Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/k56M37yoQjdkbTw_cyhby3IXZPs.roa
File: k56M37yoQjdkbTw_cyhby3IXZPs.roa (raw, json)
Hash identifier: i11rWeYVqkktqAebaAkwIXaM2/GkzVTXqtVveJA7gWk=
Subject key identifier: 93:9E:8C:DF:BC:A8:42:37:64:6D:3C:3F:73:28:5B:CB:72:17:64:FB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019077FB0854BD4F23BE3CAE34C7FD263081
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/k56M37yoQjdkbTw_cyhby3IXZPs.roa
Signing time: Wed 03 Jul 2024 09:44:18 +0000
ROA not before: Wed 03 Jul 2024 09:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0e:15c4::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:18c0:2::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jul 2024 12:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:fb:08:54:bd:4f:23:be:3c:ae:34:c7:fd:26:30:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 3 09:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=939e8cdfbca84237646d3c3f73285bcb721764fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:5e:58:4e:a7:d4:1d:6e:b4:e3:af:6a:97:
f3:c7:77:64:14:c9:ce:4a:ea:49:b5:99:7a:48:e4:
8b:4d:1f:b6:3b:e9:a0:2b:88:21:f4:4a:d6:c9:0d:
85:f6:89:75:d0:10:89:dd:6d:34:e2:b1:fa:62:8d:
7f:39:cc:8c:e3:e8:82:2a:cd:a8:e1:35:7c:62:33:
14:28:55:11:3f:3a:c7:31:25:e1:a5:78:09:8b:61:
d8:78:63:29:22:95:81:70:07:11:3f:2f:03:7d:b3:
3d:f4:60:a2:7e:94:c6:79:21:29:ba:11:6e:a9:82:
95:9d:4d:02:e7:8e:9c:bb:3b:36:1e:3e:a5:2b:f8:
b0:43:86:bb:83:e2:b4:1a:18:0a:5b:68:3f:5e:61:
ba:dc:4f:f8:6d:02:a6:d5:18:2e:4e:16:80:64:39:
03:49:b8:51:5d:6b:17:94:d4:f4:61:20:e8:a6:4d:
df:00:bf:f5:54:af:a5:82:d7:00:0f:cf:90:b7:29:
71:a4:3c:76:87:b9:5d:0c:28:9a:08:4c:55:f2:6e:
3c:e1:4b:63:71:b3:b6:df:df:cb:12:81:cf:72:63:
41:46:dd:50:0a:7d:4d:35:20:11:f9:49:b6:f3:04:
2e:04:b6:d3:d5:2f:63:d1:0c:be:bd:02:15:36:3d:
8e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9E:8C:DF:BC:A8:42:37:64:6D:3C:3F:73:28:5B:CB:72:17:64:FB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/k56M37yoQjdkbTw_cyhby3IXZPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
IPv6:
2a0e:15c4::/32
2a0e:1a84::/32
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:18c0:2::/48
2a13:18c3::/32
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
78:d6:88:9f:73:f6:f7:5a:00:cd:a7:ba:19:47:32:86:ef:bd:
a9:5b:12:39:05:86:91:4f:6d:d3:e3:d5:f8:7c:26:3d:d0:b7:
40:02:68:4e:4b:4c:ee:01:fb:81:96:ea:87:fc:6c:f9:59:0e:
5a:60:f6:5d:19:fd:82:6f:e5:a7:74:a2:40:a5:ed:e9:97:9c:
8d:d1:62:61:b6:a9:29:cb:8e:54:70:17:3c:f4:7a:8b:63:2b:
05:ce:ef:c0:8c:b7:b8:89:64:f9:92:a9:66:56:ff:74:53:8b:
13:c0:f5:73:9b:b9:7b:46:42:4c:17:c5:89:2c:fa:e7:53:8e:
91:44:1a:78:19:23:e9:47:fc:47:1a:c5:b3:2d:7f:6c:47:c0:
01:ed:89:04:74:9d:e0:3a:85:18:83:fa:2f:e1:4e:1f:f1:c2:
ce:d9:a1:b2:5c:d5:0b:7b:9b:f3:a6:42:cb:bc:be:b7:e3:15:
ed:d5:58:ea:15:36:50:02:f4:8e:42:96:be:cc:5c:0c:f4:02:
a1:ce:a8:f7:fc:e5:59:79:6b:99:e2:d8:93:cb:f5:2a:0b:e8:
4f:a0:78:d0:62:6f:f4:cd:88:b8:aa:fc:e8:ec:b5:c2:f6:e5:
0e:ae:1a:52:13:42:b3:71:cc:4b:d9:cc:b1:1f:f0:60:9b:ec:
2d:37:47:38
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZB3+whUvU8jvjyuNMf9JjCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzAzMDk0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzllOGNkZmJjYTg0MjM3NjQ2ZDNjM2Y3MzI4NWJjYjcyMTc2NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRheWE6n1B1utOOvapfzx3dkFMnO
SupJtZl6SOSLTR+2O+mgK4gh9ErWyQ2F9ol10BCJ3W004rH6Yo1/OcyM4+iCKs2o
4TV8YjMUKFURPzrHMSXhpXgJi2HYeGMpIpWBcAcRPy8DfbM99GCifpTGeSEpuhFu
qYKVnU0C546cuzs2Hj6lK/iwQ4a7g+K0GhgKW2g/XmG63E/4bQKm1RguThaAZDkD
SbhRXWsXlNT0YSDopk3fAL/1VK+lgtcAD8+QtylxpDx2h7ldDCiaCExV8m484Utj
cbO239/LEoHPcmNBRt1QCn1NNSAR+Um28wQuBLbT1S9j0Qy+vQIVNj2OxQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJOejN+8qEI3ZG08P3MoW8tyF2T7MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvazU2TTM3eW9RamRrYlR3X2N5aGJ5M0lYWlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzASBAIAATAMAwQALVYMAwQA
LZjGMD0EAgACMDcDBQAqDhXEAwUAKg4ahAMHACoPfQAAAQMHACoPvAChxAMHACoT
GMAAAgMFACoTGMMDBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQB41oifc/b3WgDN
p7oZRzKG772pWxI5BYaRT23T49X4fCY90LdAAmhOS0zuAfuBluqH/Gz5WQ5aYPZd
Gf2Cb+WndKJApe3pl5yN0WJhtqkpy45UcBc89HqLYysFzu/AjLe4iWT5kqlmVv90
U4sTwPVzm7l7RkJMF8WJLPrnU46RRBp4GSPpR/xHGsWzLX9sR8AB7YkEdJ3gOoUY
g/ov4U4f8cLO2aGyXNULe5vzpkLLvL634xXt1VjqFTZQAvSOQpa+zFwM9AKhzqj3
/OVZeWuZ4tiTy/UqC+hPoHjQYm/0zYi4qvzo7LXC9uUOrhpSE0KzccxL2cyxH/Bg
m+wtN0c4
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:23:22 2025 by rpki-client