Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-lMe_En3OYZ4bxrHpNwSAniQiXI.roa
File: 1-lMe_En3OYZ4bxrHpNwSAniQiXI.roa (raw, json)
Hash identifier: vtl7R7zU7dD7n8nMoC2q6XeMddOXinwqMPwVzCwPG1E=
Subject key identifier: FA:53:1E:FC:49:F7:39:86:78:6F:1A:C7:A4:DC:12:02:78:90:89:72
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01945EA9C3FAE0BF02F1C07AA357B65CC05C
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-lMe_En3OYZ4bxrHpNwSAniQiXI.roa
Signing time: Mon 13 Jan 2025 07:56:11 +0000
ROA not before: Mon 13 Jan 2025 07:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.242.0/24 maxlen: 24
45.155.243.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 14:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:a9:c3:fa:e0:bf:02:f1:c0:7a:a3:57:b6:5c:c0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 13 07:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa531efc49f73986786f1ac7a4dc120278908972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:e0:6c:bc:56:88:c7:04:d6:bf:06:c0:dc:
cf:c4:bc:8f:95:d1:80:0b:a7:49:a1:4c:7d:06:dc:
eb:83:12:9f:0d:83:5e:6f:e3:19:d6:93:be:df:a7:
f6:36:c0:03:8b:cf:93:8d:5a:4b:d1:a9:93:48:22:
06:23:65:0a:c3:41:14:32:e5:de:78:48:c6:f5:29:
06:c2:4b:b9:83:42:99:e8:fd:b0:4f:9f:d0:00:70:
89:db:7d:34:2e:70:6a:0b:8c:bb:54:97:40:eb:15:
b1:31:42:b1:f2:7f:f5:a8:c5:26:cb:3d:aa:ca:54:
b0:17:d5:bd:b1:74:18:75:ff:08:6f:bc:a2:f5:b2:
8c:18:11:89:51:95:f8:7e:0f:87:03:87:d1:e3:22:
1a:3c:ba:c7:30:da:ab:5b:c3:b5:b2:56:3f:81:c8:
64:2b:c8:75:ec:a1:f8:b9:a3:cf:fa:0d:b5:c4:32:
c1:e7:02:b7:06:11:96:e1:0e:a8:b4:a3:da:fa:45:
8c:6c:61:cb:9c:8f:a1:cc:7c:59:48:58:9b:6f:9c:
7a:58:70:db:4a:bb:d2:b2:8e:b1:b0:3b:5f:b2:df:
9e:d7:5e:7c:64:65:60:d3:64:78:32:3e:fc:58:c9:
3d:1e:a5:ad:18:a0:0d:07:5c:1c:f8:fc:c7:12:8c:
c3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:53:1E:FC:49:F7:39:86:78:6F:1A:C7:A4:DC:12:02:78:90:89:72
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-lMe_En3OYZ4bxrHpNwSAniQiXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/23
194.143.205.0/24
194.143.221.0/24
195.114.198.0/24
213.220.3.0/24
213.220.19.0/24
213.220.60.0/24
Signature Algorithm: sha256WithRSAEncryption
97:01:b6:6d:6c:fc:05:8a:8c:b5:be:22:e7:7c:ca:a1:76:31:
da:92:47:47:49:c0:d2:54:95:0e:25:bd:b9:c8:0e:ab:74:0f:
b4:2d:d1:2b:c6:73:fe:aa:92:b3:e3:b6:6f:59:b4:ad:79:99:
70:ab:c3:fc:5a:1e:72:8f:7c:f9:08:97:c2:db:1d:a6:5d:0c:
77:d9:93:7c:eb:67:a6:3b:fe:1c:13:7b:b9:57:20:37:09:ce:
b6:c6:74:6b:67:5c:66:67:21:e5:01:61:34:fd:cd:82:55:7e:
84:b1:07:62:71:df:fb:c8:7b:c6:6b:8c:c5:22:c9:d8:6b:4b:
f9:6d:cd:53:32:9c:4b:c4:31:1c:51:5b:13:53:92:47:14:27:
04:8b:41:fd:d9:05:4d:9a:1d:7c:0c:28:99:4d:e7:22:7b:10:
1f:2e:43:6d:90:0d:3e:2a:1f:8d:c8:35:1a:4c:cd:0f:d0:0f:
fe:9a:22:06:6c:4d:ed:5b:35:bf:33:92:ad:63:01:92:b4:98:
82:3c:66:e1:2f:12:b5:e4:15:bc:cc:ac:57:d7:a5:4b:12:f9:
75:0f:fb:c4:28:9a:b7:fb:74:8f:1a:32:a9:48:5c:4f:d6:34:
e4:cf:db:6f:b2:59:9b:e6:7b:fb:3a:ab:34:00:d0:b8:b1:e0:
c9:0b:59:82
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZReqcP64L8C8cB6o1e2XMBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTEzMDc1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUzMWVmYzQ5ZjczOTg2Nzg2ZjFhYzdhNGRjMTIwMjc4OTA4OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzzgbLxWiMcE1r8GwNzPxLyPldGA
C6dJoUx9BtzrgxKfDYNeb+MZ1pO+36f2NsADi8+TjVpL0amTSCIGI2UKw0EUMuXe
eEjG9SkGwku5g0KZ6P2wT5/QAHCJ2300LnBqC4y7VJdA6xWxMUKx8n/1qMUmyz2q
ylSwF9W9sXQYdf8Ib7yi9bKMGBGJUZX4fg+HA4fR4yIaPLrHMNqrW8O1slY/gchk
K8h17KH4uaPP+g21xDLB5wK3BhGW4Q6otKPa+kWMbGHLnI+hzHxZSFibb5x6WHDb
SrvSso6xsDtfst+e1158ZGVg02R4Mj78WMk9HqWtGKANB1wc+PzHEozDrwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPpTHvxJ9zmGeG8ax6TcEgJ4kIlyMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvMS1sTWVfRW4zT1laNGJ4ckhwTndTQW5pUWlYSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvMWY5NDkzLWQ0NjgtNGE3Yy04YzRiLTFkZGVjNGNjZTI0
Yy8xL0JuSGN4Nm1zYzFISEhndkNKNHowWDlBZ3JpNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAS2b8gME
AMKPzQMEAMKP3QMEAMNyxgMEANXcAwMEANXcEwMEANXcPDANBgkqhkiG9w0BAQsF
AAOCAQEAlwG2bWz8BYqMtb4i53zKoXYx2pJHR0nA0lSVDiW9ucgOq3QPtC3RK8Zz
/qqSs+O2b1m0rXmZcKvD/Foeco98+QiXwtsdpl0Md9mTfOtnpjv+HBN7uVcgNwnO
tsZ0a2dcZmch5QFhNP3NglV+hLEHYnHf+8h7xmuMxSLJ2GtL+W3NUzKcS8QxHFFb
E1OSRxQnBItB/dkFTZodfAwomU3nInsQHy5DbZANPiofjcg1GkzND9AP/poiBmxN
7Vs1vzOSrWMBkrSYgjxm4S8SteQVvMysV9elSxL5dQ/7xCiat/t0jxoyqUhcT9Y0
5M/bb7JZm+Z7+zqrNADQuLHgyQtZgg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:11:16 2025 by rpki-client