Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1hJbzFfBsxLLv9eQOPxCs61MZ6g.roa
File: 1hJbzFfBsxLLv9eQOPxCs61MZ6g.roa (raw, json)
Hash identifier: BA6o4uver+P+z0MsqYlRyJo5S1yKz21+poVol0nmTrE=
Subject key identifier: D6:12:5B:CC:57:C1:B3:12:CB:BF:D7:90:38:FC:42:B3:AD:4C:67:A8
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01946FA75E8B0CE8DE128045E0F2977AE962
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1hJbzFfBsxLLv9eQOPxCs61MZ6g.roa
Signing time: Thu 16 Jan 2025 15:07:07 +0000
ROA not before: Thu 16 Jan 2025 15:07:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 16:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:a7:5e:8b:0c:e8:de:12:80:45:e0:f2:97:7a:e9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 16 15:07:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6125bcc57c1b312cbbfd79038fc42b3ad4c67a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:da:cf:b6:b4:b7:8e:5d:95:80:20:08:af:29:
c8:32:f9:70:97:87:f2:d0:cb:22:63:09:d2:45:5e:
c4:73:18:78:78:e5:4d:37:5a:99:d9:2a:82:fd:fd:
c9:07:27:53:c3:73:6d:85:44:12:d8:22:6b:ee:06:
c5:ab:bf:93:de:04:7c:1f:e8:0e:ea:0f:5f:db:3f:
15:6d:16:1b:a1:35:32:ea:a7:77:b6:db:4e:70:52:
5d:03:cb:a9:31:5f:f6:62:9b:c3:c7:90:e5:27:1f:
cc:6a:73:5a:f0:4e:2b:2c:21:ff:2b:93:2f:be:17:
be:d3:73:a9:a0:61:46:be:d0:b2:a9:e8:fa:eb:1c:
2f:d0:75:9f:0d:d6:e1:e0:db:b7:9a:88:1f:ff:71:
17:d1:17:ca:ae:af:74:1b:cf:54:49:1c:61:01:30:
2d:c0:91:19:ff:48:00:d1:59:57:c3:95:b1:a8:c4:
cb:e1:51:ed:b3:1a:4e:e5:78:48:c7:3b:73:5b:ac:
77:90:b2:3c:8d:78:8a:5e:32:6b:7e:45:6e:51:06:
7b:d8:0d:3e:a4:d5:8a:5f:c7:39:00:b3:af:b2:ec:
a2:e3:c3:4d:96:0b:f5:cd:c1:56:32:69:fd:88:c9:
d9:30:fd:48:ad:7c:35:71:ac:9e:b2:c2:ca:b2:c5:
4f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:12:5B:CC:57:C1:B3:12:CB:BF:D7:90:38:FC:42:B3:AD:4C:67:A8
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1hJbzFfBsxLLv9eQOPxCs61MZ6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.211.48.0-185.211.50.255
194.124.64.0/23
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:f1:65:e5:49:60:5e:55:f4:e0:03:25:2e:01:eb:9a:fa:aa:
37:71:ba:9a:85:69:9f:59:68:2e:95:4d:16:db:b4:c8:77:c6:
df:8a:70:8c:ef:45:e6:f9:de:08:1b:5d:82:13:6c:ef:d6:fa:
2b:32:85:e9:0e:e6:8b:c8:78:47:83:d4:98:d1:29:8d:0e:3b:
61:be:27:44:31:ba:81:09:49:8f:a9:45:4d:c7:31:b4:1d:db:
43:52:39:45:38:fa:4a:1a:6c:7b:61:ec:89:b5:96:a5:8c:1a:
10:f7:62:10:7d:2e:09:40:53:0d:fd:70:06:d4:82:c6:f1:69:
3b:b5:cc:c3:77:5d:90:d6:75:5b:8b:2b:38:fe:04:bf:b2:5d:
31:ae:1d:5c:d0:59:c2:aa:4d:f9:02:fc:45:8c:9a:3c:3d:05:
3d:0b:23:ac:b1:eb:ab:8a:41:d7:2c:b6:2d:e3:41:85:1b:e9:
5a:13:e0:e3:a0:cc:04:a4:44:ed:c4:10:49:bd:7c:a8:a0:89:
27:84:4c:23:04:2f:5d:5e:03:08:06:e9:dc:d1:83:0e:cd:50:
e7:f8:62:7c:ea:4e:7e:21:3a:a6:4d:a9:95:67:f2:a2:bc:c6:
bf:ad:b8:61:90:4a:41:35:ca:21:e7:ec:f0:62:b4:c4:b6:2c:
e5:93:62:d7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZRvp16LDOjeEoBF4PKXeuliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE2MTUwNzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEyNWJjYzU3YzFiMzEyY2JiZmQ3OTAzOGZjNDJiM2FkNGM2N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNrPtrS3jl2VgCAIrynIMvlwl4fy
0MsiYwnSRV7Ecxh4eOVNN1qZ2SqC/f3JBydTw3NthUQS2CJr7gbFq7+T3gR8H+gO
6g9f2z8VbRYboTUy6qd3tttOcFJdA8upMV/2YpvDx5DlJx/ManNa8E4rLCH/K5Mv
vhe+03OpoGFGvtCyqej66xwv0HWfDdbh4Nu3mogf/3EX0RfKrq90G89USRxhATAt
wJEZ/0gA0VlXw5WxqMTL4VHtsxpO5XhIxztzW6x3kLI8jXiKXjJrfkVuUQZ72A0+
pNWKX8c5ALOvsuyi48NNlgv1zcFWMmn9iMnZMP1IrXw1cayessLKssVP6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNYSW8xXwbMSy7/XkDj8QrOtTGeoMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvMWhKYnpGZkJzeExMdjllUU9QeENzNjFNWjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLYgAAwQA
gAB3AwQCuXUUMAwDBAS50zADBAC50zIDBAHCfEADBALDVUQwDQYJKoZIhvcNAQEL
BQADggEBAD/xZeVJYF5V9OADJS4B65r6qjdxupqFaZ9ZaC6VTRbbtMh3xt+KcIzv
Reb53ggbXYITbO/W+isyhekO5ovIeEeD1JjRKY0OO2G+J0QxuoEJSY+pRU3HMbQd
20NSOUU4+koabHth7Im1lqWMGhD3YhB9LglAUw39cAbUgsbxaTu1zMN3XZDWdVuL
Kzj+BL+yXTGuHVzQWcKqTfkC/EWMmjw9BT0LI6yx66uKQdcsti3jQYUb6VoT4OOg
zASkRO3EEEm9fKigiSeETCMEL11eAwgG6dzRgw7NUOf4YnzqTn4hOqZNqZVn8qK8
xr+tuGGQSkE1yiHn7PBitMS2LOWTYtc=
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:39:03 2025 by rpki-client