Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/ageS2xTtHpH51P-cCdRa5QGNqCQ.roa
File: ageS2xTtHpH51P-cCdRa5QGNqCQ.roa (raw, json)
Hash identifier: exVYUA9oAaJ8UOuwjLRH2lLxXudyYyCkzi9qfXBlx5g=
Subject key identifier: 6A:07:92:DB:14:ED:1E:91:F9:D4:FF:9C:09:D4:5A:E5:01:8D:A8:24
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 01941C300DDF0264A24E4B24D206CE035598
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/ageS2xTtHpH51P-cCdRa5QGNqCQ.roa
Signing time: Tue 31 Dec 2024 10:08:18 +0000
ROA not before: Tue 31 Dec 2024 10:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56798
IP address blocks: 45.66.220.0/22 maxlen: 22
45.86.36.0/24 maxlen: 24
91.200.144.0/24 maxlen: 24
91.207.207.0/24 maxlen: 24
185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
2a0f:9180:1::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
2a10:d440:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:30:0d:df:02:64:a2:4e:4b:24:d2:06:ce:03:55:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Dec 31 10:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a0792db14ed1e91f9d4ff9c09d45ae5018da824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:8d:d9:24:25:01:29:b0:9b:ff:de:3e:8c:
f3:9e:44:5a:c1:aa:36:bd:3e:a2:b8:dc:21:37:f3:
42:7e:e3:60:21:57:b8:f3:af:81:20:41:ad:92:12:
1f:09:7d:3d:a9:29:79:95:6d:a4:37:9d:fb:2b:85:
4d:a1:21:1c:7d:5b:72:10:96:39:7b:15:e3:f9:c8:
9b:76:73:9a:92:b6:3c:ae:2a:d6:1c:f7:0a:0f:f1:
07:61:5b:ec:04:a8:9a:6e:f3:43:5e:73:ca:1c:a4:
ad:59:48:1f:4e:26:d7:ae:e0:ec:3b:f4:a6:43:5f:
3f:da:4e:04:b5:34:06:7e:6e:db:4c:65:db:bf:54:
84:40:7e:5a:a3:6b:9a:e6:f4:af:c8:aa:9c:c3:2b:
ba:54:53:fb:ff:88:73:6c:b5:ee:39:c0:0f:16:77:
a0:c9:09:20:50:3e:81:43:3e:6b:fc:e5:bb:b0:66:
21:e5:07:b4:11:f7:3b:48:e6:0e:18:aa:4d:b9:2d:
40:9c:5b:38:ef:c6:20:4e:1e:ca:bb:52:46:b5:eb:
4a:57:99:69:85:c0:09:0b:ce:37:7f:44:54:b7:1d:
7a:9b:b2:34:b3:a5:1a:cf:a9:a3:74:06:da:5f:9f:
2c:d0:38:4d:77:9d:a2:de:0d:4c:7e:c2:b7:65:6a:
5d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:07:92:DB:14:ED:1E:91:F9:D4:FF:9C:09:D4:5A:E5:01:8D:A8:24
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/ageS2xTtHpH51P-cCdRa5QGNqCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
45.86.36.0/24
91.200.144.0/24
91.207.207.0/24
185.34.102.0/24
185.54.7.0/24
193.17.33.0/24
IPv6:
2a0f:9180::/29
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:9d:48:18:15:14:89:3b:02:15:6c:04:f9:3c:2e:21:a1:fd:
0b:45:42:ef:12:1f:f0:3b:39:f8:31:88:69:f6:02:83:34:1a:
d0:b1:83:02:0d:0f:b9:f8:e1:b0:21:df:2e:a6:de:b9:f2:b3:
a0:14:92:bb:3e:34:1d:e9:47:81:09:50:99:a0:cf:fc:42:73:
b2:e5:ef:47:71:df:85:03:d0:b3:36:db:f4:cb:fc:2a:74:e7:
11:b1:de:62:d7:18:5e:b1:15:74:65:b0:22:a2:b9:5b:be:79:
d2:c0:3e:d4:08:27:c3:28:f1:57:3e:9a:80:45:c6:e3:f2:65:
79:44:f3:47:f9:4f:37:99:50:0c:ad:5c:db:84:ec:34:59:92:
12:63:07:de:6e:b9:8f:13:15:18:2e:b4:70:16:26:22:9c:c7:
1a:b5:7d:9f:a0:d1:40:ad:c6:1b:dc:ec:69:08:0b:d7:72:cc:
e1:52:4b:fc:d7:95:55:e2:63:46:73:9c:e7:47:cd:5d:3a:64:
d1:4c:bd:4b:44:03:ac:6f:75:42:5d:1d:15:f6:8e:d8:a2:4b:
2c:27:c5:52:9d:0d:b6:56:cd:c8:51:92:b8:54:e6:84:16:b4:
2b:64:05:b5:62:a8:5b:5a:30:95:a3:e0:20:a6:ac:14:51:45:
a9:25:75:77
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQcMA3fAmSiTksk0gbOA1WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQxMjMxMTAwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA3OTJkYjE0ZWQxZTkxZjlkNGZmOWMwOWQ0NWFlNTAxOGRhODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWmN2SQlASmwm//ePozznkRawao2
vT6iuNwhN/NCfuNgIVe486+BIEGtkhIfCX09qSl5lW2kN537K4VNoSEcfVtyEJY5
exXj+cibdnOakrY8rirWHPcKD/EHYVvsBKiabvNDXnPKHKStWUgfTibXruDsO/Sm
Q18/2k4EtTQGfm7bTGXbv1SEQH5ao2ua5vSvyKqcwyu6VFP7/4hzbLXuOcAPFneg
yQkgUD6BQz5r/OW7sGYh5Qe0Efc7SOYOGKpNuS1AnFs478YgTh7Ku1JGtetKV5lp
hcAJC843f0RUtx16m7I0s6Uaz6mjdAbaX58s0DhNd52i3g1MfsK3ZWpdbQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFGoHktsU7R6R+dT/nAnUWuUBjagkMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvYWdlUzJ4VHRIcEg1MVAtY0NkUmE1UUdOcUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQCLULcAwQA
LVYkAwQAW8iQAwQAW8/PAwQAuSJmAwQAuTYHAwQAwREhMCEEAgACMBsDBQMqD5GA
MBIDBwAqENRAAAEDBwAqENRAAAIwDQYJKoZIhvcNAQELBQADggEBAB6dSBgVFIk7
AhVsBPk8LiGh/QtFQu8SH/A7OfgxiGn2AoM0GtCxgwIND7n44bAh3y6m3rnys6AU
krs+NB3pR4EJUJmgz/xCc7Ll70dx34UD0LM22/TL/Cp05xGx3mLXGF6xFXRlsCKi
uVu+edLAPtQIJ8Mo8Vc+moBFxuPyZXlE80f5TzeZUAytXNuE7DRZkhJjB95uuY8T
FRgutHAWJiKcxxq1fZ+g0UCtxhvc7GkIC9dyzOFSS/zXlVXiY0ZznOdHzV06ZNFM
vUtEA6xvdUJdHRX2jtiiSywnxVKdDbZWzchRkrhU5oQWtCtkBbViqFtaMJWj4CCm
rBRRRakldXc=
-----END CERTIFICATE-----
Generated at Wed May 14 04:19:13 2025 by rpki-client