Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XFpPdC3VeY39PTZNFThetTSt6o0.roa
File: XFpPdC3VeY39PTZNFThetTSt6o0.roa (raw, json)
Hash identifier: J9WY14chzFdLcW10CHVutiCsb6fV+wREVYaWAKzywXQ=
Subject key identifier: 5C:5A:4F:74:2D:D5:79:8D:FD:3D:36:4D:15:38:5E:B5:34:AD:EA:8D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193BA3BD44D6964B568F460051F25F0EC00
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XFpPdC3VeY39PTZNFThetTSt6o0.roa
Signing time: Thu 12 Dec 2024 09:38:23 +0000
ROA not before: Thu 12 Dec 2024 09:38:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 45.12.254.0/24 maxlen: 24
45.14.165.0/24 maxlen: 24
45.81.243.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
85.209.134.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 08:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:3b:d4:4d:69:64:b5:68:f4:60:05:1f:25:f0:ec:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 12 09:38:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c5a4f742dd5798dfd3d364d15385eb534adea8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:31:27:48:e1:67:0d:c8:94:da:1a:36:93:
13:dc:0a:0f:b6:83:de:58:12:f7:7a:d2:7b:91:8e:
e9:df:69:8f:14:3d:ce:5f:20:8f:ae:13:ff:8c:cf:
cd:84:15:08:28:02:17:76:20:17:be:f3:3c:93:19:
8a:4c:a0:11:68:d3:1f:d7:11:f7:0c:0f:5c:b4:34:
e3:95:3a:1a:f2:43:da:7a:81:46:e0:31:12:b9:97:
97:2b:16:ae:ac:4f:b7:49:0d:1e:16:87:99:8d:3d:
e8:11:40:2c:fa:ed:35:ba:6f:78:92:26:f3:78:d7:
ce:cd:d6:c9:18:0e:a2:df:52:6c:93:47:a7:a8:c2:
e5:e9:0c:36:39:74:2b:0a:bd:70:ec:7f:30:b5:fa:
18:4a:9b:a0:7b:19:46:b6:ef:57:59:20:4d:11:18:
e5:cd:52:3e:53:1d:03:5a:72:c6:33:61:87:ea:08:
fc:28:79:0c:4c:1c:97:12:db:97:fe:05:02:f2:fb:
98:8b:63:54:b0:f0:e7:63:d4:8a:e2:44:ca:3f:e1:
01:a5:a6:a6:6b:be:f5:e0:f4:86:91:12:3c:cc:18:
fa:7a:87:c1:ab:3b:54:ce:38:1a:26:c0:ed:a4:ce:
61:4b:37:6a:7d:09:dd:b7:4e:f6:13:e7:cd:20:4e:
68:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5A:4F:74:2D:D5:79:8D:FD:3D:36:4D:15:38:5E:B5:34:AD:EA:8D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XFpPdC3VeY39PTZNFThetTSt6o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.14.165.0/24
45.81.243.0/24
45.88.67.0/24
84.21.172.0/24
85.31.45.0/24
85.209.132.0/24
85.209.134.0/24
93.123.30.0/24
109.206.241.0/24
212.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:79:3e:0e:fb:e7:8a:3a:a9:50:77:64:5f:77:e5:59:7c:cc:
e3:dd:7f:b1:ef:97:23:b5:8e:4e:bf:7f:95:65:b2:37:6a:d8:
2c:f5:f1:7a:77:ab:a0:5a:37:7b:a0:11:03:3c:1c:bb:41:de:
20:e8:de:19:b2:6a:58:da:e4:48:7a:70:9f:d1:4b:3d:36:df:
d8:53:e9:91:b1:64:f1:4f:8d:10:86:ea:1d:d3:6f:8a:95:c6:
ae:3f:a6:21:b5:c5:6a:c0:50:09:ee:c4:9f:d1:f5:e9:11:12:
6a:bd:28:8d:a5:a6:6d:b9:e6:72:00:d3:85:eb:14:2e:56:29:
da:22:94:58:5c:a1:eb:d2:a3:97:24:9e:10:b0:ab:f1:cd:f2:
bd:5c:a9:98:41:04:2c:39:60:53:a2:92:7a:0d:e7:04:21:49:
30:43:29:52:53:b7:71:3d:43:a0:66:8e:9d:a2:73:96:ee:b7:
7e:35:bb:f1:13:1e:f0:61:8d:e1:44:ff:e6:5d:26:5f:58:d6:
87:17:8d:ba:5f:7c:9b:d1:07:f6:29:27:df:98:20:d8:17:9c:
7d:bd:70:7c:f8:fc:dc:56:5f:2d:ac:da:32:39:c1:8d:0a:4b:
15:09:3f:bd:23:33:cd:36:2e:27:50:c0:9e:e0:87:92:cb:da:
46:94:d1:0a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZO6O9RNaWS1aPRgBR8l8OwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjEyMDkzODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVhNGY3NDJkZDU3OThkZmQzZDM2NGQxNTM4NWViNTM0YWRlYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/YxJ0jhZw3IlNoaNpMT3AoPtoPe
WBL3etJ7kY7p32mPFD3OXyCPrhP/jM/NhBUIKAIXdiAXvvM8kxmKTKARaNMf1xH3
DA9ctDTjlToa8kPaeoFG4DESuZeXKxaurE+3SQ0eFoeZjT3oEUAs+u01um94kibz
eNfOzdbJGA6i31Jsk0enqMLl6Qw2OXQrCr1w7H8wtfoYSpugexlGtu9XWSBNERjl
zVI+Ux0DWnLGM2GH6gj8KHkMTByXEtuX/gUC8vuYi2NUsPDnY9SK4kTKP+EBpaam
a7714PSGkRI8zBj6eofBqztUzjgaJsDtpM5hSzdqfQndt072E+fNIE5o/wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFxaT3Qt1XmN/T02TRU4XrU0reqNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWEZwUGRDM1ZlWTM5UFRaTkZUaGV0VFN0Nm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQz+AwQA
LQ6lAwQALVHzAwQALVhDAwQAVBWsAwQAVR8tAwQAVdGEAwQAVdGGAwQAXXseAwQA
bc7xAwQA1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQBbeT4O++eKOqlQd2Rfd+VZfMzj
3X+x75cjtY5Ov3+VZbI3atgs9fF6d6ugWjd7oBEDPBy7Qd4g6N4ZsmpY2uRIenCf
0Us9Nt/YU+mRsWTxT40Qhuod02+KlcauP6YhtcVqwFAJ7sSf0fXpERJqvSiNpaZt
ueZyANOF6xQuVinaIpRYXKHr0qOXJJ4QsKvxzfK9XKmYQQQsOWBTopJ6DecEIUkw
QylSU7dxPUOgZo6donOW7rd+NbvxEx7wYY3hRP/mXSZfWNaHF426X3yb0Qf2KSff
mCDYF5x9vXB8+PzcVl8trNoyOcGNCksVCT+9IzPNNi4nUMCe4IeSy9pGlNEK
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:47:33 2025 by rpki-client