Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M4qOH-3TBjIIlq6svWu8Hfkv7GA.roa
File: M4qOH-3TBjIIlq6svWu8Hfkv7GA.roa (raw, json)
Hash identifier: BmYfJ0eTd38xqW79RgvSqJg1zejA4Lw6chlccwmp+mc=
Subject key identifier: 33:8A:8E:1F:ED:D3:06:32:08:96:AE:AC:BD:6B:BC:1D:F9:2F:EC:60
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01941C6C81D47FD10FAD0A3EE7652DE90A59
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M4qOH-3TBjIIlq6svWu8Hfkv7GA.roa
Signing time: Tue 31 Dec 2024 11:14:20 +0000
ROA not before: Tue 31 Dec 2024 11:14:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
185.227.146.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:6c:81:d4:7f:d1:0f:ad:0a:3e:e7:65:2d:e9:0a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 31 11:14:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=338a8e1fedd306320896aeacbd6bbc1df92fec60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:01:c4:a5:ca:d5:a4:33:e1:69:f0:45:2a:
75:3c:1c:c6:74:f3:5c:ec:3d:fb:1b:9d:cf:80:4d:
b8:e1:83:4c:5c:a5:dc:21:f9:d6:f6:b8:d7:00:c3:
f0:4b:29:7a:01:24:7c:48:c9:b9:2c:af:dd:6d:44:
cb:78:29:51:0e:9a:d1:ac:52:41:d4:93:38:03:36:
03:73:18:16:06:3b:a8:2e:c1:38:b1:69:6e:d3:ed:
e6:9b:d9:6f:54:e4:02:6b:e5:ac:15:69:58:d6:b3:
b8:fd:bd:fa:e4:a8:12:4a:25:90:c5:aa:aa:59:d0:
f4:cb:7c:8e:83:7d:89:03:4a:c4:ff:80:ae:74:e0:
61:11:10:aa:1c:14:a8:11:cd:8f:d5:5e:be:19:80:
90:cf:9d:51:5c:66:20:4a:d7:9d:76:df:04:90:3e:
fb:fd:60:17:df:6e:83:be:bf:1e:b5:d2:3a:47:e0:
70:26:bc:85:4a:24:ad:7d:12:cf:5b:de:13:e9:2c:
1e:bd:82:4d:d9:67:d2:c5:cf:7d:8d:a9:5f:e7:53:
7d:6c:dc:f2:0e:3c:06:9a:08:90:bd:7e:86:3d:b1:
0b:85:61:fe:f8:62:cd:3d:b4:55:04:ae:2d:20:8b:
64:29:10:d6:21:09:30:5d:09:fd:80:42:cf:bb:03:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8A:8E:1F:ED:D3:06:32:08:96:AE:AC:BD:6B:BC:1D:F9:2F:EC:60
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M4qOH-3TBjIIlq6svWu8Hfkv7GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.218.22.0/24
185.227.146.0/24
185.239.140.0/24
185.240.120.0/23
185.246.115.0/24
193.8.112.0/24
Signature Algorithm: sha256WithRSAEncryption
10:46:fc:d8:10:77:32:d3:02:f0:16:67:37:22:57:4a:0c:c1:
77:b5:35:20:7d:d5:38:7b:3a:3f:1e:7b:61:6d:52:92:18:86:
b8:d8:dc:d8:4a:24:73:ee:8c:0a:ba:37:83:c1:7d:bd:d5:4d:
cf:c1:6c:ff:9c:ed:ab:bc:09:ff:3b:25:e0:b4:46:e2:75:d1:
09:ed:7d:bd:0a:5c:af:10:4a:3c:59:23:96:f3:33:17:9c:c2:
bb:70:1f:31:51:c6:4e:d9:ac:b3:b8:7d:8d:a5:e8:c5:bc:cd:
02:79:15:9a:cf:8e:9f:34:4e:76:40:65:1b:23:6d:1c:86:1d:
20:95:75:05:a1:1c:5e:00:88:5d:8b:13:96:cc:66:e2:48:5c:
0f:b9:95:12:bb:ea:00:85:ff:2c:be:0e:a5:54:7e:2a:62:40:
55:b5:36:4a:0e:a9:f6:ac:dc:56:d0:44:18:06:41:b3:6f:8b:
9a:fc:76:a6:54:c3:2a:e3:99:cd:33:a9:f4:d3:d6:45:ac:a5:
62:45:0d:db:bf:88:4d:5c:8d:a8:51:95:b4:ca:0f:9a:18:78:
0d:bb:75:d0:85:54:d6:eb:b3:67:fb:1b:9f:fa:cd:39:18:4d:
3f:ea:e4:c2:08:4e:4a:2d:8f:96:e1:a9:ab:e3:5c:3c:0e:f6:
19:f7:fe:d6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQcbIHUf9EPrQo+52Ut6QpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjMxMTExNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhhOGUxZmVkZDMwNjMyMDg5NmFlYWNiZDZiYmMxZGY5MmZlYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVYBxKXK1aQz4WnwRSp1PBzGdPNc
7D37G53PgE244YNMXKXcIfnW9rjXAMPwSyl6ASR8SMm5LK/dbUTLeClRDprRrFJB
1JM4AzYDcxgWBjuoLsE4sWlu0+3mm9lvVOQCa+WsFWlY1rO4/b365KgSSiWQxaqq
WdD0y3yOg32JA0rE/4CudOBhERCqHBSoEc2P1V6+GYCQz51RXGYgSteddt8EkD77
/WAX326Dvr8etdI6R+BwJryFSiStfRLPW94T6SwevYJN2WfSxc99jalf51N9bNzy
DjwGmgiQvX6GPbELhWH++GLNPbRVBK4tIItkKRDWIQkwXQn9gELPuwO3owIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDOKjh/t0wYyCJaurL1rvB35L+xgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTTRxT0gtM1RCaklJbHE2c3ZXdThIZmt2N0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVoTAwQA
uSTMAwQAuc74AwQAudoWAwQAueOSAwQAue+MAwQBufB4AwQAufZzAwQAwQhwMA0G
CSqGSIb3DQEBCwUAA4IBAQAQRvzYEHcy0wLwFmc3IldKDMF3tTUgfdU4ezo/Hnth
bVKSGIa42NzYSiRz7owKujeDwX291U3PwWz/nO2rvAn/OyXgtEbiddEJ7X29Clyv
EEo8WSOW8zMXnMK7cB8xUcZO2ayzuH2NpejFvM0CeRWaz46fNE52QGUbI20chh0g
lXUFoRxeAIhdixOWzGbiSFwPuZUSu+oAhf8svg6lVH4qYkBVtTZKDqn2rNxW0EQY
BkGzb4ua/HamVMMq45nNM6n009ZFrKViRQ3bv4hNXI2oUZW0yg+aGHgNu3XQhVTW
67Nn+xuf+s05GE0/6uTCCE5KLY+W4amr41w8DvYZ9/7W
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:38:54 2025 by rpki-client