Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/OLcd9xdxPQi9mmqrNrIeU6BO6lc.roa
File: OLcd9xdxPQi9mmqrNrIeU6BO6lc.roa (raw, json)
Hash identifier: eQLwwQdjLtCYrcxSRU8J1qARDyyfVtd62lwkh3QsAG0=
Subject key identifier: 38:B7:1D:F7:17:71:3D:08:BD:9A:6A:AB:36:B2:1E:53:A0:4E:EA:57
Certificate issuer: /CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Certificate serial: 019123C42EBFCCFE6AEB6A3DDBED790E5469
Authority key identifier: B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/OLcd9xdxPQi9mmqrNrIeU6BO6lc.roa
Signing time: Mon 05 Aug 2024 18:19:04 +0000
ROA not before: Mon 05 Aug 2024 18:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50247
IP address blocks: 45.85.184.0/23 maxlen: 24
45.85.184.0/24 maxlen: 24
45.85.185.0/24 maxlen: 24
45.131.33.0/24 maxlen: 24
45.131.34.0/24 maxlen: 24
91.224.142.0/23 maxlen: 23
91.224.142.0/24 maxlen: 24
91.224.143.0/24 maxlen: 24
109.95.88.0/21 maxlen: 21
109.196.80.0/20 maxlen: 20
109.197.36.0/23 maxlen: 23
109.207.103.0/24 maxlen: 24
185.178.236.0/22 maxlen: 22
2a0a:7080::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 30 Nov 2024 06:05:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:c4:2e:bf:cc:fe:6a:eb:6a:3d:db:ed:79:0e:54:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Validity
Not Before: Aug 5 18:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b71df717713d08bd9a6aab36b21e53a04eea57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:85:52:52:d0:3f:cf:1f:f6:a5:aa:3d:f6:
84:05:6c:50:56:8b:a5:f4:b7:5e:c5:27:cb:57:2d:
2b:cd:9b:15:1b:9f:b5:ec:1e:2b:ba:a8:ef:0b:de:
2e:de:dd:42:64:a0:1b:a9:d8:b3:58:29:d4:fe:30:
bc:0d:11:3e:e1:d5:42:da:76:8a:6d:df:bc:a2:ae:
38:4c:a6:98:5d:6c:34:60:c8:67:ef:05:d6:43:1f:
36:af:1c:f9:b2:02:db:f8:07:74:36:9d:8d:88:28:
c5:9c:a1:80:8e:42:a5:b0:b2:4a:d6:3a:09:23:bd:
03:c6:db:c5:f9:66:f3:1d:19:01:65:39:f9:ca:cd:
5e:d0:31:c2:1d:dd:33:84:cf:83:e3:5d:9c:15:aa:
c1:9c:e4:77:02:e5:67:51:65:12:91:82:a3:b5:ef:
e5:56:01:95:c0:33:9f:a1:6e:70:36:f0:3d:c5:8c:
e7:fb:d2:1e:b4:b0:14:b5:6e:4a:5f:54:1c:a9:78:
0f:11:97:4a:0e:db:2a:6f:e1:e0:45:1a:f9:3c:8c:
f1:ec:13:8b:b7:a1:39:4a:2d:2a:09:97:61:79:7a:
46:ed:fb:43:b5:2c:17:dd:d4:fa:97:05:63:da:d7:
ca:eb:0f:02:b0:2d:b1:4c:d8:73:b4:55:6d:d8:42:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B7:1D:F7:17:71:3D:08:BD:9A:6A:AB:36:B2:1E:53:A0:4E:EA:57
X509v3 Authority Key Identifier:
keyid:B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/OLcd9xdxPQi9mmqrNrIeU6BO6lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.184.0/23
45.131.33.0-45.131.34.255
91.224.142.0/23
