Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7MUJ9g8jiCvV67SspBaDvZV-nKk.roa
File: 7MUJ9g8jiCvV67SspBaDvZV-nKk.roa (raw, json)
Hash identifier: s2Ug1nUqzSD475PqT90rZ4uNAywoGfCnCUmJeppVw3o=
Subject key identifier: EC:C5:09:F6:0F:23:88:2B:D5:EB:B4:AC:A4:16:83:BD:95:7E:9C:A9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191550E0D95A61BB6583925095D78D428FB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7MUJ9g8jiCvV67SspBaDvZV-nKk.roa
Signing time: Thu 15 Aug 2024 08:01:09 +0000
ROA not before: Thu 15 Aug 2024 08:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0e:1a84::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 Aug 2024 06:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:0e:0d:95:a6:1b:b6:58:39:25:09:5d:78:d4:28:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 15 08:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecc509f60f23882bd5ebb4aca41683bd957e9ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:8a:1c:e1:46:d5:d8:97:ef:3e:86:43:80:
35:57:17:e6:c6:99:86:35:4c:bc:16:5d:a4:4b:1a:
81:62:e3:bf:7f:a4:23:65:82:09:49:b7:e3:8f:89:
37:fc:69:5e:66:3c:5c:e6:50:3d:58:a6:19:0d:f1:
05:9f:89:64:e8:b9:d0:c5:f6:e6:76:3f:27:4a:41:
06:43:5f:66:d9:fc:18:d0:ad:4c:5d:ec:0a:ec:50:
a0:6f:1c:c6:63:05:82:56:97:3a:c5:e2:d6:b1:64:
0c:db:3f:d1:78:a4:60:49:be:1f:6e:3c:59:c1:20:
f8:42:a4:00:67:df:1b:3f:61:a3:66:07:fb:44:75:
a3:9c:34:98:d0:b2:ec:74:17:6c:11:34:7e:28:5f:
1b:8c:b9:73:7f:c3:11:a7:fe:a8:f1:5a:39:ff:0b:
2a:c5:05:05:a1:08:79:ce:48:2e:81:a6:16:49:82:
e8:0f:cb:cf:76:03:a2:77:f6:a1:3e:28:51:ad:82:
52:e0:02:4b:b8:b8:b8:14:6e:b8:e5:e9:0e:74:86:
50:a0:64:51:49:81:18:6d:cb:03:c4:51:ab:98:34:
2f:d8:85:0e:1d:f4:b1:69:0f:c9:67:9d:65:60:03:
f2:fc:8a:92:1a:35:ff:e4:e5:46:25:19:de:6d:41:
c7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C5:09:F6:0F:23:88:2B:D5:EB:B4:AC:A4:16:83:BD:95:7E:9C:A9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7MUJ9g8jiCvV67SspBaDvZV-nKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
IPv6:
2a0e:1a84::/32
2a0e:f600:5f::/48
2a0f:3d80:bac::/48
2a0f:3d82::/32
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
2b:9a:41:c5:f8:b6:02:b8:c5:43:21:43:c9:0a:0b:ba:2c:6f:
c5:8f:07:62:e1:19:b8:ac:ed:47:e3:e7:1a:1d:74:51:1b:04:
3c:79:83:64:4d:09:e9:ae:fe:11:b9:c9:49:81:aa:bf:6c:e8:
69:5c:16:45:32:dc:4a:52:2b:03:2e:bf:a8:e5:cf:37:77:3b:
f9:23:21:26:d9:d0:dc:94:29:d8:a0:05:45:b8:01:a8:c9:52:
2e:4e:8f:aa:2e:13:02:ff:07:75:df:cb:9b:ca:fc:7b:c8:e4:
02:f7:17:2c:11:29:7f:3a:80:10:1e:cd:1a:4b:80:04:5f:c1:
02:b8:7a:80:d4:f4:02:89:1d:70:0c:2e:e5:91:ac:f4:ab:c6:
7e:6b:36:9f:61:74:2e:53:56:27:37:f6:40:e9:a1:d7:f2:7b:
83:df:3a:b2:e7:65:79:e5:14:18:c6:4e:0f:05:2b:fb:da:7e:
11:b2:f0:2f:3c:37:9b:01:e0:83:d9:dc:e3:89:bb:a4:45:b2:
23:86:0d:47:ca:08:0d:2c:be:77:28:f8:e3:f5:c4:aa:40:97:
be:a9:c2:d4:fc:d7:0e:10:ad:0b:5c:94:23:91:e2:23:02:7e:
a3:25:3a:b1:44:c7:76:ef:7c:89:8e:f3:50:4a:1d:c7:5f:d8:
71:84:54:ec
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZFVDg2Vphu2WDklCV141Cj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE1MDgwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2M1MDlmNjBmMjM4ODJiZDVlYmI0YWNhNDE2ODNiZDk1N2U5Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLyKHOFG1diX7z6GQ4A1VxfmxpmG
NUy8Fl2kSxqBYuO/f6QjZYIJSbfjj4k3/GleZjxc5lA9WKYZDfEFn4lk6LnQxfbm
dj8nSkEGQ19m2fwY0K1MXewK7FCgbxzGYwWCVpc6xeLWsWQM2z/ReKRgSb4fbjxZ
wSD4QqQAZ98bP2GjZgf7RHWjnDSY0LLsdBdsETR+KF8bjLlzf8MRp/6o8Vo5/wsq
xQUFoQh5zkgugaYWSYLoD8vPdgOid/ahPihRrYJS4AJLuLi4FG645ekOdIZQoGRR
SYEYbcsDxFGrmDQv2IUOHfSxaQ/JZ51lYAPy/IqSGjX/5OVGJRnebUHH6QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFOzFCfYPI4gr1eu0rKQWg72VfpypMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvN01VSjlnOGppQ3ZWNjdTc3BCYUR2WlYtbktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTASBAIAATAMAwQALVYMAwQA
LZjGMD8EAgACMDkDBQAqDhqEAwcAKg72AABfAwcAKg89gAusAwUAKg89ggMHACoP
fQAAAQMHACoPvAChxAMFAyoTK0AwDQYJKoZIhvcNAQELBQADggEBACuaQcX4tgK4
xUMhQ8kKC7osb8WPB2LhGbis7Ufj5xoddFEbBDx5g2RNCemu/hG5yUmBqr9s6Glc
FkUy3EpSKwMuv6jlzzd3O/kjISbZ0NyUKdigBUW4AajJUi5Oj6ouEwL/B3Xfy5vK
/HvI5AL3FywRKX86gBAezRpLgARfwQK4eoDU9AKJHXAMLuWRrPSrxn5rNp9hdC5T
Vic39kDpodfye4PfOrLnZXnlFBjGTg8FK/vafhGy8C88N5sB4IPZ3OOJu6RFsiOG
DUfKCA0svnco+OP1xKpAl76pwtT81w4QrQtclCOR4iMCfqMlOrFEx3bvfImO81BK
Hcdf2HGEVOw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:42 2025 by rpki-client