Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/45OmJSSNEYA1aEr02mWRpTzxSHI.roa
File: 45OmJSSNEYA1aEr02mWRpTzxSHI.roa (raw, json)
Hash identifier: hXzvtUe5MhGKvUzNZGrPUWNa2qhsLognPS/8BxGG8kc=
Subject key identifier: E3:93:A6:25:24:8D:11:80:35:68:4A:F4:DA:65:91:A5:3C:F1:48:72
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 019528A95CA26D24C067FE350D29A49AE765
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/45OmJSSNEYA1aEr02mWRpTzxSHI.roa
Signing time: Fri 21 Feb 2025 13:19:02 +0000
ROA not before: Fri 21 Feb 2025 13:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 86.54.24.0/24 maxlen: 24
86.54.25.0/24 maxlen: 24
86.54.26.0/24 maxlen: 24
141.98.184.0/22 maxlen: 22
194.9.118.0/24 maxlen: 24
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 26 Feb 2025 09:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:a9:5c:a2:6d:24:c0:67:fe:35:0d:29:a4:9a:e7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Feb 21 13:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e393a625248d118035684af4da6591a53cf14872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:fc:f1:c3:81:6b:2f:b5:2c:53:e2:36:39:
87:73:97:0c:dd:5d:d3:70:4d:84:6d:2c:be:c4:f9:
b2:1e:61:20:41:79:26:5d:da:ef:8a:ea:bc:e1:08:
d4:3d:80:53:e8:c9:d3:53:e1:6d:92:3a:7b:89:b6:
70:17:50:79:ef:09:f3:80:00:08:33:27:6b:b1:c0:
03:ee:71:c2:34:bb:4f:e9:ac:a0:cd:ae:8f:d4:ad:
f4:1a:83:51:01:6b:bb:74:58:9c:db:5a:3b:45:03:
60:61:18:01:a7:3a:a4:34:c5:cf:bb:be:94:c1:e3:
ee:3b:0a:9e:32:0d:5b:7b:a5:96:2d:1f:fb:ea:5b:
86:af:02:cf:1f:87:36:96:b8:09:98:1e:5f:d2:10:
7e:72:56:c3:0c:0d:3f:6b:3a:5f:39:b1:fe:e1:52:
cf:59:93:57:46:d8:a0:88:c3:28:ca:a4:85:1f:3c:
04:0f:5b:a7:17:d3:a3:83:2e:1a:3d:1a:e9:22:e1:
39:61:d5:5a:ab:5d:53:03:19:a7:7e:0d:17:0f:4b:
3a:5c:f7:93:6c:71:d1:52:16:d8:b5:82:ab:ac:f1:
66:d2:cd:13:c4:1f:33:bf:e3:40:aa:7a:2f:8a:af:
c7:21:2c:7c:ce:ba:71:2d:c3:29:1d:9a:b4:86:47:
84:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:93:A6:25:24:8D:11:80:35:68:4A:F4:DA:65:91:A5:3C:F1:48:72
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/45OmJSSNEYA1aEr02mWRpTzxSHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.24.0-86.54.26.255
141.98.184.0/22
194.9.118.0/24
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:5b:a6:eb:4b:64:c2:6e:ff:fe:6b:60:01:91:61:4c:57:e4:
68:80:dd:2e:a0:0f:17:50:82:7c:ad:4c:7c:63:e4:b6:8e:b8:
6c:3d:62:4c:65:ff:c2:bc:f8:00:e7:7b:47:8b:9e:ed:f0:b1:
89:c4:e3:53:fc:c2:1e:68:54:79:f1:9a:1e:c2:65:16:75:ab:
3e:69:6a:eb:45:57:38:b0:bc:c6:8f:8f:45:10:4b:9c:e8:6a:
f6:db:c1:a2:01:ce:dc:94:e4:10:e4:74:16:4f:89:40:45:c6:
52:8d:f5:fb:ae:cf:4d:01:d7:16:c7:ff:6e:70:91:7e:8c:ab:
dc:d5:5d:eb:2c:15:3c:47:66:20:03:68:2b:18:d0:f8:d7:21:
29:cf:c0:2e:e0:1b:72:31:22:e9:1a:71:34:fb:34:c1:44:f0:
6f:14:9a:82:5d:95:e4:c5:35:e7:69:30:6d:77:ab:2b:d1:b6:
85:5a:c8:d8:e9:80:ce:de:2d:7b:b0:bb:aa:11:e6:4b:74:c3:
93:07:3d:a0:87:60:2d:b2:3d:c9:34:22:9d:9f:f1:f6:1a:c4:
6e:cd:95:59:f0:29:71:ad:8d:93:7c:60:99:12:b2:7c:49:a0:
8b:6e:50:11:17:71:e1:01:1d:d0:db:bd:8b:ab:ec:11:4e:87:
74:a3:41:48
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZUoqVyibSTAZ/41DSmkmudlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMjIxMTMxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkzYTYyNTI0OGQxMTgwMzU2ODRhZjRkYTY1OTFhNTNjZjE0ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcn88cOBay+1LFPiNjmHc5cM3V3T
cE2EbSy+xPmyHmEgQXkmXdrviuq84QjUPYBT6MnTU+Ftkjp7ibZwF1B57wnzgAAI
MydrscAD7nHCNLtP6aygza6P1K30GoNRAWu7dFic21o7RQNgYRgBpzqkNMXPu76U
wePuOwqeMg1be6WWLR/76luGrwLPH4c2lrgJmB5f0hB+clbDDA0/azpfObH+4VLP
WZNXRtigiMMoyqSFHzwED1unF9Ojgy4aPRrpIuE5YdVaq11TAxmnfg0XD0s6XPeT
bHHRUhbYtYKrrPFm0s0TxB8zv+NAqnoviq/HISx8zrpxLcMpHZq0hkeEvQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOOTpiUkjRGANWhK9NplkaU88UhyMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvNDVPbUpTU05FWUExYUVyMDJtV1JwVHp4U0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANWNhgD
BABWNhoDBAKNYrgDBADCCXYwDQQCAAIwBwMFAyoTbEAwDQYJKoZIhvcNAQELBQAD
ggEBAI5bputLZMJu//5rYAGRYUxX5GiA3S6gDxdQgnytTHxj5LaOuGw9Ykxl/8K8
+ADne0eLnu3wsYnE41P8wh5oVHnxmh7CZRZ1qz5pautFVziwvMaPj0UQS5zoavbb
waIBztyU5BDkdBZPiUBFxlKN9fuuz00B1xbH/25wkX6Mq9zVXessFTxHZiADaCsY
0PjXISnPwC7gG3IxIukacTT7NMFE8G8UmoJdleTFNedpMG13qyvRtoVayNjpgM7e
LXuwu6oR5kt0w5MHPaCHYC2yPck0Ip2f8fYaxG7NlVnwKXGtjZN8YJkSsnxJoItu
UBEXceEBHdDbvYur7BFOh3SjQUg=
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:27:47 2025 by rpki-client