuDJbXHQhXo3oU8=
Subject key identifier: B0:A0:27:30:C3:5B:72:A8:F9:D6:A9:41:FD:ED:ED:C0:D3:E1:29:FA
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 019427487000F1DB155C91E4E9418635B299
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/sKAnMMNbcqj51qlB_e3twNPhKfo.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59741
IP address blocks: 45.141.52.0/22 maxlen: 24
45.141.54.0/24 maxlen: 24
45.155.78.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 Jan 2025 19:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:70:00:f1:db:15:5c:91:e4:e9:41:86:35:b2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a02730c35b72a8f9d6a941fdededc0d3e129fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:ea:1c:31:95:aa:b5:f0:1d:cd:17:31:2f:
3e:29:f8:8f:f1:c6:28:dc:ce:0c:c5:99:93:49:53:
4a:ab:8d:2b:df:05:6d:9d:84:12:f0:e6:cc:87:e3:
28:63:5b:81:60:c6:6f:d8:62:37:61:f9:11:ad:48:
04:92:62:b8:11:da:72:50:17:ab:02:b4:91:04:d0:
56:e0:e2:31:bd:d3:ef:50:97:28:ec:7b:c5:54:33:
c2:cc:73:44:71:94:59:80:9a:28:45:b7:62:a3:ec:
8c:65:fa:24:b6:72:cd:d4:32:aa:6e:95:c8:ad:97:
df:f1:e7:c8:df:a6:41:59:7b:72:66:c4:a4:2a:27:
bd:04:78:f8:b2:59:df:de:02:c2:91:fa:e1:16:48:
23:30:ca:bf:93:14:f6:4e:e4:2d:56:80:de:ba:1a:
0f:4a:36:db:74:95:a5:32:a5:33:4f:97:bf:83:83:
e8:38:a5:7d:d8:c9:26:3f:70:35:30:48:66:88:e9:
05:b8:df:5f:6f:8b:6c:53:a9:01:cb:41:c0:d2:80:
be:a0:ab:00:a3:50:7f:b7:fe:32:28:21:0f:4e:3b:
d3:05:b8:d1:ef:6a:34:81:90:dd:e6:4c:f6:d4:a4:
33:a2:6d:f7:ba:0e:62:ac:77:b4:b6:61:95:52:e8:
3e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A0:27:30:C3:5B:72:A8:F9:D6:A9:41:FD:ED:ED:C0:D3:E1:29:FA
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/sKAnMMNbcqj51qlB_e3twNPhKfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.78.0/23
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
99:85:62:60:48:3d:ba:b1:84:f2:32:13:1b:67:7a:6d:67:cc:
99:0c:1d:e7:5b:70:5d:c1:fa:a4:53:7f:be:fb:84:29:26:36:
20:9a:22:c6:54:d6:0b:bd:5c:2a:5d:b2:6c:44:54:09:c3:e6:
77:8a:8e:05:92:5a:f6:83:53:43:c3:dc:89:03:95:11:0f:e9:
3b:ce:cc:50:aa:c5:03:22:83:90:93:75:97:ee:b2:f9:f2:0a:
7b:4b:c9:c5:44:64:2e:c3:e6:8a:4c:d3:fc:27:6d:2b:69:07:
fd:c8:42:70:2a:85:66:a2:92:7e:df:64:ed:93:13:3b:b5:18:
aa:07:40:bd:6a:0d:ca:84:61:d3:63:78:ef:8b:19:e8:a4:d9:
a8:a3:ee:60:7c:12:47:38:c7:b1:43:80:95:b1:21:2e:b3:e6:
ae:ac:74:6b:a8:c5:92:65:cc:bf:e0:5e:b6:19:e1:0a:85:03:
54:bf:9c:9f:0a:1e:3c:3a:f4:32:07:81:11:25:8a:c5:65:ea:
bb:67:a2:fb:e0:55:c5:e4:df:1a:c3:74:58:e1:50:bd:24:d7:
78:2a:a7:94:42:18:1c:5a:2f:4b:a5:54:56:43:14:74:9a:77:
8a:94:fe:df:e8:40:7d:10:f4:57:70:4e:ce:d7:29:69:e0:ea:
07:7b:d3:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQnSHAA8dsVXJHk6UGGNbKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGEwMjczMGMzNWI3MmE4ZjlkNmE5NDFmZGVkZWRjMGQzZTEyOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOPqHDGVqrXwHc0XMS8+KfiP8cYo
3M4MxZmTSVNKq40r3wVtnYQS8ObMh+MoY1uBYMZv2GI3YfkRrUgEkmK4EdpyUBer
ArSRBNBW4OIxvdPvUJco7HvFVDPCzHNEcZRZgJooRbdio+yMZfoktnLN1DKqbpXI
rZff8efI36ZBWXtyZsSkKie9BHj4slnf3gLCkfrhFkgjMMq/kxT2TuQtVoDeuhoP
SjbbdJWlMqUzT5e/g4PoOKV92MkmP3A1MEhmiOkFuN9fb4tsU6kBy0HA0oC+oKsA
o1B/t/4yKCEPTjvTBbjR72o0gZDd5kz21KQzom33ug5irHe0tmGVUug+lQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLCgJzDDW3Ko+dapQf3t7cDT4Sn6MB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvc0tBbk1NTmJjcWo1MXFsQl9lM3R3TlBoS2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLY00AwQB
LZtOAwQBuUnwMA0EAgACMAcDBQAqBUdAMA0GCSqGSIb3DQEBCwUAA4IBAQCZhWJg
SD26sYTyMhMbZ3ptZ8yZDB3nW3BdwfqkU3+++4QpJjYgmiLGVNYLvVwqXbJsRFQJ
w+Z3io4Fklr2g1NDw9yJA5URD+k7zsxQqsUDIoOQk3WX7rL58gp7S8nFRGQuw+aK
TNP8J20raQf9yEJwKoVmopJ+32TtkxM7tRiqB0C9ag3KhGHTY3jvixnopNmoo+5g
fBJHOMexQ4CVsSEus+aurHRrqMWSZcy/4F62GeEKhQNUv5yfCh48OvQyB4ERJYrF
Zeq7Z6L74FXF5N8aw3RY4VC9JNd4KqeUQhgcWi9LpVRWQxR0mneKlP7f6EB9EPRX
cE7O1ylp4OoHe9MQ
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:31:14 2025 by rpki-client