Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/IOMjdokz1YYnp8LzTUiSqwYWMeU.roa
File: IOMjdokz1YYnp8LzTUiSqwYWMeU.roa (raw, json)
Hash identifier: H3ZHoLmhdrJ/FLg2fkvOBTcsyIubEYv2crBlJwQ42QI=
Subject key identifier: 20:E3:23:76:89:33:D5:86:27:A7:C2:F3:4D:48:92:AB:06:16:31:E5
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 018ED6E0E58DEB6494DFCB9E11A13FAE7D65
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/IOMjdokz1YYnp8LzTUiSqwYWMeU.roa
Signing time: Sat 13 Apr 2024 09:54:06 +0000
ROA not before: Sat 13 Apr 2024 09:54:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 45.139.156.0/22 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.6.0/24 maxlen: 24
85.158.7.0/24 maxlen: 24
93.92.128.0/21 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.133.0/24 maxlen: 24
93.92.134.0/23 maxlen: 23
185.8.8.0/22 maxlen: 24
185.8.8.0/24 maxlen: 24
192.42.65.0/24 maxlen: 24
193.41.116.0/23 maxlen: 24
194.126.239.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
195.177.233.0/24 maxlen: 24
2a00:12e8::/32 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:200::/40 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8:600::/40 maxlen: 40
2a00:12e8:800::/40 maxlen: 48
2a00:12e8:f111::/48 maxlen: 48
2a00:12e8:f123::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:e0:e5:8d:eb:64:94:df:cb:9e:11:a1:3f:ae:7d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Apr 13 09:54:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20e323768933d58627a7c2f34d4892ab061631e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0e:07:8e:d7:e6:06:a6:11:20:63:df:a0:57:
09:35:3a:57:90:65:2a:b6:8c:d7:8f:f8:cc:8c:f7:
11:6b:17:ad:e8:e0:22:b9:18:1e:a7:21:54:e4:f2:
26:d4:a6:82:c0:3e:72:dd:ca:53:01:d7:3e:25:05:
60:ba:ad:02:92:4d:15:15:e9:68:c0:c1:0f:d9:5e:
bc:20:dd:66:8a:b5:48:35:97:18:76:d7:43:fd:15:
6b:07:24:cc:d4:64:bf:4b:da:e1:e0:43:3c:cf:a7:
af:f1:92:73:f4:9c:ec:c2:25:6b:e0:be:7e:fd:ce:
ab:63:a0:28:37:d4:cf:4a:56:10:55:89:1b:8a:9c:
bd:f2:42:3a:40:52:ae:a7:ea:86:f9:64:12:b5:7c:
12:f5:41:ed:4c:db:c4:cf:25:46:82:e4:dc:3f:64:
63:18:5b:9d:98:bc:90:30:44:4e:7d:fb:cb:80:e1:
c1:5c:fa:14:34:80:97:57:a8:93:d0:7e:0f:d2:ac:
fb:86:ff:ad:b5:89:cd:28:26:9f:25:f6:8b:3f:c7:
b0:bd:eb:d3:5b:8d:69:16:88:8f:b1:01:29:17:63:
04:d7:55:19:e8:4f:9b:63:2f:a8:df:e9:a5:a0:ef:
03:b1:bd:a5:52:d0:3a:13:f5:87:76:d2:1a:31:ec:
25:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E3:23:76:89:33:D5:86:27:A7:C2:F3:4D:48:92:AB:06:16:31:E5
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/IOMjdokz1YYnp8LzTUiSqwYWMeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
192.42.65.0/24
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
2a:7f:1b:4f:e6:d2:54:56:59:52:a0:9b:3f:6d:30:9e:6e:b7:
e4:bc:89:03:d0:83:e9:85:5b:24:f1:74:f9:de:86:d6:84:74:
a5:e1:b8:35:73:0a:be:2f:25:43:17:17:8d:8e:24:cc:4a:18:
86:28:52:de:53:a2:a2:da:db:3c:d7:98:6b:a5:72:d5:39:06:
7c:31:4a:e1:f2:d6:2d:36:12:c7:e4:84:2d:59:73:41:bd:13:
48:3c:57:b1:ef:4c:8e:96:62:58:d1:e7:52:90:80:8b:5f:eb:
f3:ae:3a:02:ce:41:5e:39:29:12:01:93:2d:91:9d:84:81:40:
e5:9e:0b:50:de:9c:2d:5e:ce:dc:c3:5d:90:02:2c:df:7a:9b:
1f:a1:bb:5f:d7:0b:cf:b2:8f:df:19:ab:25:1a:19:e5:c1:45:
04:77:61:aa:31:1e:70:5c:10:4c:b2:ae:a5:8e:4b:43:31:bf:
a6:04:9e:d4:02:4f:1a:8a:56:9f:0a:96:b2:14:32:8b:69:ac:
a2:3c:03:c3:41:12:a5:d6:9a:ce:75:79:06:0d:f5:c0:e8:94:
cb:69:94:21:cd:59:79:cf:62:6c:82:dc:a7:10:29:42:5b:e6:
2d:06:24:16:67:cf:0e:ec:ff:99:ad:ae:f4:08:0d:e7:14:14:
88:6b:20:34
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY7W4OWN62SU38ueEaE/rn1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjQwNDEzMDk1NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGUzMjM3Njg5MzNkNTg2MjdhN2MyZjM0ZDQ4OTJhYjA2MTYzMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ4HjtfmBqYRIGPfoFcJNTpXkGUq
tozXj/jMjPcRaxet6OAiuRgepyFU5PIm1KaCwD5y3cpTAdc+JQVguq0Ckk0VFelo
wMEP2V68IN1mirVINZcYdtdD/RVrByTM1GS/S9rh4EM8z6ev8ZJz9JzswiVr4L5+
/c6rY6AoN9TPSlYQVYkbipy98kI6QFKup+qG+WQStXwS9UHtTNvEzyVGguTcP2Rj
GFudmLyQMEROffvLgOHBXPoUNICXV6iT0H4P0qz7hv+ttYnNKCafJfaLP8ewvevT
W41pFoiPsQEpF2ME11UZ6E+bYy+o3+mloO8Dsb2lUtA6E/WHdtIaMewlYwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCDjI3aJM9WGJ6fC801IkqsGFjHlMB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvSU9NamRva3oxWVlucDhMelRVaVNxd1lXTWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQAwCpBAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcD
BQAqABLoMA0GCSqGSIb3DQEBCwUAA4IBAQAqfxtP5tJUVllSoJs/bTCebrfkvIkD
0IPphVsk8XT53obWhHSl4bg1cwq+LyVDFxeNjiTMShiGKFLeU6Ki2ts815hrpXLV
OQZ8MUrh8tYtNhLH5IQtWXNBvRNIPFex70yOlmJY0edSkICLX+vzrjoCzkFeOSkS
AZMtkZ2EgUDlngtQ3pwtXs7cw12QAizfepsfobtf1wvPso/fGaslGhnlwUUEd2Gq
MR5wXBBMsq6ljktDMb+mBJ7UAk8ailafCpayFDKLaayiPAPDQRKl1prOdXkGDfXA
6JTLaZQhzVl5z2JsgtynEClCW+YtBiQWZ88O7P+Zra70CA3nFBSIayA0
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:28:17 2025 by rpki-client