Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/kTot1H-igedygwZEVkLYd4H219o.roa
File: kTot1H-igedygwZEVkLYd4H219o.roa (raw, json)
Hash identifier: Q6oT54eVVz2Gl88QCswHjdLY0THjcgqqe/EgEQT5CC4=
Subject key identifier: 91:3A:2D:D4:7F:A2:81:E7:72:83:06:44:56:42:D8:77:81:F6:D7:DA
Certificate issuer: /CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Certificate serial: 018CC801B3F11F5EC69B69F61AFB0596D99A
Authority key identifier: DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/kTot1H-igedygwZEVkLYd4H219o.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12748
IP address blocks: 185.225.140.0/22 maxlen: 22
5.183.20.0/22 maxlen: 22
45.137.56.0/22 maxlen: 22
193.104.216.0/24 maxlen: 24
194.31.198.0/24 maxlen: 24
2a0d:d400::/29 maxlen: 29
2a0e:8c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b3:f1:1f:5e:c6:9b:69:f6:1a:fb:05:96:d9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=913a2dd47fa281e7728306445642d87781f6d7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1c:2f:14:85:ac:fb:cd:de:16:55:1e:64:a8:
3a:d1:3b:9b:37:96:76:ac:c7:5e:66:d9:7f:f2:a5:
f9:fb:eb:0b:f8:ca:11:e0:23:86:d1:f7:0e:24:c3:
e7:c2:8f:72:07:19:31:68:64:00:f5:59:90:13:2b:
0b:c7:aa:b8:04:8b:07:50:5a:f6:0b:d7:b3:08:c7:
76:bd:a5:65:62:d9:fd:c5:91:bc:85:a7:e4:f6:2a:
be:66:1a:66:fa:da:03:ef:2b:fb:4c:e6:a3:bf:21:
49:63:8b:ec:d4:e5:12:dc:4d:1c:69:ae:4f:8a:11:
60:91:cd:cb:43:c3:6d:60:50:0b:fd:f1:ee:eb:bb:
ef:59:77:d3:4a:40:3a:e8:02:8c:96:bf:e0:24:be:
7f:9e:29:75:ac:13:92:33:ec:6b:18:c5:bf:bc:e4:
1d:c8:7e:df:f0:0d:a6:8b:ba:4a:4e:2f:8b:8a:81:
7a:84:63:2b:da:24:77:e0:96:b9:72:77:8e:71:15:
c5:3c:0b:99:53:9f:d8:17:1f:8a:4b:f0:c1:fe:bd:
da:bd:ec:e5:d0:8f:86:30:f9:a9:da:13:80:d0:8c:
e8:be:55:9d:49:c2:a3:0c:65:4d:dc:21:9c:2e:99:
a7:49:82:ba:82:69:65:72:6f:8f:ec:0c:be:8d:64:
ff:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3A:2D:D4:7F:A2:81:E7:72:83:06:44:56:42:D8:77:81:F6:D7:DA
X509v3 Authority Key Identifier:
keyid:DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/kTot1H-igedygwZEVkLYd4H219o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.20.0/22
45.137.56.0/22
185.225.140.0/22
193.104.216.0/24
194.31.198.0/24
IPv6:
2a0d:d400::/29
2a0e:8c00::/29
Signature Algorithm: sha256WithRSAEncryption
91:43:55:fa:16:63:ee:16:0e:48:00:3a:84:fe:e7:03:04:cb:
92:1d:3b:b2:28:e9:cc:2b:ac:30:11:8b:3e:23:a0:7b:5b:a6:
a3:8f:c5:cc:ad:7c:da:86:4c:99:2b:f4:1a:38:5f:ee:07:ce:
51:c4:06:4e:7e:a1:7b:3a:28:f5:74:ad:6b:a5:3d:a9:d4:2f:
70:b1:8f:8b:29:b9:e8:55:26:e7:fe:72:31:2d:17:c1:3c:94:
c3:ee:6c:80:b8:fa:e8:d3:6a:94:9d:42:0c:6c:38:9d:cf:df:
80:af:dc:d9:21:f2:9a:b9:c7:30:98:f7:d4:53:93:2e:de:a1:
0f:4f:10:42:c7:85:ca:17:25:01:28:5d:7d:c6:c8:0d:d2:b0:
95:a8:da:e1:b3:a2:a8:dd:cb:1c:b9:cb:15:0e:e8:3a:c6:d2:
97:3c:a9:ae:0b:68:3d:72:ac:d8:14:25:dc:d0:74:93:bc:b8:
4c:a8:60:fa:13:06:e6:17:cc:b5:62:5c:47:d4:d8:88:6e:cc:
8a:78:34:e8:4b:ae:03:5b:50:93:cc:4a:14:e8:9a:be:ae:f5:
e2:e1:87:2d:0f:81:20:bf:5e:eb:08:a4:80:6c:b7:42:ad:3b:
e8:96:9a:e1:d3:63:85:5a:6c:b5:16:58:44:04:fb:d5:d2:aa:
63:2f:89:60
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzIAbPxH17Gm2n2GvsFltmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzc4MTJiZDQ1MjczZWEzYjJhNTNkOWU5NmY2ZGJhMjE1
ODI2ZjMwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNhMmRkNDdmYTI4MWU3NzI4MzA2NDQ1NjQyZDg3NzgxZjZkN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBwvFIWs+83eFlUeZKg60TubN5Z2
rMdeZtl/8qX5++sL+MoR4COG0fcOJMPnwo9yBxkxaGQA9VmQEysLx6q4BIsHUFr2
C9ezCMd2vaVlYtn9xZG8hafk9iq+Zhpm+toD7yv7TOajvyFJY4vs1OUS3E0caa5P
ihFgkc3LQ8NtYFAL/fHu67vvWXfTSkA66AKMlr/gJL5/nil1rBOSM+xrGMW/vOQd
yH7f8A2mi7pKTi+LioF6hGMr2iR34Ja5cneOcRXFPAuZU5/YFx+KS/DB/r3avezl
0I+GMPmp2hOA0IzovlWdScKjDGVN3CGcLpmnSYK6gmllcm+P7Ay+jWT/ZQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJE6LdR/ooHncoMGRFZC2HeB9tfaMB8GA1UdIwQY
MBaAFN43gSvUUnPqOypT2elvbbohWCbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQt
YWY2NDZjOGY0YWY2LzEva1RvdDFILWlnZWR5Z3daRVZrTFlkNEgyMTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQtYWY2NDZjOGY0YWY2
LzEvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCBbcUAwQC
LYk4AwQCueGMAwQAwWjYAwQAwh/GMBQEAgACMA4DBQMqDdQAAwUDKg6MADANBgkq
hkiG9w0BAQsFAAOCAQEAkUNV+hZj7hYOSAA6hP7nAwTLkh07sijpzCusMBGLPiOg
e1umo4/FzK182oZMmSv0Gjhf7gfOUcQGTn6hezoo9XSta6U9qdQvcLGPiym56FUm
5/5yMS0XwTyUw+5sgLj66NNqlJ1CDGw4nc/fgK/c2SHymrnHMJj31FOTLt6hD08Q
QseFyhclAShdfcbIDdKwlaja4bOiqN3LHLnLFQ7oOsbSlzyprgtoPXKs2BQl3NB0
k7y4TKhg+hMG5hfMtWJcR9TYiG7Ming06EuuA1tQk8xKFOiavq714uGHLQ+BIL9e
6wikgGy3Qq076Jaa4dNjhVpstRZYRAT71dKqYy+JYA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:32 2025 by rpki-client