Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eMtIPZZcdHCW3u8aC-gr742cwi8.roa
File: eMtIPZZcdHCW3u8aC-gr742cwi8.roa (raw, json)
Hash identifier: 3G8Svm3QmPNErR5LRjwy+PLTClWnYo/xZfqCBGLM8dc=
Subject key identifier: 78:CB:48:3D:96:5C:74:70:96:DE:EF:1A:0B:E8:2B:EF:8D:9C:C2:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019109148318ADA5A818287140FA41E21A4C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eMtIPZZcdHCW3u8aC-gr742cwi8.roa
Signing time: Wed 31 Jul 2024 13:57:04 +0000
ROA not before: Wed 31 Jul 2024 13:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0e:15c4::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e1c3::/32 maxlen: 32
2a13:18c0:2::/48 maxlen: 48
2a13:18c3::/32 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:14:83:18:ad:a5:a8:18:28:71:40:fa:41:e2:1a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 31 13:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78cb483d965c747096deef1a0be82bef8d9cc22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:b8:d1:48:ab:10:07:f8:1d:0c:85:42:b7:
18:8d:04:c0:bf:3b:a2:2a:47:ba:31:3c:33:b0:01:
ce:3b:02:38:ce:b0:35:ab:88:e5:3d:fb:37:15:f6:
d2:65:a6:85:1a:27:1b:1c:31:26:aa:37:d3:b0:d0:
cd:d0:d5:da:73:ef:aa:c8:96:9b:1f:33:6c:8e:e8:
bd:9b:fd:c3:8f:e0:0d:44:36:8c:de:62:8e:0a:aa:
55:76:0f:85:b9:81:3b:7c:a3:f8:82:4a:c8:e7:34:
eb:6b:ff:3d:1d:2e:96:1a:70:87:d6:b0:26:8b:78:
3d:76:0e:bc:8f:6d:e9:2a:7b:89:32:37:ed:c0:16:
71:fe:14:ff:ef:68:63:c1:40:8c:61:b7:b9:a6:5c:
f2:c0:25:9c:5f:2b:72:ac:a6:2b:29:5c:cc:4d:f1:
f2:ad:87:36:b6:8c:ca:ae:1a:76:d2:8a:bb:80:99:
24:56:a0:69:c3:6c:c3:b1:2f:38:b3:99:18:70:a0:
3d:18:a3:1c:5d:02:d4:51:9a:27:da:1e:2a:7c:1a:
76:e0:d0:03:c1:81:f5:f4:b5:b0:11:34:09:6e:ea:
bc:80:03:8e:d5:c4:bb:f0:f8:8b:15:d3:f1:30:8c:
11:98:df:f4:de:63:6c:3e:92:73:89:7d:8f:c3:b1:
0a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CB:48:3D:96:5C:74:70:96:DE:EF:1A:0B:E8:2B:EF:8D:9C:C2:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eMtIPZZcdHCW3u8aC-gr742cwi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
IPv6:
2a0e:15c4::/32
2a0e:1a84::/32
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e1c3::/32
2a13:18c0:2::/48
2a13:18c3::/32
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
c7:ae:9b:40:3c:cc:76:28:ec:6e:87:88:8f:9a:de:a2:c8:4e:
3f:3d:d0:c2:f7:99:25:48:01:32:14:72:d9:2a:42:e8:81:fb:
12:b2:23:56:82:ad:9a:29:97:fb:9d:a4:36:5b:cf:6c:f9:cd:
01:ee:df:2f:a9:c2:ea:bd:1a:ce:95:87:2f:db:8a:b3:b0:1f:
b1:18:f4:70:e7:fd:bb:69:f7:10:61:fc:a0:2d:c3:be:90:d7:
57:75:ac:01:1d:15:49:7f:23:7b:47:df:c2:16:2a:82:db:29:
9d:12:46:05:7f:55:d3:81:cf:7f:a7:1c:78:cc:f7:81:db:3f:
34:02:b8:51:f5:6c:65:2d:e4:86:15:84:fa:14:09:21:1e:1a:
13:2b:cc:1c:43:d0:49:ab:eb:d7:ee:2c:cc:0f:02:5a:44:9d:
1b:b1:4b:14:dc:6c:79:10:e3:4a:2e:4b:e8:01:ce:e6:b0:99:
e6:fd:3c:e5:2c:f9:b2:68:84:29:b2:ec:b0:76:5c:6e:4e:84:
a7:fc:fe:0d:c6:be:07:d0:9c:43:bb:eb:04:cf:03:2f:57:9c:
77:57:7a:6f:99:cd:ff:aa:df:e5:ca:7a:7d:ec:f7:fd:89:23:
45:2f:ac:95:93:71:5f:d4:4e:bb:c0:1b:c4:70:c8:d1:3d:a6:
11:fd:be:f2
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZEJFIMYraWoGChxQPpB4hpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzMxMTM1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNiNDgzZDk2NWM3NDcwOTZkZWVmMWEwYmU4MmJlZjhkOWNjMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ly40UirEAf4HQyFQrcYjQTAvzui
Kke6MTwzsAHOOwI4zrA1q4jlPfs3FfbSZaaFGicbHDEmqjfTsNDN0NXac++qyJab
HzNsjui9m/3Dj+ANRDaM3mKOCqpVdg+FuYE7fKP4gkrI5zTra/89HS6WGnCH1rAm
i3g9dg68j23pKnuJMjftwBZx/hT/72hjwUCMYbe5plzywCWcXytyrKYrKVzMTfHy
rYc2tozKrhp20oq7gJkkVqBpw2zDsS84s5kYcKA9GKMcXQLUUZon2h4qfBp24NAD
wYH19LWwETQJbuq8gAOO1cS78PiLFdPxMIwRmN/03mNsPpJziX2Pw7EKbwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFHjLSD2WXHRwlt7vGgvoK++NnMIvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZU10SVBaWmNkSENXM3U4YUMtZ3I3NDJjd2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjASBAIAATAMAwQALVYMAwQA
LZjGMEQEAgACMD4DBQAqDhXEAwUAKg4ahAMHACoPfQAAAQMHACoPvAChxAMFACoP
4cMDBwAqExjAAAIDBQAqExjDAwUDKhMrQDANBgkqhkiG9w0BAQsFAAOCAQEAx66b
QDzMdijsboeIj5reoshOPz3QwveZJUgBMhRy2SpC6IH7ErIjVoKtmimX+52kNlvP
bPnNAe7fL6nC6r0azpWHL9uKs7AfsRj0cOf9u2n3EGH8oC3DvpDXV3WsAR0VSX8j
e0ffwhYqgtspnRJGBX9V04HPf6cceMz3gds/NAK4UfVsZS3khhWE+hQJIR4aEyvM
HEPQSavr1+4szA8CWkSdG7FLFNxseRDjSi5L6AHO5rCZ5v085Sz5smiEKbLssHZc
bk6Ep/z+Dca+B9CcQ7vrBM8DL1ecd1d6b5nN/6rf5cp6fez3/YkjRS+slZNxX9RO
u8AbxHDI0T2mEf2+8g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:23 2025 by rpki-client