Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FtKCr0rYz_L0I0rSrW5eWQkUako.roa
File: FtKCr0rYz_L0I0rSrW5eWQkUako.roa (raw, json)
Hash identifier: PDIS1BQFSILC82iFbP/A2j0sBxWI5LawrAwp+iRaiAg=
Subject key identifier: 16:D2:82:AF:4A:D8:CF:F2:F4:23:4A:D2:AD:6E:5E:59:09:14:6A:4A
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019468F850485709CBFA9D60DF0D2118078B
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FtKCr0rYz_L0I0rSrW5eWQkUako.roa
Signing time: Wed 15 Jan 2025 07:58:11 +0000
ROA not before: Wed 15 Jan 2025 07:58:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.209.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 11:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:f8:50:48:57:09:cb:fa:9d:60:df:0d:21:18:07:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 15 07:58:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16d282af4ad8cff2f4234ad2ad6e5e5909146a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:8e:23:3b:dc:90:d0:8d:ea:08:1f:d7:17:
2b:75:90:f6:0a:a5:8a:43:75:86:d2:c5:0c:27:4e:
da:7e:3d:e3:62:8e:5e:8d:b8:e3:6c:7a:9f:73:14:
91:68:fa:d6:19:86:00:e9:61:0d:4e:ed:53:c4:d7:
b9:06:60:53:ff:49:3b:20:a8:d8:de:4c:78:24:5d:
5a:45:b7:f2:a1:cc:c2:6c:2a:5d:ed:81:83:40:13:
f3:18:e0:42:ae:bb:17:54:66:af:91:53:9f:14:4a:
a3:50:76:51:86:aa:b9:2e:5e:41:35:91:59:d7:5f:
9c:64:c3:a3:ed:a4:58:f8:b5:38:d1:5a:32:5f:38:
e3:79:c4:62:ce:0d:2d:63:52:a8:cb:a3:c4:6d:b7:
3d:d1:d2:c3:be:83:93:d3:2e:35:ae:64:78:99:b6:
7b:58:a5:76:2a:de:80:f2:0d:6d:59:d6:48:89:b2:
f7:97:fd:fb:fc:aa:11:63:5e:29:a6:9f:6e:f0:3c:
4d:1a:d7:67:9c:f7:4b:3a:62:c9:a4:d8:cb:6d:54:
07:3b:ba:09:e6:76:61:ca:b4:78:8d:06:96:0a:f6:
db:75:58:9e:f1:67:56:5e:67:a2:04:f2:69:fc:b2:
78:31:43:8a:3a:fc:d2:ec:00:7b:f1:21:5d:86:69:
e1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D2:82:AF:4A:D8:CF:F2:F4:23:4A:D2:AD:6E:5E:59:09:14:6A:4A
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FtKCr0rYz_L0I0rSrW5eWQkUako.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/24
194.143.205.0/24
194.143.209.0/24
194.143.221.0/24
195.114.192.0/24
195.114.198.0/24
213.220.3.0/24
213.220.19.0/24
213.220.59.0-213.220.60.255
Signature Algorithm: sha256WithRSAEncryption
b2:9a:98:77:f6:01:ae:e1:7e:0f:c2:e8:90:c1:1d:8e:22:91:
7a:40:c5:b2:fe:ad:18:a5:a1:fd:8a:01:aa:6f:a8:bd:0b:d4:
fd:fd:97:77:6f:d5:02:c9:10:1e:3f:25:cb:88:62:3c:c4:34:
35:e3:00:84:b4:6a:fe:1b:69:1a:7d:a2:96:d4:35:42:40:04:
00:e9:d3:5c:51:44:cd:fe:11:a9:9c:8c:73:63:c0:5b:27:0e:
ab:93:37:a1:a2:19:f9:98:57:e2:91:7e:eb:c8:ea:45:87:82:
5f:41:ee:19:02:45:74:00:df:a7:1a:39:1e:db:86:41:34:0b:
f8:ba:69:32:29:ca:e2:b1:19:44:35:0e:a9:7d:75:e0:dc:a0:
53:2d:70:8e:e8:17:17:d0:d5:9e:b1:3f:68:32:60:4b:3c:f3:
47:fb:9a:02:f4:af:7e:34:92:45:02:f4:56:e6:b4:61:96:a8:
5c:e8:5e:db:4d:1e:df:3c:01:e9:96:a2:fd:f2:2f:23:d9:33:
e8:90:d9:35:45:25:6d:9c:a1:32:69:6c:6e:85:0c:17:52:69:
a9:60:8d:79:11:3f:82:72:0b:af:16:93:35:a1:87:1c:27:13:
b8:6c:33:44:24:7e:93:16:c4:28:23:44:5a:f5:e3:26:d5:84:
6c:0e:22:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZRo+FBIVwnL+p1g3w0hGAeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTE1MDc1ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQyODJhZjRhZDhjZmYyZjQyMzRhZDJhZDZlNWU1OTA5MTQ2YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHOOIzvckNCN6ggf1xcrdZD2CqWK
Q3WG0sUMJ07afj3jYo5ejbjjbHqfcxSRaPrWGYYA6WENTu1TxNe5BmBT/0k7IKjY
3kx4JF1aRbfyoczCbCpd7YGDQBPzGOBCrrsXVGavkVOfFEqjUHZRhqq5Ll5BNZFZ
11+cZMOj7aRY+LU40VoyXzjjecRizg0tY1Koy6PEbbc90dLDvoOT0y41rmR4mbZ7
WKV2Kt6A8g1tWdZIibL3l/37/KoRY14ppp9u8DxNGtdnnPdLOmLJpNjLbVQHO7oJ
5nZhyrR4jQaWCvbbdVie8WdWXmeiBPJp/LJ4MUOKOvzS7AB78SFdhmnhSQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBbSgq9K2M/y9CNK0q1uXlkJFGpKMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvRnRLQ3Iwcll6X0wwSTByU3JXNWVXUWtVYWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALZvyAwQA
wo/NAwQAwo/RAwQAwo/dAwQAw3LAAwQAw3LGAwQA1dwDAwQA1dwTMAwDBADV3DsD
BADV3DwwDQYJKoZIhvcNAQELBQADggEBALKamHf2Aa7hfg/C6JDBHY4ikXpAxbL+
rRilof2KAapvqL0L1P39l3dv1QLJEB4/JcuIYjzENDXjAIS0av4baRp9opbUNUJA
BADp01xRRM3+EamcjHNjwFsnDquTN6GiGfmYV+KRfuvI6kWHgl9B7hkCRXQA36ca
OR7bhkE0C/i6aTIpyuKxGUQ1Dql9deDcoFMtcI7oFxfQ1Z6xP2gyYEs880f7mgL0
r340kkUC9FbmtGGWqFzoXttNHt88AemWov3yLyPZM+iQ2TVFJW2coTJpbG6FDBdS
aalgjXkRP4JyC68WkzWhhxwnE7hsM0QkfpMWxCgjRFr14ybVhGwOItA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:27:07 2025 by rpki-client