Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/prfqtNXhQwgobj3WYmpNg-3oflI.roa
File: prfqtNXhQwgobj3WYmpNg-3oflI.roa (raw, json)
Hash identifier: AsU0a9YFUAK5PwGpcwQQPBDmvVbNR9h9LRKpWyeVN1E=
Subject key identifier: A6:B7:EA:B4:D5:E1:43:08:28:6E:3D:D6:62:6A:4D:83:ED:E8:7E:52
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194905572C611CD010E2C714A096943E41A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/prfqtNXhQwgobj3WYmpNg-3oflI.roa
Signing time: Wed 22 Jan 2025 23:25:06 +0000
ROA not before: Wed 22 Jan 2025 23:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Jan 2025 23:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:90:55:72:c6:11:cd:01:0e:2c:71:4a:09:69:43:e4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 22 23:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6b7eab4d5e14308286e3dd6626a4d83ede87e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0e:87:b7:00:5a:4a:07:96:d0:9e:e6:fa:1d:
fe:7e:bf:51:54:d1:2b:02:51:76:9b:44:f9:ba:15:
09:87:00:c8:0a:07:86:7f:2f:aa:5d:af:c9:d0:9e:
79:49:23:be:74:93:40:84:ec:4f:14:e7:84:11:0e:
75:ed:d9:8d:a6:58:db:b2:07:fd:f8:84:6f:4a:9d:
93:23:fb:5c:16:c6:85:33:fc:18:16:0f:2e:05:e9:
0a:9a:5c:5c:bf:f6:a6:63:42:ec:51:76:e5:da:91:
85:56:95:bd:d0:d2:e0:d6:ea:75:05:2e:87:1a:cc:
a5:77:27:84:ea:fc:9f:33:cb:60:f1:5a:33:80:d0:
75:c4:dc:13:f7:d8:57:18:43:8a:f0:7c:08:27:06:
bd:4a:2b:81:3a:56:e8:b5:49:37:77:37:29:3f:4f:
fd:98:35:68:ca:d5:da:8f:34:9e:1e:8a:45:af:80:
c4:74:e9:d8:fe:dd:09:3a:2b:d2:9c:c7:3b:74:9a:
90:4b:83:90:55:93:30:b4:1e:a2:d4:54:36:7a:2a:
23:8a:bc:c0:2c:1c:27:83:6f:25:0b:b2:04:ad:8b:
8a:eb:44:5f:8d:b2:c8:69:4d:db:97:4a:44:9a:f1:
5c:bf:98:57:ed:e6:80:ad:0b:ac:10:22:ab:e9:4a:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B7:EA:B4:D5:E1:43:08:28:6E:3D:D6:62:6A:4D:83:ED:E8:7E:52
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/prfqtNXhQwgobj3WYmpNg-3oflI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/24
185.117.22.0/23
185.211.48.0-185.211.50.255
193.201.208.0/23
194.36.100.0/22
194.124.64.0/24
194.124.66.0/23
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
a2:c2:56:11:87:ce:71:9d:1a:63:44:0f:6c:c9:a3:40:cb:86:
89:94:d3:b7:a8:31:cd:bb:f2:8e:26:77:af:60:63:ca:72:46:
a7:f3:d2:b7:bc:9f:4d:3f:23:53:9f:63:11:65:cc:fc:99:93:
91:71:59:65:65:31:2f:f9:d9:9c:9b:05:8d:80:b3:fc:f0:0b:
01:42:e5:76:7e:79:a3:44:05:5d:40:1c:d6:45:7e:37:ae:96:
62:70:e1:69:73:fc:7e:05:09:3d:68:40:ec:d4:a2:f6:8f:32:
17:e6:09:e9:21:53:49:ef:fc:d8:d3:92:32:93:8c:dd:8a:ec:
c2:26:5d:4d:a5:31:a9:52:04:47:51:74:23:5c:f6:c8:dd:c9:
fa:4c:86:84:ae:8a:64:5c:fd:e7:ff:73:ce:18:ce:51:78:dc:
16:0f:0c:19:68:a0:a3:78:e9:4b:7c:59:aa:ca:31:d3:83:1d:
c4:03:83:ab:0a:39:97:8f:6c:38:fe:26:96:f3:6b:cc:63:0e:
fb:98:57:cb:55:62:36:f3:78:8f:03:23:bf:dd:34:e0:d8:df:
ac:8d:dc:c7:48:76:a9:45:bb:50:5c:2d:b5:95:8d:0d:4e:85:
f9:1a:f6:d9:67:4a:d9:ff:19:4f:46:49:f2:4a:8c:5e:13:da:
55:e9:78:c4
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZSQVXLGEc0BDixxSglpQ+QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTIyMjMyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI3ZWFiNGQ1ZTE0MzA4Mjg2ZTNkZDY2MjZhNGQ4M2VkZTg3ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow6HtwBaSgeW0J7m+h3+fr9RVNEr
AlF2m0T5uhUJhwDICgeGfy+qXa/J0J55SSO+dJNAhOxPFOeEEQ517dmNpljbsgf9
+IRvSp2TI/tcFsaFM/wYFg8uBekKmlxcv/amY0LsUXbl2pGFVpW90NLg1up1BS6H
GsyldyeE6vyfM8tg8VozgNB1xNwT99hXGEOK8HwIJwa9SiuBOlbotUk3dzcpP0/9
mDVoytXajzSeHopFr4DEdOnY/t0JOivSnMc7dJqQS4OQVZMwtB6i1FQ2eiojirzA
LBwng28lC7IErYuK60RfjbLIaU3bl0pEmvFcv5hX7eaArQusECKr6UprZwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKa36rTV4UMIKG491mJqTYPt6H5SMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvcHJmcXROWGhRd2dvYmozV1ltcE5nLTNvZmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCLYgAAwQA
gAB3AwQAuXUUAwQBuXUWMAwDBAS50zADBAC50zIDBAHBydADBALCJGQDBADCfEAD
BAHCfEIwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0BAQsFAAOCAQEAosJWEYfOcZ0a
Y0QPbMmjQMuGiZTTt6gxzbvyjiZ3r2BjynJGp/PSt7yfTT8jU59jEWXM/JmTkXFZ
ZWUxL/nZnJsFjYCz/PALAULldn55o0QFXUAc1kV+N66WYnDhaXP8fgUJPWhA7NSi
9o8yF+YJ6SFTSe/82NOSMpOM3YrswiZdTaUxqVIER1F0I1z2yN3J+kyGhK6KZFz9
5/9zzhjOUXjcFg8MGWigo3jpS3xZqsox04MdxAODqwo5l49sOP4mlvNrzGMO+5hX
y1ViNvN4jwMjv9004NjfrI3cx0h2qUW7UFwttZWNDU6F+Rr22WdK2f8ZT0ZJ8kqM
XhPaVel4xA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:42:37 2025 by rpki-client