Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3HN9v2ef-NiO5dx2o5S7UMwSeQw.roa
File: 3HN9v2ef-NiO5dx2o5S7UMwSeQw.roa (raw, json)
Hash identifier: 1oEZidmY/AjOA9YnaAUDZVA90rZjbNKIXkOePHP1JKY=
Subject key identifier: DC:73:7D:BF:67:9F:F8:D8:8E:E5:DC:76:A3:94:BB:50:CC:12:79:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01938C20A786D2A76F5430A2D2D885B00FEA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3HN9v2ef-NiO5dx2o5S7UMwSeQw.roa
Signing time: Tue 03 Dec 2024 10:46:10 +0000
ROA not before: Tue 03 Dec 2024 10:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
212.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 11:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:20:a7:86:d2:a7:6f:54:30:a2:d2:d8:85:b0:0f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 3 10:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc737dbf679ff8d88ee5dc76a394bb50cc12790c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1f:c2:ff:03:d3:fc:43:56:8f:90:95:41:c7:
42:e1:f7:51:72:df:d1:ec:57:28:e5:f6:b4:46:e5:
99:d1:96:29:94:44:20:ff:e7:1b:21:78:57:d3:19:
08:19:74:1e:9e:3c:e2:dc:b1:38:b2:6b:3d:f9:a6:
4e:52:52:ca:73:93:19:5f:af:3a:3f:b9:6e:0d:72:
7a:59:32:cf:90:6e:08:54:71:77:8f:a7:74:12:6a:
ef:9a:cb:18:ee:e7:f2:4e:05:dd:1c:2b:7d:f5:c9:
98:71:04:10:a5:1e:c7:cc:19:e5:eb:5b:18:1e:2d:
b1:84:82:96:d5:df:cc:3a:5f:5c:f2:d4:3b:40:6f:
83:b8:12:49:68:62:bb:7f:e1:c7:ad:14:85:44:22:
34:05:91:ec:e7:21:19:d4:3e:04:fc:70:21:24:7d:
bb:26:43:c6:64:6a:7a:52:b1:07:71:f5:3c:02:bf:
7b:69:fc:d6:cd:f4:44:14:fa:52:96:9b:e7:6a:ce:
05:73:c3:5f:42:aa:90:de:e8:2c:77:bc:2c:ea:51:
14:98:6c:82:a1:64:20:fa:94:f6:cb:75:35:b3:b8:
8d:39:5f:75:95:47:c9:18:b1:fb:a7:e3:17:34:a7:
c0:da:28:65:7d:b8:5c:48:be:f3:91:14:13:19:39:
fc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:73:7D:BF:67:9F:F8:D8:8E:E5:DC:76:A3:94:BB:50:CC:12:79:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3HN9v2ef-NiO5dx2o5S7UMwSeQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
109.206.236.0/24
185.218.137.0/24
194.113.37.0/24
212.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:7a:ce:0a:70:55:94:cf:b1:04:43:b6:1d:bb:bb:0b:fb:35:
ba:63:fd:46:92:14:f5:d3:de:43:00:d7:af:5b:d4:c7:91:cd:
c3:02:20:a0:fd:ad:90:0b:2a:40:d8:9b:41:eb:eb:ee:2b:33:
a1:80:27:1c:a9:f7:66:d1:9f:16:0c:9c:70:3b:e4:2c:e3:0d:
6b:f5:4f:66:a5:12:3b:e4:d2:07:af:ec:b4:c9:5d:0e:e4:26:
70:9e:6a:bb:d4:8f:87:53:ce:e9:10:05:bc:55:51:b0:0e:ce:
a2:97:70:77:4f:c7:77:1f:8a:b4:66:39:d2:2d:e1:76:e2:ac:
ff:1b:20:c2:48:6c:bf:63:33:aa:9a:33:96:34:aa:61:57:66:
07:69:ae:c5:15:e0:9f:e2:8f:2c:ce:8f:2e:0a:11:c7:a6:10:
11:d3:ab:b5:28:16:8e:35:e9:f1:fc:c1:e3:6a:09:43:54:fe:
76:b0:78:ee:38:56:e1:a8:fd:cf:09:9c:08:79:bb:12:e6:20:
43:1e:3e:3e:23:93:53:bf:8d:61:14:99:de:d3:df:74:81:43:
66:54:c4:82:be:65:e9:67:84:63:85:62:68:ec:83:a4:8d:5e:
cb:40:35:cf:14:78:c6:01:ae:38:63:ac:88:fe:8c:48:6f:c1:
c9:c0:f1:c0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZOMIKeG0qdvVDCi0tiFsA/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjAzMTA0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzczN2RiZjY3OWZmOGQ4OGVlNWRjNzZhMzk0YmI1MGNjMTI3OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx/C/wPT/ENWj5CVQcdC4fdRct/R
7Fco5fa0RuWZ0ZYplEQg/+cbIXhX0xkIGXQenjzi3LE4sms9+aZOUlLKc5MZX686
P7luDXJ6WTLPkG4IVHF3j6d0EmrvmssY7ufyTgXdHCt99cmYcQQQpR7HzBnl61sY
Hi2xhIKW1d/MOl9c8tQ7QG+DuBJJaGK7f+HHrRSFRCI0BZHs5yEZ1D4E/HAhJH27
JkPGZGp6UrEHcfU8Ar97afzWzfREFPpSlpvnas4Fc8NfQqqQ3ugsd7ws6lEUmGyC
oWQg+pT2y3U1s7iNOV91lUfJGLH7p+MXNKfA2ihlfbhcSL7zkRQTGTn8QwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNxzfb9nn/jYjuXcdqOUu1DMEnkMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM0hOOXYyZWYtTmlPNWR4Mm81UzdVTXdTZVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVRYAwQA
LVn0AwQALVvBAwQAbc7sAwQAudqJAwQAwnElAwQA1FffMA0GCSqGSIb3DQEBCwUA
A4IBAQAfes4KcFWUz7EEQ7Ydu7sL+zW6Y/1GkhT1095DANevW9THkc3DAiCg/a2Q
CypA2JtB6+vuKzOhgCccqfdm0Z8WDJxwO+Qs4w1r9U9mpRI75NIHr+y0yV0O5CZw
nmq71I+HU87pEAW8VVGwDs6il3B3T8d3H4q0ZjnSLeF24qz/GyDCSGy/YzOqmjOW
NKphV2YHaa7FFeCf4o8szo8uChHHphAR06u1KBaONenx/MHjaglDVP52sHjuOFbh
qP3PCZwIebsS5iBDHj4+I5NTv41hFJne0990gUNmVMSCvmXpZ4RjhWJo7IOkjV7L
QDXPFHjGAa44Y6yI/oxIb8HJwPHA
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:49:34 2025 by rpki-client