Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/G4YqZ3ms6vzZNcACm7Mih8xbCCo.roa
File: G4YqZ3ms6vzZNcACm7Mih8xbCCo.roa (raw, json)
Hash identifier: 8TFcPyeX5UM2vkKHb0E0N4gkQ7scAplP3X1i79uqTQk=
Subject key identifier: 1B:86:2A:67:79:AC:EA:FC:D9:35:C0:02:9B:B3:22:87:CC:5B:08:2A
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018D1C1FF043E09384A0E5A05515842B4A72
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/G4YqZ3ms6vzZNcACm7Mih8xbCCo.roa
Signing time: Thu 18 Jan 2024 10:31:11 +0000
ROA not before: Thu 18 Jan 2024 10:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216279
IP address blocks: 45.83.200.0/22 maxlen: 22
45.83.200.0/24 maxlen: 24
185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
2a03:3a60:a22::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Jan 2024 23:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:1f:f0:43:e0:93:84:a0:e5:a0:55:15:84:2b:4a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 18 10:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b862a6779aceafcd935c0029bb32287cc5b082a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:fc:f6:a9:f9:45:c0:df:c0:2d:e1:0e:cc:
63:ea:73:a8:02:23:27:db:b5:27:d5:ea:7f:8d:cb:
8c:49:ec:39:13:76:e8:d9:cf:97:81:d5:dc:5c:23:
38:b7:bc:7d:4e:3d:92:9e:e3:dd:5f:40:57:d6:9b:
78:15:e1:60:9b:89:d8:96:b1:fe:a4:b0:43:c7:8c:
db:a8:a1:86:45:f6:a8:c7:88:8e:72:19:81:94:ce:
27:bc:41:87:15:b3:23:28:7d:7e:3c:3b:00:45:dc:
2c:26:45:0c:27:4d:fa:57:c1:79:f0:96:5d:19:5d:
6f:2d:30:d7:f5:97:c6:66:f0:4c:19:51:1d:45:c9:
f7:f4:51:d0:2c:0f:15:e1:1a:e5:b1:8b:11:b3:9c:
1e:8d:ea:12:91:69:92:3d:c9:15:29:b6:7d:88:9b:
11:c4:7c:df:74:ae:85:90:fe:cb:31:4a:8d:18:f0:
fd:d3:71:8c:c3:32:0f:62:81:7a:b2:a7:43:9a:7a:
57:69:0b:d2:4a:74:c5:39:72:70:3d:9f:90:e7:f0:
12:57:90:5d:6c:53:d5:68:f3:e4:2a:4d:39:91:6a:
24:28:ef:41:fe:d3:50:48:df:7e:11:2c:d0:a0:83:
f7:33:ac:f8:25:3f:25:08:49:7d:32:1e:ca:fa:15:
85:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:86:2A:67:79:AC:EA:FC:D9:35:C0:02:9B:B3:22:87:CC:5B:08:2A
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/G4YqZ3ms6vzZNcACm7Mih8xbCCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
00:1c:f3:10:62:b3:f7:19:50:bd:9d:13:f0:c3:82:76:bf:d2:
0a:25:ff:4a:ba:e6:46:68:e9:5b:dc:b2:54:05:55:fe:b2:8f:
cf:e0:9e:0a:fc:b8:69:2a:63:30:0f:12:9a:eb:fd:40:1a:ff:
a0:ec:f3:80:08:38:18:25:26:ec:b4:ff:1a:10:f8:85:4b:d2:
0c:39:f4:4e:24:83:e0:2d:99:97:61:4e:21:63:29:e9:53:14:
2d:54:10:51:47:35:47:8e:77:23:59:b0:b0:5f:88:c9:d4:97:
7b:48:62:5d:8f:a0:8d:37:98:bb:a1:c6:c3:9d:60:28:3d:39:
41:82:33:09:e6:14:6e:cb:d6:3d:61:c1:cd:e9:41:c9:40:28:
52:87:cc:35:48:31:7c:f2:9f:d3:ea:eb:10:3f:2c:04:22:23:
17:11:72:5f:b1:4e:10:9d:a1:6b:ab:04:bf:8e:b9:5e:41:14:
00:68:5b:02:b4:a7:3c:3c:63:7d:a9:17:57:c1:8f:d9:69:02:
e8:eb:12:a6:7e:c0:c2:ad:6b:73:a6:6a:c1:e2:1f:d4:60:89:
dc:43:9c:42:8e:1b:1d:ff:e6:79:16:f3:82:c7:7b:fc:6f:26:
f9:1a:60:f0:39:d3:7c:5d:c7:cc:2b:7a:dc:c6:89:0e:dc:94:
da:37:18:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY0cH/BD4JOEoOWgVRWEK0pyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwMTE4MTAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg2MmE2Nzc5YWNlYWZjZDkzNWMwMDI5YmIzMjI4N2NjNWIwODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0j89qn5RcDfwC3hDsxj6nOoAiMn
27Un1ep/jcuMSew5E3bo2c+XgdXcXCM4t7x9Tj2SnuPdX0BX1pt4FeFgm4nYlrH+
pLBDx4zbqKGGRfaox4iOchmBlM4nvEGHFbMjKH1+PDsARdwsJkUMJ036V8F58JZd
GV1vLTDX9ZfGZvBMGVEdRcn39FHQLA8V4RrlsYsRs5wejeoSkWmSPckVKbZ9iJsR
xHzfdK6FkP7LMUqNGPD903GMwzIPYoF6sqdDmnpXaQvSSnTFOXJwPZ+Q5/ASV5Bd
bFPVaPPkKk05kWokKO9B/tNQSN9+ESzQoIP3M6z4JT8lCEl9Mh7K+hWFbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBuGKmd5rOr82TXAApuzIofMWwgqMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvRzRZcVozbXM2dnpaTmNBQ203TWloOHhiQ0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVPIAwQC
uXKcAwQCueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQAAHPMQ
YrP3GVC9nRPww4J2v9IKJf9KuuZGaOlb3LJUBVX+so/P4J4K/LhpKmMwDxKa6/1A
Gv+g7POACDgYJSbstP8aEPiFS9IMOfROJIPgLZmXYU4hYynpUxQtVBBRRzVHjncj
WbCwX4jJ1Jd7SGJdj6CNN5i7ocbDnWAoPTlBgjMJ5hRuy9Y9YcHN6UHJQChSh8w1
SDF88p/T6usQPywEIiMXEXJfsU4QnaFrqwS/jrleQRQAaFsCtKc8PGN9qRdXwY/Z
aQLo6xKmfsDCrWtzpmrB4h/UYIncQ5xCjhsd/+Z5FvOCx3v8byb5GmDwOdN8XcfM
K3rcxokO3JTaNxgb
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:30:09 2025 by rpki-client