Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dLiE_K41R9f-m4DC7f-ehvLSRUk.roa
File: dLiE_K41R9f-m4DC7f-ehvLSRUk.roa (raw, json)
Hash identifier: 7OBFGBB4dTkNG8YstieBJ37JufXu5/45Q4jB+BBrxHU=
Subject key identifier: 74:B8:84:FC:AE:35:47:D7:FE:9B:80:C2:ED:FF:9E:86:F2:D2:45:49
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422204CE75B9E2F36B1F056CB8CB10295
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dLiE_K41R9f-m4DC7f-ehvLSRUk.roa
Signing time: Wed 01 Jan 2025 13:48:49 +0000
ROA not before: Wed 01 Jan 2025 13:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
185.227.146.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 09:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:4c:e7:5b:9e:2f:36:b1:f0:56:cb:8c:b1:02:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74b884fcae3547d7fe9b80c2edff9e86f2d24549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:0f:6b:29:44:05:4c:c1:5c:e3:e5:3d:99:
ec:fe:fa:63:33:78:75:ed:42:bc:af:0e:b9:6f:c7:
16:c0:1c:86:33:cd:72:35:6b:98:7d:b8:ef:a9:84:
db:8e:c8:b2:bd:3d:6d:3d:26:ea:45:e0:13:f2:a9:
89:9e:82:9a:33:50:64:fd:ab:e0:10:a4:9f:c5:be:
6e:11:df:5d:96:5c:ea:31:70:68:0a:29:c8:9a:98:
70:33:6a:23:54:6a:ac:ad:4b:ea:d3:f7:71:3f:5f:
99:e8:1f:83:55:44:b8:58:e8:aa:44:89:ae:cf:b4:
f4:e2:0d:f3:c2:0e:79:46:06:e4:7d:65:ab:8a:23:
56:90:f9:e1:77:c3:8d:6e:29:8b:18:df:a9:b9:d3:
dc:59:03:f6:3c:e8:f6:5f:bc:f0:0e:1e:94:3c:ce:
99:0e:5b:a8:e9:fa:33:22:5e:af:f8:70:07:3c:ce:
99:1f:61:2f:a2:d4:19:35:9f:27:38:5a:a5:e9:82:
7b:07:b0:67:c8:1f:9e:74:12:07:0a:a6:43:9c:eb:
84:8d:59:5a:df:37:fa:57:d8:f0:0c:9a:90:7f:c1:
35:9d:75:4d:a4:e9:c9:9f:d4:2b:b3:67:1d:67:d3:
dc:09:5e:75:1a:06:17:7c:0d:e7:c2:fe:1c:06:c5:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:84:FC:AE:35:47:D7:FE:9B:80:C2:ED:FF:9E:86:F2:D2:45:49
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dLiE_K41R9f-m4DC7f-ehvLSRUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.218.22.0/24
185.227.146.0/24
185.239.140.0/24
185.240.120.0/23
185.246.115.0/24
193.8.112.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ee:7c:3a:af:5e:81:19:da:a3:a2:8e:67:89:70:40:65:aa:
b3:04:7f:2a:06:c5:ed:5e:d7:c1:eb:7e:d5:1e:f2:1b:94:96:
c8:e8:cf:39:00:52:cc:5c:7b:c8:01:0d:a6:e2:a0:c8:95:25:
e3:05:53:ed:2d:31:77:5a:66:fe:95:a8:be:51:8c:a0:7a:22:
21:c5:82:49:e0:75:19:30:b1:e0:50:24:02:7e:18:0f:ad:bb:
0e:cb:fb:4a:b4:68:d0:cd:4e:a6:56:0f:19:95:1e:ab:ef:0a:
4a:77:38:60:9f:95:8f:f5:0a:9d:14:ab:b5:85:f2:a1:dc:9d:
04:3f:b9:e1:67:ab:b3:7f:41:d6:46:b2:e0:aa:47:f0:47:81:
83:03:44:0a:42:47:e1:e1:c4:f8:a4:66:2a:33:d7:2a:4d:a6:
af:0b:9f:1d:68:5b:f9:31:93:26:04:56:83:5a:5a:12:38:d6:
4d:a5:fb:3b:4e:79:18:e3:b1:cc:8e:6b:5d:4d:96:62:aa:d8:
b8:3b:3e:45:12:ab:51:fe:b5:1a:65:b2:75:3c:bc:d5:5f:78:
4d:e7:b7:33:21:e2:11:49:88:91:30:c1:fc:a6:57:63:cf:ba:
17:89:6e:dd:0c:9e:24:f0:48:24:e6:8f:2d:8c:d1:f2:03:3b:
5d:06:52:5b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiIEznW54vNrHwVsuMsQKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI4ODRmY2FlMzU0N2Q3ZmU5YjgwYzJlZGZmOWU4NmYyZDI0NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOQPaylEBUzBXOPlPZns/vpjM3h1
7UK8rw65b8cWwByGM81yNWuYfbjvqYTbjsiyvT1tPSbqReAT8qmJnoKaM1Bk/avg
EKSfxb5uEd9dllzqMXBoCinImphwM2ojVGqsrUvq0/dxP1+Z6B+DVUS4WOiqRImu
z7T04g3zwg55RgbkfWWriiNWkPnhd8ONbimLGN+pudPcWQP2POj2X7zwDh6UPM6Z
Dluo6fozIl6v+HAHPM6ZH2EvotQZNZ8nOFql6YJ7B7BnyB+edBIHCqZDnOuEjVla
3zf6V9jwDJqQf8E1nXVNpOnJn9Qrs2cdZ9PcCV51GgYXfA3nwv4cBsXywQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHS4hPyuNUfX/puAwu3/noby0kVJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZExpRV9LNDFSOWYtbTREQzdmLWVodkxTUlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVoTAwQA
uSTMAwQAuc74AwQAudoWAwQAueOSAwQAue+MAwQBufB4AwQAufZzAwQAwQhwMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ7nw6r16BGdqjoo5niXBAZaqzBH8qBsXtXtfB637V
HvIblJbI6M85AFLMXHvIAQ2m4qDIlSXjBVPtLTF3Wmb+lai+UYygeiIhxYJJ4HUZ
MLHgUCQCfhgPrbsOy/tKtGjQzU6mVg8ZlR6r7wpKdzhgn5WP9QqdFKu1hfKh3J0E
P7nhZ6uzf0HWRrLgqkfwR4GDA0QKQkfh4cT4pGYqM9cqTaavC58daFv5MZMmBFaD
WloSONZNpfs7TnkY47HMjmtdTZZiqti4Oz5FEqtR/rUaZbJ1PLzVX3hN57czIeIR
SYiRMMH8pldjz7oXiW7dDJ4k8Egk5o8tjNHyAztdBlJb
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:24:28 2025 by rpki-client