Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-3MGbCH8ow8zqtYp4nULcx5PDwM.roa
File: 1-3MGbCH8ow8zqtYp4nULcx5PDwM.roa (raw, json)
Hash identifier: PGB/WVhSZYxlHG+xU4ItMtJ8Qehl1apV2tV04HXjy0E=
Subject key identifier: FB:73:06:6C:21:FC:A3:0F:33:AA:D6:29:E2:75:0B:73:1E:4F:0F:03
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018EE184989BE4D078B354F5C8DAD6D933FF
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-3MGbCH8ow8zqtYp4nULcx5PDwM.roa
Signing time: Mon 15 Apr 2024 11:29:07 +0000
ROA not before: Mon 15 Apr 2024 11:29:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 06:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:84:98:9b:e4:d0:78:b3:54:f5:c8:da:d6:d9:33:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Apr 15 11:29:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb73066c21fca30f33aad629e2750b731e4f0f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:6f:63:f6:f2:a8:a3:94:7d:dd:61:f0:aa:
0c:40:db:20:f6:0d:2b:bc:6d:f9:ba:52:02:7f:88:
62:18:bc:e9:8a:17:e7:67:00:33:03:c3:8d:b5:c9:
ea:d4:43:90:18:29:fa:5c:c1:a0:3e:82:d9:4d:16:
bc:8f:e5:c9:44:10:61:ad:dd:12:2b:3a:d2:32:23:
1c:c4:65:53:88:18:6f:6e:5d:1a:10:f3:31:4d:7a:
c1:e1:9c:41:75:99:c2:21:7d:d5:62:19:89:b0:f9:
69:d1:1e:77:83:26:a7:64:15:5e:65:4b:d9:28:f3:
b9:6c:f7:9a:d9:fb:a9:b5:19:a0:2c:ea:7d:87:c4:
1a:fd:6f:0a:4c:86:d0:b5:f0:b5:b7:86:cd:aa:37:
6d:46:43:b3:02:2e:31:48:d3:1d:8a:aa:99:4c:30:
59:92:c4:7a:23:8c:5f:5e:ad:64:2b:8a:2f:f4:74:
fb:e6:6b:20:b2:3e:92:c1:a0:38:6f:c3:00:df:9e:
bb:96:69:38:8b:e2:20:6b:13:d3:45:79:f0:22:8e:
1d:39:97:f0:0b:ad:da:71:c1:98:59:9a:99:d0:41:
ac:0e:1a:82:3b:64:8e:78:b4:14:87:c6:0c:43:57:
b3:e1:4b:ed:9b:32:62:e1:c9:77:4e:41:77:ce:c3:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:73:06:6C:21:FC:A3:0F:33:AA:D6:29:E2:75:0B:73:1E:4F:0F:03
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-3MGbCH8ow8zqtYp4nULcx5PDwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.205.0-93.152.206.255
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
32:7a:08:d6:a6:d9:a8:f9:96:af:5c:7c:63:74:52:65:ae:d6:
f9:79:9c:9e:9b:2e:9d:ab:bb:1d:f3:65:b7:35:ac:4d:85:63:
fa:e1:ef:7e:8b:85:b2:67:5e:af:c7:1c:86:54:1e:8f:cb:e8:
a3:2b:79:9d:66:a6:c5:6a:f6:73:a6:eb:82:44:9a:a6:e2:cf:
5c:26:4d:c7:d2:13:32:9a:c6:4d:fc:bd:06:cf:a4:3c:90:7b:
01:e7:91:26:48:e8:63:27:60:f8:45:4c:74:85:28:61:9b:e9:
e2:9c:8c:a1:9a:6b:03:6b:39:64:86:63:6c:77:42:f3:be:43:
91:a9:7c:f1:20:64:34:31:44:14:af:da:27:73:0f:0d:2e:bb:
2e:eb:00:ee:28:92:af:71:a6:52:7e:7c:56:53:9b:54:f4:9c:
37:b0:85:f4:26:0f:11:ab:a6:f2:69:69:9e:97:c6:a5:44:00:
61:82:c8:a9:41:82:04:7b:a1:30:5e:29:8e:91:f0:d0:ec:f7:
e1:14:c5:c1:79:ef:bc:44:fb:23:6b:81:ba:cb:d2:a8:c1:7f:
ec:31:05:dd:85:4f:07:ff:da:a3:17:65:58:83:6c:49:d2:50:
8c:74:e2:85:eb:11:ed:fe:27:1a:c3:07:68:32:77:21:85:b9:
36:40:13:05
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAY7hhJib5NB4s1T1yNrW2TP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwNDE1MTEyOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjczMDY2YzIxZmNhMzBmMzNhYWQ2MjllMjc1MGI3MzFlNGYwZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0pvY/byqKOUfd1h8KoMQNsg9g0r
vG35ulICf4hiGLzpihfnZwAzA8ONtcnq1EOQGCn6XMGgPoLZTRa8j+XJRBBhrd0S
KzrSMiMcxGVTiBhvbl0aEPMxTXrB4ZxBdZnCIX3VYhmJsPlp0R53gyanZBVeZUvZ
KPO5bPea2fuptRmgLOp9h8Qa/W8KTIbQtfC1t4bNqjdtRkOzAi4xSNMdiqqZTDBZ
ksR6I4xfXq1kK4ov9HT75msgsj6SwaA4b8MA3567lmk4i+IgaxPTRXnwIo4dOZfw
C63accGYWZqZ0EGsDhqCO2SOeLQUh8YMQ1ez4UvtmzJi4cl3TkF3zsNwCwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPtzBmwh/KMPM6rWKeJ1C3MeTw8DMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMS0zTUdiQ0g4b3c4enF0WXA0blVMY3g1UER3TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNh
ZC8xL0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAC2N6AME
AC2N6wMEAFtcLzAMAwQAXZjNAwQAXZjOMAwDBABdmNEDBAJdmNAwDAMEAF2Y1QME
AF2Y2AMEAV2Y3AMEAF2Y3zANBgkqhkiG9w0BAQsFAAOCAQEAMnoI1qbZqPmWr1x8
Y3RSZa7W+Xmcnpsunau7HfNltzWsTYVj+uHvfouFsmder8cchlQej8vooyt5nWam
xWr2c6brgkSapuLPXCZNx9ITMprGTfy9Bs+kPJB7AeeRJkjoYydg+EVMdIUoYZvp
4pyMoZprA2s5ZIZjbHdC875Dkal88SBkNDFEFK/aJ3MPDS67LusA7iiSr3GmUn58
VlObVPScN7CF9CYPEaum8mlpnpfGpUQAYYLIqUGCBHuhMF4pjpHw0Oz34RTFwXnv
vET7I2uBusvSqMF/7DEF3YVPB//aoxdlWINsSdJQjHTihesR7f4nGsMHaDJ3IYW5
NkATBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:28:37 2025 by rpki-client