Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l76hQlbbOaj9D4-BDKtVA3woWNI.roa
File: l76hQlbbOaj9D4-BDKtVA3woWNI.roa (raw, json)
Hash identifier: xIR7Kaw8pfdTI3jnCh5rPPV8S8bs9JLjKiFEw5JWS/A=
Subject key identifier: 97:BE:A1:42:56:DB:39:A8:FD:0F:8F:81:0C:AB:55:03:7C:28:58:D2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019480D762511C5D75169EFDA26561779225
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l76hQlbbOaj9D4-BDKtVA3woWNI.roa
Signing time: Sun 19 Jan 2025 23:13:06 +0000
ROA not before: Sun 19 Jan 2025 23:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Jan 2025 11:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:80:d7:62:51:1c:5d:75:16:9e:fd:a2:65:61:77:92:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 19 23:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97bea14256db39a8fd0f8f810cab55037c2858d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:3c:1e:78:36:4f:67:3e:2b:cf:57:6a:da:
fe:a2:c7:ff:0a:77:b4:b8:e5:d5:fa:63:6c:60:3c:
de:6d:89:8c:9e:8e:50:73:c7:59:1d:e5:ca:1f:90:
04:49:05:85:f7:fa:ea:53:d6:90:92:c9:5f:4b:32:
e0:b5:d2:e2:aa:7f:88:91:03:4a:54:ee:0b:80:e0:
a4:f5:6b:38:1f:c6:e3:cf:92:5b:05:03:e8:c2:c8:
03:2e:41:1e:4d:47:59:e3:18:4f:dc:de:54:94:b1:
1e:e9:44:26:61:66:5d:30:dc:24:13:7f:ca:db:b2:
aa:68:f0:fe:1c:67:7d:fb:d7:48:4a:8d:40:cc:4f:
1b:db:3e:39:2c:4c:15:36:7c:89:cc:1b:21:53:09:
12:6f:21:0f:86:f3:44:8b:1a:8a:f2:59:23:03:4c:
d1:5e:16:82:a3:b1:ff:eb:52:33:f7:39:fc:ab:cd:
14:2b:ac:f4:8f:ff:3a:80:db:d7:99:10:68:9b:1f:
be:b9:26:28:c1:33:0c:5b:50:e1:a0:c4:07:ad:08:
77:47:35:16:15:ba:96:67:a9:7b:47:90:84:07:7d:
7f:0c:e6:8e:b2:13:78:7f:8b:3a:4d:02:74:af:bb:
3d:64:d2:ab:cb:5f:13:48:a0:6a:8b:17:cf:99:a5:
f6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BE:A1:42:56:DB:39:A8:FD:0F:8F:81:0C:AB:55:03:7C:28:58:D2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l76hQlbbOaj9D4-BDKtVA3woWNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.211.48.0-185.211.50.255
194.36.100.0/22
194.124.64.0/22
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
61:61:22:14:fa:cf:bd:1a:d1:16:67:2a:45:6e:bd:5b:be:54:
26:2e:61:57:c7:4e:1b:87:13:04:6a:86:9d:70:25:10:7e:a9:
dc:e7:da:1c:59:c0:b3:e6:11:af:2f:7d:00:d1:7b:e4:92:54:
d3:fb:e4:18:fa:62:3c:83:e6:72:e8:86:0d:a1:93:8a:9c:ed:
e5:bf:e5:54:b9:eb:92:89:0d:c7:ce:c9:83:49:da:e6:b7:44:
8b:b5:c6:bc:a9:d8:00:de:52:46:ee:b0:7e:fe:ec:c8:56:89:
ab:b4:c5:cc:e7:c0:1e:fa:73:53:64:af:e1:19:c4:40:f5:b7:
b5:9b:a3:a6:d8:70:a0:6d:4a:18:e8:8c:0b:2e:58:99:ec:c5:
ff:c3:a7:52:60:bb:8f:56:cf:2e:83:78:91:76:ec:e8:1e:50:
88:eb:b6:2f:26:ed:64:88:bc:fe:87:60:da:7e:ee:83:9e:3d:
81:7c:f3:da:9f:5c:29:f4:7a:02:86:27:e1:20:90:c1:d6:a1:
03:d9:4b:1b:6d:1a:f4:03:ab:4b:c9:08:90:eb:b7:c3:d8:60:
83:96:84:8b:c1:49:68:f4:4c:13:ce:53:1f:92:db:97:0b:08:
2e:e8:9b:23:ad:aa:bc:46:a8:8e:73:81:cc:30:e8:ae:bb:7f:
1b:7a:3e:57
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZSA12JRHF11Fp79omVhd5IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE5MjMxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JlYTE0MjU2ZGIzOWE4ZmQwZjhmODEwY2FiNTUwMzdjMjg1OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/s8Hng2T2c+K89Xatr+osf/Cne0
uOXV+mNsYDzebYmMno5Qc8dZHeXKH5AESQWF9/rqU9aQkslfSzLgtdLiqn+IkQNK
VO4LgOCk9Ws4H8bjz5JbBQPowsgDLkEeTUdZ4xhP3N5UlLEe6UQmYWZdMNwkE3/K
27KqaPD+HGd9+9dISo1AzE8b2z45LEwVNnyJzBshUwkSbyEPhvNEixqK8lkjA0zR
XhaCo7H/61Iz9zn8q80UK6z0j/86gNvXmRBomx++uSYowTMMW1DhoMQHrQh3RzUW
FbqWZ6l7R5CEB31/DOaOshN4f4s6TQJ0r7s9ZNKry18TSKBqixfPmaX2SwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJe+oUJW2zmo/Q+PgQyrVQN8KFjSMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbDc2aFFsYmJPYWo5RDQtQkRLdFZBM3dvV05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLYgAAwQA
gAB3AwQCuXUUMAwDBAS50zADBAC50zIDBALCJGQDBALCfEADBALDVUQwDQYJKoZI
hvcNAQELBQADggEBAGFhIhT6z70a0RZnKkVuvVu+VCYuYVfHThuHEwRqhp1wJRB+
qdzn2hxZwLPmEa8vfQDRe+SSVNP75Bj6YjyD5nLohg2hk4qc7eW/5VS565KJDcfO
yYNJ2ua3RIu1xryp2ADeUkbusH7+7MhWiau0xcznwB76c1Nkr+EZxED1t7Wbo6bY
cKBtShjojAsuWJnsxf/Dp1Jgu49Wzy6DeJF27OgeUIjrti8m7WSIvP6HYNp+7oOe
PYF889qfXCn0egKGJ+EgkMHWoQPZSxttGvQDq0vJCJDrt8PYYIOWhIvBSWj0TBPO
Ux+S25cLCC7omyOtqrxGqI5zgcww6K67fxt6Plc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:37:40 2025 by rpki-client