Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sR7j_AZiXMUTXHaCLeoYRlIU9dI.roa
File: sR7j_AZiXMUTXHaCLeoYRlIU9dI.roa (raw, json)
Hash identifier: EOjnZO+BHkDhOzZF9Eox0vXwMFkQvN236O15BtTZS/4=
Subject key identifier: B1:1E:E3:FC:06:62:5C:C5:13:5C:76:82:2D:EA:18:46:52:14:F5:D2
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C7297F39C0E3042F17AFAD0A9E2E45
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sR7j_AZiXMUTXHaCLeoYRlIU9dI.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.86.3.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:29:7f:39:c0:e3:04:2f:17:af:ad:0a:9e:2e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b11ee3fc06625cc5135c76822dea18465214f5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:16:42:ed:ef:4d:f7:20:77:8d:bd:50:b0:a1:
52:f5:b9:98:75:ca:70:21:bb:6d:ac:8a:33:cf:e3:
b9:b6:01:23:5f:7c:a7:e3:29:8d:ec:12:97:4e:39:
40:0b:b2:a1:2b:0f:cd:ea:b0:4a:3b:d0:95:d3:98:
99:62:02:be:f5:d4:e9:c2:3f:9c:97:a5:68:0f:05:
6f:7f:ea:9a:4d:35:f9:bb:7a:c7:6b:79:42:69:62:
db:f0:86:08:fe:a2:ff:43:44:26:46:85:f3:07:06:
6a:40:76:62:d7:e4:0f:4d:da:c6:01:7b:88:74:89:
53:c7:ac:af:69:da:99:0a:b3:d9:ee:6d:3e:7c:9d:
fc:98:a9:bb:8f:47:3e:01:cd:9b:cf:46:eb:fc:54:
35:78:6a:60:9e:4f:b0:5a:f7:14:49:f5:25:d4:49:
aa:eb:0b:e7:9f:c5:21:2d:5b:a7:84:a0:9d:7d:12:
63:a2:c4:66:e3:5b:16:01:6f:cf:79:8d:fb:d9:40:
b3:22:5f:17:80:2f:6a:85:ee:5b:47:ca:28:23:11:
b1:6d:1f:e3:5d:11:26:4b:42:84:18:b6:4b:3a:5a:
2a:fa:c1:83:ed:71:a2:f9:f7:b9:a6:c8:6e:89:71:
2b:98:1c:d3:37:2f:9f:21:17:da:7b:3c:6f:e1:08:
54:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1E:E3:FC:06:62:5C:C5:13:5C:76:82:2D:EA:18:46:52:14:F5:D2
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sR7j_AZiXMUTXHaCLeoYRlIU9dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
46.174.192.0/21
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:5f:cf:44:bd:af:7c:29:f6:65:99:e2:cb:fe:ea:4a:fe:da:
74:8d:8d:04:f1:d5:1a:a8:75:39:1d:a8:e8:03:c4:69:e9:92:
bc:05:00:6f:6f:ba:88:e0:43:7e:ef:eb:db:ff:f6:0e:16:ec:
8b:28:f3:50:17:8b:4e:d2:ab:d1:52:74:c2:da:87:c2:f1:de:
99:e4:12:2e:3b:f5:da:1c:17:6d:d0:47:58:1d:6f:4a:f6:21:
96:c2:94:0b:e2:d5:16:26:3b:44:14:b0:69:c3:cf:b1:da:f0:
52:0b:ce:68:b1:fa:59:d1:ae:77:ca:7b:95:c3:71:f4:29:75:
73:c9:fc:a3:0d:7e:d2:55:6a:fd:6b:af:16:fa:d4:c9:f3:f5:
16:bc:16:cb:25:ff:13:9e:0b:ab:cb:ff:e5:a4:36:dd:83:dd:
76:06:14:58:89:55:67:03:ab:0f:b5:6c:2a:39:30:c9:67:c8:
55:6e:7e:e5:d4:2d:60:47:6c:2c:25:11:78:04:60:d8:73:3a:
4b:97:76:e0:ff:4b:22:c8:c3:89:40:90:e4:8f:5f:38:bf:c6:
0b:d0:c5:1a:08:79:ce:b9:76:e0:86:f4:f1:13:9e:30:6d:e2:
07:f1:80:15:81:6a:05:0f:f5:0d:e6:56:c9:bb:b4:a5:4a:e6:
20:73:58:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6Fxyl/OcDjBC8Xr60Kni5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFlZTNmYzA2NjI1Y2M1MTM1Yzc2ODIyZGVhMTg0NjUyMTRmNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRZC7e9N9yB3jb1QsKFS9bmYdcpw
IbttrIozz+O5tgEjX3yn4ymN7BKXTjlAC7KhKw/N6rBKO9CV05iZYgK+9dTpwj+c
l6VoDwVvf+qaTTX5u3rHa3lCaWLb8IYI/qL/Q0QmRoXzBwZqQHZi1+QPTdrGAXuI
dIlTx6yvadqZCrPZ7m0+fJ38mKm7j0c+Ac2bz0br/FQ1eGpgnk+wWvcUSfUl1Emq
6wvnn8UhLVunhKCdfRJjosRm41sWAW/PeY372UCzIl8XgC9qhe5bR8ooIxGxbR/j
XREmS0KEGLZLOloq+sGD7XGi+fe5pshuiXErmBzTNy+fIRfaezxv4QhUHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLEe4/wGYlzFE1x2gi3qGEZSFPXSMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvc1I3al9BWmlYTVVUWEhhQ0xlb1lSbElVOWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVYDAwQD
Lq7AAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQCbX89Eva98KfZlmeLL/upK/tp0
jY0E8dUaqHU5HajoA8Rp6ZK8BQBvb7qI4EN+7+vb//YOFuyLKPNQF4tO0qvRUnTC
2ofC8d6Z5BIuO/XaHBdt0EdYHW9K9iGWwpQL4tUWJjtEFLBpw8+x2vBSC85osfpZ
0a53ynuVw3H0KXVzyfyjDX7SVWr9a68W+tTJ8/UWvBbLJf8Tngury//lpDbdg912
BhRYiVVnA6sPtWwqOTDJZ8hVbn7l1C1gR2wsJRF4BGDYczpLl3bg/0siyMOJQJDk
j184v8YL0MUaCHnOuXbghvTxE54wbeIH8YAVgWoFD/UN5lbJu7SlSuYgc1hm
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:54:46 2025 by rpki-client