109.95.88.0/21
109.196.80.0/20
109.197.36.0/23
109.207.103.0/24
185.178.236.0/22
IPv6:
2a0a:7080::/29
Signature Algorithm: sha256WithRSAEncryption
3b:37:08:83:72:fe:90:a3:37:bd:e5:c5:8f:b5:4b:3d:b5:5e:
26:ba:81:2a:d5:27:07:25:07:6c:25:02:33:b0:f9:53:e1:ab:
8f:48:9d:3e:28:18:89:d9:da:7d:31:7a:a0:65:0d:04:36:e7:
14:f9:74:a6:e3:55:ae:78:d5:02:75:f2:36:5c:19:b2:75:f6:
f6:d3:5c:16:bc:ed:3c:9e:22:c8:e9:98:5d:2b:de:8e:c6:ca:
4b:61:3c:e8:08:31:09:de:fe:a8:b7:f2:47:a1:56:91:51:d3:
dd:a2:2a:7e:b7:15:68:15:6c:51:3e:46:84:c8:ab:df:51:1e:
62:5c:09:68:c9:7c:1e:16:24:8c:a1:f8:fc:ef:1a:70:16:41:
90:73:22:ea:36:4c:e4:c3:53:f4:4e:74:cf:74:2b:cc:77:99:
38:e4:c5:e0:9e:00:f0:70:37:79:da:32:bb:d6:7b:ce:6f:80:
87:95:0c:62:7a:9a:b0:14:00:29:6a:4a:cf:d6:09:24:2f:ea:
39:fa:88:eb:1e:4e:17:5e:99:55:e7:84:88:44:c1:a8:44:84:
0f:4c:e2:2b:ef:8e:93:65:45:35:d8:7e:c7:7a:cb:ea:c0:f7:
78:96:49:57:63:67:20:1f:3a:13:c2:c7:8c:7f:c0:6c:b9:41:
3c:9a:d6:f9
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZEjxC6/zP5q62o92+15DlRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRjMzc2YTE1OWQwNWUyYWY5NzE3NmEzZWJhODM2MGU2
MGQxNzYwHhcNMjQwODA1MTgxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI3MWRmNzE3NzEzZDA4YmQ5YTZhYWIzNmIyMWU1M2EwNGVlYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR2FUlLQP88f9qWqPfaEBWxQVoul
9LdexSfLVy0rzZsVG5+17B4ruqjvC94u3t1CZKAbqdizWCnU/jC8DRE+4dVC2naK
bd+8oq44TKaYXWw0YMhn7wXWQx82rxz5sgLb+Ad0Np2NiCjFnKGAjkKlsLJK1joJ
I70DxtvF+WbzHRkBZTn5ys1e0DHCHd0zhM+D412cFarBnOR3AuVnUWUSkYKjte/l
VgGVwDOfoW5wNvA9xYzn+9IetLAUtW5KX1QcqXgPEZdKDtsqb+HgRRr5PIzx7BOL
t6E5Si0qCZdheXpG7ftDtSwX3dT6lwVj2tfK6w8CsC2xTNhztFVt2EJC1QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDi3HfcXcT0IvZpqqzayHlOgTupXMB8GA1UdIwQY
MBaAFLS9w3ahWdBeKvlxdqPrqDYOYNF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUt
MjhkMDEwNjAzNTI5LzEvT0xjZDl4ZHhQUWk5bW1xck5ySWVVNkJPNmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUtMjhkMDEwNjAzNTI5
LzEvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQBLVW4MAwD
BAAtgyEDBAAtgyIDBAFb4I4DBANtX1gDBARtxFADBAFtxSQDBABtz2cDBAK5suww
DQQCAAIwBwMFAyoKcIAwDQYJKoZIhvcNAQELBQADggEBADs3CINy/pCjN73lxY+1
Sz21Xia6gSrVJwclB2wlAjOw+VPhq49InT4oGInZ2n0xeqBlDQQ25xT5dKbjVa54
1QJ18jZcGbJ19vbTXBa87TyeIsjpmF0r3o7GykthPOgIMQne/qi38kehVpFR092i
Kn63FWgVbFE+RoTIq99RHmJcCWjJfB4WJIyh+PzvGnAWQZBzIuo2TOTDU/ROdM90
K8x3mTjkxeCeAPBwN3naMrvWe85vgIeVDGJ6mrAUAClqSs/WCSQv6jn6iOseThde
mVXnhIhEwahEhA9M4ivvjpNlRTXYfsd6y+rA93iWSVdjZyAfOhPCx4x/wGy5QTya
1vk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:06 2025 by rpki-client