Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q4o8mxaAHjj5kbUBi1bXWN7nT0Y.roa
File: q4o8mxaAHjj5kbUBi1bXWN7nT0Y.roa (raw, json)
Hash identifier: vgPqxgReTMj4y2h38174KHSF071uGgRBXMDpGZMAAJo=
Subject key identifier: AB:8A:3C:9B:16:80:1E:38:F9:91:B5:01:8B:56:D7:58:DE:E7:4F:46
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01905ABBD92F0E615ECE5D6D62733F6143AF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q4o8mxaAHjj5kbUBi1bXWN7nT0Y.roa
Signing time: Thu 27 Jun 2024 17:26:18 +0000
ROA not before: Thu 27 Jun 2024 17:26:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 30 Jun 2024 11:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5a:bb:d9:2f:0e:61:5e:ce:5d:6d:62:73:3f:61:43:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 27 17:26:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab8a3c9b16801e38f991b5018b56d758dee74f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:96:f3:06:0d:70:f3:a5:0a:f2:0b:96:df:c7:
2b:d0:46:1f:c1:69:24:5c:dd:4c:85:33:70:ea:84:
e7:34:b0:4c:b5:4f:3f:87:1d:da:ec:b2:45:cf:08:
2f:61:e9:eb:3c:0a:5c:2b:78:8e:1a:f9:9a:4e:70:
e9:19:31:6e:25:a6:26:10:12:1f:9e:2f:5f:16:84:
ba:5b:96:38:dd:27:cc:19:e1:c9:dc:ba:ed:ba:12:
83:24:e8:b6:8f:07:ff:a6:e7:72:15:f6:56:20:b5:
34:d9:20:0f:9d:8e:e2:d4:8d:07:54:8e:aa:2a:39:
26:54:b4:95:2a:c6:96:f1:47:92:d9:bc:5a:b1:16:
37:af:ef:8a:e7:b8:19:ed:b2:9f:a3:9a:d7:e1:5b:
21:0d:2d:83:28:03:dc:71:a7:15:d9:6e:64:93:4f:
c2:7f:ac:f0:e7:21:20:ff:9e:18:26:dc:b0:44:91:
71:ba:99:7a:ce:12:e1:fe:8a:bd:56:3c:0e:2a:d2:
46:5b:c8:b7:1c:c1:48:c2:65:8b:f9:ad:17:28:39:
2f:7d:88:97:00:cc:38:cf:f0:3a:15:6f:41:e1:55:
4a:dd:d8:6b:aa:59:99:6d:56:a5:5c:23:f4:3b:73:
e6:38:f3:9d:1d:0c:01:ee:08:e0:c6:52:d6:b4:09:
2f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8A:3C:9B:16:80:1E:38:F9:91:B5:01:8B:56:D7:58:DE:E7:4F:46
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q4o8mxaAHjj5kbUBi1bXWN7nT0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
IPv6:
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:18c3::/32
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:14:43:d1:50:56:93:af:36:a2:fb:6d:18:cd:f4:32:59:3b:
f3:e9:d6:6e:aa:39:13:d1:56:b1:7a:1c:06:af:6f:79:e9:2e:
d2:bc:6a:e5:1d:a2:ec:09:4b:25:f0:52:f6:11:bc:83:84:5a:
75:f6:ca:88:8d:87:1e:ae:2e:77:40:fc:50:2c:f1:b4:03:25:
af:80:b1:1a:ea:92:44:06:df:28:96:8b:64:d5:c9:ec:1b:a6:
db:4f:87:e2:7a:8a:6e:c6:da:37:60:10:f3:25:9c:ce:d7:09:
10:0f:04:14:6c:bd:8f:86:b1:d0:29:a0:f3:45:b9:f7:21:37:
e1:f1:a1:9e:92:44:9a:a9:f5:26:f5:2f:55:cd:fb:6b:dd:42:
4e:e7:cc:2b:96:c8:a7:42:46:76:bb:36:cb:58:f7:cb:49:58:
de:ff:6e:da:70:a4:e2:35:82:0c:5b:f3:97:94:18:5e:ca:ec:
43:e9:d9:31:63:ec:9d:9e:6d:d1:9b:62:3e:46:a1:d2:69:bf:
4b:a5:8e:d8:6b:95:2c:b0:fb:90:32:8c:2c:be:31:9b:4c:d0:
cd:fd:df:6d:8c:52:56:b4:11:07:c8:48:20:6a:9d:a9:f8:80:
8a:ce:1a:b0:08:08:ec:9a:41:53:9f:d3:5d:22:19:b6:1b:6d:
2d:c1:41:5a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZBau9kvDmFezl1tYnM/YUOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjI3MTcyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhhM2M5YjE2ODAxZTM4Zjk5MWI1MDE4YjU2ZDc1OGRlZTc0ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pbzBg1w86UK8guW38cr0EYfwWkk
XN1MhTNw6oTnNLBMtU8/hx3a7LJFzwgvYenrPApcK3iOGvmaTnDpGTFuJaYmEBIf
ni9fFoS6W5Y43SfMGeHJ3LrtuhKDJOi2jwf/pudyFfZWILU02SAPnY7i1I0HVI6q
KjkmVLSVKsaW8UeS2bxasRY3r++K57gZ7bKfo5rX4VshDS2DKAPccacV2W5kk0/C
f6zw5yEg/54YJtywRJFxupl6zhLh/oq9VjwOKtJGW8i3HMFIwmWL+a0XKDkvfYiX
AMw4z/A6FW9B4VVK3dhrqlmZbValXCP0O3PmOPOdHQwB7gjgxlLWtAkvVQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKuKPJsWgB44+ZG1AYtW11je509GMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcTRvOG14YUFIamo1a2JVQmkxYlhXTjduVDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDASBAIAATAMAwQALVYMAwQA
LZjGMDYEAgACMDADBQAqDhqEAwcAKg8tgBKSAwcAKg99AAABAwcAKg+8AKHEAwUA
KhMYwwMFAyoTK0AwDQYJKoZIhvcNAQELBQADggEBAKUUQ9FQVpOvNqL7bRjN9DJZ
O/Pp1m6qORPRVrF6HAavb3npLtK8auUdouwJSyXwUvYRvIOEWnX2yoiNhx6uLndA
/FAs8bQDJa+AsRrqkkQG3yiWi2TVyewbpttPh+J6im7G2jdgEPMlnM7XCRAPBBRs
vY+GsdApoPNFufchN+HxoZ6SRJqp9Sb1L1XN+2vdQk7nzCuWyKdCRna7NstY98tJ
WN7/btpwpOI1ggxb85eUGF7K7EPp2TFj7J2ebdGbYj5GodJpv0uljthrlSyw+5Ay
jCy+MZtM0M39322MUla0EQfISCBqnan4gIrOGrAICOyaQVOf010iGbYbbS3BQVo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:58:12 2025 by rpki-client