Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ur17AbTy_i3mIB-j9UcamUHsTJg.roa
File: Ur17AbTy_i3mIB-j9UcamUHsTJg.roa (raw, json)
Hash identifier: iv8AFfh20N2/+2cVLJJyT7KkgfLhGXT0vIk5eZ/RoWI=
Subject key identifier: 52:BD:7B:01:B4:F2:FE:2D:E6:20:1F:A3:F5:47:1A:99:41:EC:4C:98
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01946A1A76B974354787DB8AB2EF9F1B1D03
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ur17AbTy_i3mIB-j9UcamUHsTJg.roa
Signing time: Wed 15 Jan 2025 13:15:06 +0000
ROA not before: Wed 15 Jan 2025 13:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:1a:76:b9:74:35:47:87:db:8a:b2:ef:9f:1b:1d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 15 13:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52bd7b01b4f2fe2de6201fa3f5471a9941ec4c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:09:f0:6f:3f:5c:b9:d8:69:92:19:0d:de:34:
54:4c:98:19:2c:c2:ae:be:8f:04:a6:2c:eb:47:00:
3d:99:dc:79:c6:12:23:c0:17:fa:62:9d:3b:25:ff:
f5:6b:48:b4:b3:9b:56:3c:60:e6:6b:9a:0f:b9:5b:
65:b9:06:67:a7:ee:43:18:24:b6:07:f2:d8:55:2b:
9a:ad:57:84:aa:71:13:73:f0:2b:a1:4c:01:13:1c:
66:43:06:8d:5d:b0:8f:a9:98:35:40:04:2f:f7:4f:
82:56:7a:93:11:41:1d:60:59:27:d6:c0:e2:bb:0d:
10:af:b7:c1:cd:e2:ba:7f:5d:dc:7a:57:3d:f5:5b:
2a:53:1b:1e:26:32:bd:70:60:0e:ef:f6:a5:9c:14:
63:7e:e7:70:e6:02:fe:2a:0a:2b:77:ec:da:c8:f5:
0e:3e:f6:ee:ae:66:6a:65:08:2e:64:4e:6c:f6:cc:
82:84:63:e1:1b:ab:d2:f0:c4:d9:ac:fc:10:9b:93:
15:5b:1c:31:c6:da:e5:43:f8:e2:10:ec:0d:a1:ad:
5a:e1:d7:55:80:5b:ba:b0:57:5d:75:0f:22:f6:af:
d3:26:42:ca:09:3b:e0:80:a4:1f:4a:d7:a4:c0:fb:
ef:7c:10:23:e5:fe:ad:49:ff:93:88:89:7a:f3:20:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BD:7B:01:B4:F2:FE:2D:E6:20:1F:A3:F5:47:1A:99:41:EC:4C:98
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ur17AbTy_i3mIB-j9UcamUHsTJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
185.117.20.0/22
185.211.48.0-185.211.50.255
Signature Algorithm: sha256WithRSAEncryption
cb:50:3c:14:af:c2:e9:94:4c:78:e5:77:51:6a:04:99:54:46:
84:8d:85:f7:b7:0f:84:16:50:6d:dc:89:5e:00:dc:48:8b:0b:
27:6e:07:9e:b9:78:cb:2e:0d:c8:33:77:0a:a9:e3:5c:c7:4a:
35:15:25:a5:e5:45:3e:31:5f:9e:30:13:86:7a:ba:e5:dc:00:
2f:fd:0a:7c:f0:bb:3e:ed:71:fe:25:ad:26:2a:8b:df:ce:8c:
e5:94:3c:ca:44:5e:37:74:e5:9c:67:35:d9:7f:62:65:6e:aa:
b4:46:7d:10:8f:7a:52:85:b9:55:d1:7b:a0:5a:d6:e0:9c:25:
e9:eb:03:ec:ec:d1:b4:04:55:b0:11:b9:d0:6e:09:22:74:04:
05:6e:1e:2a:cf:2c:8c:3e:88:09:24:7e:30:b3:11:68:e7:29:
47:b1:05:f9:8a:d3:0d:f7:f6:43:43:fc:fa:f6:85:fd:da:ae:
0e:e5:21:a8:33:26:9e:f6:3f:ed:99:6f:6e:28:f3:2c:ac:94:
e1:f0:30:c1:67:51:64:a3:d5:42:58:47:5c:cb:1f:7d:e5:8d:
63:94:79:e6:82:fb:54:c9:74:4e:1e:0d:24:8b:0b:1b:31:fa:
29:fa:ea:df:d3:d9:48:33:cc:34:07:1d:d1:42:be:3d:e0:2a:
e6:a8:b1:45
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZRqGna5dDVHh9uKsu+fGx0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE1MTMxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJkN2IwMWI0ZjJmZTJkZTYyMDFmYTNmNTQ3MWE5OTQxZWM0Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgnwbz9cudhpkhkN3jRUTJgZLMKu
vo8EpizrRwA9mdx5xhIjwBf6Yp07Jf/1a0i0s5tWPGDma5oPuVtluQZnp+5DGCS2
B/LYVSuarVeEqnETc/AroUwBExxmQwaNXbCPqZg1QAQv90+CVnqTEUEdYFkn1sDi
uw0Qr7fBzeK6f13celc99VsqUxseJjK9cGAO7/alnBRjfudw5gL+Kgord+zayPUO
PvburmZqZQguZE5s9syChGPhG6vS8MTZrPwQm5MVWxwxxtrlQ/jiEOwNoa1a4ddV
gFu6sFdddQ8i9q/TJkLKCTvggKQfStekwPvvfBAj5f6tSf+TiIl68yBtfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFK9ewG08v4t5iAfo/VHGplB7EyYMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvVXIxN0FiVHlfaTNtSUItajlVY2FtVUhzVEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLYgAAwQC
uXUUMAwDBAS50zADBAC50zIwDQYJKoZIhvcNAQELBQADggEBAMtQPBSvwumUTHjl
d1FqBJlURoSNhfe3D4QWUG3ciV4A3EiLCyduB565eMsuDcgzdwqp41zHSjUVJaXl
RT4xX54wE4Z6uuXcAC/9Cnzwuz7tcf4lrSYqi9/OjOWUPMpEXjd05ZxnNdl/YmVu
qrRGfRCPelKFuVXRe6Ba1uCcJenrA+zs0bQEVbARudBuCSJ0BAVuHirPLIw+iAkk
fjCzEWjnKUexBfmK0w339kND/Pr2hf3arg7lIagzJp72P+2Zb24o8yyslOHwMMFn
UWSj1UJYR1zLH33ljWOUeeaC+1TJdE4eDSSLCxsx+in66t/T2UgzzDQHHdFCvj3g
KuaosUU=
-----END CERTIFICATE-----
Generated at Wed May 7 21:20:03 2025 by rpki-client