Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3flAmxNDSlqgJnoqJaA2W5AtJts.roa
File: 3flAmxNDSlqgJnoqJaA2W5AtJts.roa (raw, json)
Hash identifier: Lou7GO8agkJeKThntPQMDxunYFJaSOiEZt9E1A4F6pc=
Subject key identifier: DD:F9:40:9B:13:43:4A:5A:A0:26:7A:2A:25:A0:36:5B:90:2D:26:DB
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019470630C466AFAC07576A3C97ABA107E4D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3flAmxNDSlqgJnoqJaA2W5AtJts.roa
Signing time: Thu 16 Jan 2025 18:32:06 +0000
ROA not before: Thu 16 Jan 2025 18:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 22:12:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:63:0c:46:6a:fa:c0:75:76:a3:c9:7a:ba:10:7e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 16 18:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddf9409b13434a5aa0267a2a25a0365b902d26db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6b:98:72:ec:44:27:a3:b2:f5:30:2c:fe:0d:
1e:00:2d:34:99:f2:41:2a:94:78:b8:d4:de:d0:76:
ba:d3:45:76:ba:e5:ee:58:4a:95:50:59:49:d5:e2:
06:26:73:c6:bd:ff:3f:59:b9:6f:86:80:1b:5c:6e:
0b:f8:d9:65:91:35:52:9c:f9:42:4c:ac:0d:51:7c:
0e:4b:4f:5e:04:ab:60:41:65:73:2a:70:9b:6e:51:
8a:e2:8a:57:ed:9c:c2:aa:1d:4d:15:86:25:7a:8d:
11:78:a5:0a:41:12:be:29:41:24:5c:83:ce:25:2d:
3a:37:bf:15:18:9f:0d:95:a4:37:82:0e:1a:19:90:
29:c9:ee:8c:59:2a:5e:6b:08:27:39:a0:fa:28:82:
07:45:4e:7b:24:83:a7:0e:75:a8:d3:ba:0d:0a:fc:
ce:df:3d:b3:3b:09:0e:49:dc:14:50:35:00:93:4a:
a8:26:02:c9:da:13:65:52:42:87:ba:21:53:b2:f9:
71:e9:aa:2a:1e:bf:b4:0c:2b:ca:a2:5b:d9:e9:eb:
03:d5:28:50:f6:3b:6a:00:df:c7:ae:86:b6:a4:9b:
fb:12:ac:da:7e:20:55:a1:a4:3c:96:c1:c7:bb:11:
11:f3:83:2b:54:57:9a:69:3f:3d:11:97:88:67:4f:
45:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F9:40:9B:13:43:4A:5A:A0:26:7A:2A:25:A0:36:5B:90:2D:26:DB
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3flAmxNDSlqgJnoqJaA2W5AtJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.211.48.0-185.211.50.255
194.36.100.0/24
194.124.64.0/22
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:f8:8f:7d:1c:c0:ac:d1:a5:bb:02:04:7b:90:c2:d3:69:f3:
7c:f9:22:91:57:a2:42:0b:08:49:d4:60:3c:4f:7b:4f:35:47:
80:dc:94:c9:88:1f:fc:3d:88:85:fe:ba:a1:e4:93:90:91:17:
e5:91:1c:32:2f:a8:3b:14:e2:82:ff:9a:dc:ee:3f:12:e7:e8:
df:f9:db:ca:ef:13:18:bd:d0:dd:b5:a9:64:22:4b:f6:2c:b1:
b7:36:1a:0d:f7:ab:0b:ab:7b:d1:f1:a9:ac:d3:74:22:4e:c6:
50:d0:fd:04:7a:02:37:2c:e1:54:30:0d:3a:15:7a:0b:f0:ef:
5a:35:4d:80:90:df:f9:73:d4:a0:eb:09:71:a7:ec:dc:aa:59:
c0:43:ac:9c:a2:07:a0:69:6f:91:9f:fa:7b:d1:9f:e7:3a:3e:
58:a1:78:99:3f:73:78:97:ce:1b:41:9f:19:06:8c:78:e6:ff:
f7:dd:3f:c6:36:1f:46:0b:05:0b:85:77:21:a0:5f:59:4b:23:
36:f6:16:d8:49:72:4d:8e:c4:c9:5b:75:4e:a8:e1:47:f4:62:
5f:ce:5d:b0:fa:6a:bd:f9:74:e8:08:06:19:76:fc:b8:98:3f:
50:4a:be:10:70:2a:bb:ab:22:28:b6:0f:b3:51:0f:ce:03:70:
53:30:b1:cc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZRwYwxGavrAdXajyXq6EH5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE2MTgzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY5NDA5YjEzNDM0YTVhYTAyNjdhMmEyNWEwMzY1YjkwMmQyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWuYcuxEJ6Oy9TAs/g0eAC00mfJB
KpR4uNTe0Ha600V2uuXuWEqVUFlJ1eIGJnPGvf8/WblvhoAbXG4L+NllkTVSnPlC
TKwNUXwOS09eBKtgQWVzKnCbblGK4opX7ZzCqh1NFYYleo0ReKUKQRK+KUEkXIPO
JS06N78VGJ8NlaQ3gg4aGZApye6MWSpeawgnOaD6KIIHRU57JIOnDnWo07oNCvzO
3z2zOwkOSdwUUDUAk0qoJgLJ2hNlUkKHuiFTsvlx6aoqHr+0DCvKolvZ6esD1ShQ
9jtqAN/Hroa2pJv7EqzafiBVoaQ8lsHHuxER84MrVFeaaT89EZeIZ09FZQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFN35QJsTQ0paoCZ6KiWgNluQLSbbMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvM2ZsQW14TkRTbHFnSm5vcUphQTJXNUF0SnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLYgAAwQA
gAB3AwQCuXUUMAwDBAS50zADBAC50zIDBADCJGQDBALCfEADBALDVUQwDQYJKoZI
hvcNAQELBQADggEBAM/4j30cwKzRpbsCBHuQwtNp83z5IpFXokILCEnUYDxPe081
R4DclMmIH/w9iIX+uqHkk5CRF+WRHDIvqDsU4oL/mtzuPxLn6N/528rvExi90N21
qWQiS/Yssbc2Gg33qwure9HxqazTdCJOxlDQ/QR6Ajcs4VQwDToVegvw71o1TYCQ
3/lz1KDrCXGn7NyqWcBDrJyiB6Bpb5Gf+nvRn+c6PliheJk/c3iXzhtBnxkGjHjm
//fdP8Y2H0YLBQuFdyGgX1lLIzb2FthJck2OxMlbdU6o4Uf0Yl/OXbD6ar35dOgI
Bhl2/LiYP1BKvhBwKrurIii2D7NRD84DcFMwscw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:11 2025 by rpki-client