Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dPbRk8dAOMW-uCuBM4JUSNs3JLs.roa
File: dPbRk8dAOMW-uCuBM4JUSNs3JLs.roa (raw, json)
Hash identifier: AA7yISyhfYUdp2utPvbeW3AnQSuAQLs1uIfYWWNeywQ=
Subject key identifier: 74:F6:D1:93:C7:40:38:C5:BE:B8:2B:81:33:82:54:48:DB:37:24:BB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019072AD4E1AC3E07EB1070735499EB38817
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dPbRk8dAOMW-uCuBM4JUSNs3JLs.roa
Signing time: Tue 02 Jul 2024 09:01:18 +0000
ROA not before: Tue 02 Jul 2024 09:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:18c0:2::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Jul 2024 06:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:ad:4e:1a:c3:e0:7e:b1:07:07:35:49:9e:b3:88:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 2 09:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74f6d193c74038c5beb82b8133825448db3724bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:a0:27:af:67:68:50:17:6e:c4:a4:4f:ad:
46:cf:72:a7:6e:78:e8:f0:3e:91:7a:32:6e:91:cb:
83:bb:e1:0b:01:44:c7:d5:cc:11:6c:08:20:9b:96:
9e:2f:20:c0:33:4a:55:42:f6:7b:c0:cc:65:60:6d:
47:7d:0a:f5:98:35:81:7a:14:ac:1f:68:67:d1:af:
bf:83:ac:1c:98:8e:40:50:a7:1f:60:22:d2:2e:c4:
0f:ea:f6:9e:a1:d5:5d:f9:fb:5f:c2:cf:da:e0:a0:
df:0c:e5:c8:01:49:18:c1:9d:0e:cb:1e:4a:ff:0e:
a3:29:d0:ba:cd:c5:6d:33:47:88:64:7a:fe:0a:57:
d1:3e:da:39:ba:d1:ce:5e:1a:66:fc:92:2b:0f:bf:
38:42:78:e9:61:b8:2a:e2:ea:5d:d2:85:26:19:02:
22:12:a0:8a:da:5c:ae:e6:9a:69:d1:0d:b7:31:5e:
a9:00:16:1b:63:d8:75:39:ca:4b:6f:03:b1:f7:b0:
62:98:19:fd:0b:e7:50:ad:b5:78:39:47:29:e2:42:
7d:a8:44:47:7b:73:99:0e:93:f8:ea:1d:d6:44:94:
e3:87:61:12:2d:b3:53:2b:2f:8d:7e:85:e1:7f:05:
e0:0b:00:36:1d:46:f5:56:35:ec:ff:39:da:4f:b4:
b3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F6:D1:93:C7:40:38:C5:BE:B8:2B:81:33:82:54:48:DB:37:24:BB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dPbRk8dAOMW-uCuBM4JUSNs3JLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:18c0:2::/48
2a13:18c3::/32
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
94:6e:98:24:91:d3:e3:6e:0a:88:62:7c:64:03:29:b6:26:7b:
c2:0b:b3:df:a7:e0:19:25:d2:50:ad:34:57:1d:1a:4e:50:cd:
94:d3:4e:c3:34:89:84:3c:de:98:63:28:9c:a0:31:f1:ee:04:
98:23:49:71:23:c5:e6:d8:10:42:b2:21:ff:5d:a3:3f:77:dc:
ff:b9:2e:21:bb:c3:40:e4:8e:94:cb:40:db:ea:71:22:4f:e6:
9e:45:ed:17:01:9c:fc:4a:1d:cf:98:b6:5f:28:37:55:9d:32:
e9:a3:c3:bf:1e:ac:5c:b0:6a:86:13:0b:42:84:cb:0f:5d:21:
c6:42:8d:42:64:ce:d8:db:4d:a4:a3:2c:ab:57:bc:6b:b4:b9:
dd:5d:82:02:c3:90:6f:ad:84:ae:91:b2:ec:30:3c:71:51:78:
5f:eb:70:36:ba:44:a0:9c:d8:c8:9e:fe:10:0c:8f:c0:ed:6d:
ca:6b:4b:f3:25:3b:6a:5d:57:a1:37:f1:48:ff:da:02:78:77:
bd:58:59:4b:24:a4:ee:f2:49:c3:c3:cd:c3:9b:fb:06:e0:ae:
a0:3a:a1:60:7a:be:91:59:a4:20:18:bd:82:e5:18:e7:45:67:
da:75:f8:3d:47:fe:06:7f:21:30:2a:d4:5f:2d:74:48:1d:a2:
4a:fa:77:e4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZByrU4aw+B+sQcHNUmes4gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzAyMDkwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY2ZDE5M2M3NDAzOGM1YmViODJiODEzMzgyNTQ0OGRiMzcyNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuCgJ69naFAXbsSkT61Gz3Knbnjo
8D6RejJukcuDu+ELAUTH1cwRbAggm5aeLyDAM0pVQvZ7wMxlYG1HfQr1mDWBehSs
H2hn0a+/g6wcmI5AUKcfYCLSLsQP6vaeodVd+ftfws/a4KDfDOXIAUkYwZ0Oyx5K
/w6jKdC6zcVtM0eIZHr+ClfRPto5utHOXhpm/JIrD784QnjpYbgq4upd0oUmGQIi
EqCK2lyu5ppp0Q23MV6pABYbY9h1OcpLbwOx97BimBn9C+dQrbV4OUcp4kJ9qERH
e3OZDpP46h3WRJTjh2ESLbNTKy+NfoXhfwXgCwA2HUb1VjXs/znaT7SzzQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHT20ZPHQDjFvrgrgTOCVEjbNyS7MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZFBiUms4ZEFPTVctdUN1Qk00SlVTTnMzSkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzASBAIAATAMAwQALVYMAwQA
LZjGMD0EAgACMDcDBQAqDHiEAwUAKg4ahAMHACoPfQAAAQMHACoPvAChxAMHACoT
GMAAAgMFACoTGMMDBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQCUbpgkkdPjbgqI
YnxkAym2JnvCC7Pfp+AZJdJQrTRXHRpOUM2U007DNImEPN6YYyicoDHx7gSYI0lx
I8Xm2BBCsiH/XaM/d9z/uS4hu8NA5I6Uy0Db6nEiT+aeRe0XAZz8Sh3PmLZfKDdV
nTLpo8O/HqxcsGqGEwtChMsPXSHGQo1CZM7Y202koyyrV7xrtLndXYICw5BvrYSu
kbLsMDxxUXhf63A2ukSgnNjInv4QDI/A7W3Ka0vzJTtqXVehN/FI/9oCeHe9WFlL
JKTu8knDw83Dm/sG4K6gOqFger6RWaQgGL2C5RjnRWfadfg9R/4GfyEwKtRfLXRI
HaJK+nfk
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:28 2025 by rpki-client