Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/t-dxnKDAi3BzVr1Hh81CgVItxg0.roa
File: t-dxnKDAi3BzVr1Hh81CgVItxg0.roa (raw, json)
Hash identifier: q4hci6Ou3Nigd1ldYc6pzeUy0lV4utnoxB+TMqGrNZM=
Subject key identifier: B7:E7:71:9C:A0:C0:8B:70:73:56:BD:47:87:CD:42:81:52:2D:C6:0D
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019422FB5FDB721DAABFAEE9DECD2A7B5F06
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/t-dxnKDAi3BzVr1Hh81CgVItxg0.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.181.20.0/24 maxlen: 32
5.181.21.0/24 maxlen: 32
5.181.22.0/24 maxlen: 32
5.181.23.0/24 maxlen: 32
45.14.244.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.246.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.91.52.0/22 maxlen: 32
45.140.146.0/24 maxlen: 32
45.140.147.0/24 maxlen: 32
45.140.166.0/24 maxlen: 32
45.140.167.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.29.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.150.64.0/24 maxlen: 32
45.150.65.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.155.52.0/22 maxlen: 32
91.194.11.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.184.0/24 maxlen: 24
146.19.230.0/24 maxlen: 24
185.74.222.0/24 maxlen: 24
185.234.247.0/24 maxlen: 32
195.16.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 23:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:db:72:1d:aa:bf:ae:e9:de:cd:2a:7b:5f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7e7719ca0c08b707356bd4787cd4281522dc60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:24:b7:89:60:29:ff:c5:f2:56:f0:07:3e:
ce:85:22:0b:a3:d9:2b:09:04:8b:96:9f:70:9a:f6:
f4:98:b2:39:a1:b0:10:5d:9c:85:b9:24:09:52:f5:
5b:51:f7:c1:7f:2b:3b:eb:1b:b6:fc:a3:f6:d6:3f:
d1:25:0b:45:19:ee:22:b7:43:4b:96:27:18:fa:1c:
6e:0f:08:90:2d:34:3d:fa:cf:5f:29:ea:31:08:cf:
d2:02:21:3d:cf:9c:de:2e:f1:9d:c8:1c:b6:91:f1:
ea:49:22:ba:3a:a5:58:04:0f:20:f6:93:56:3e:39:
ad:a1:f9:30:9f:cf:99:cd:84:5d:27:6a:d7:15:5d:
b6:ea:fa:6e:2c:2c:f6:f7:46:79:91:a2:85:13:5c:
7b:b5:4a:57:82:4c:03:a3:24:0c:9e:ac:45:05:fb:
a4:09:81:73:2e:8c:fa:87:57:91:b9:9d:7a:b6:ba:
26:c1:66:79:70:12:1e:a1:ab:6e:83:fe:1d:69:13:
dd:18:82:4a:15:2c:a3:24:13:36:53:66:dc:94:67:
9e:ba:ad:fd:7e:c6:95:2d:96:30:4f:e5:80:a1:e4:
0f:65:16:ca:e4:43:d6:36:75:08:7c:b4:91:df:36:
9d:8f:d3:fd:3d:86:91:1d:99:df:94:73:17:2e:20:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E7:71:9C:A0:C0:8B:70:73:56:BD:47:87:CD:42:81:52:2D:C6:0D
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/t-dxnKDAi3BzVr1Hh81CgVItxg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.91.52.0/22
45.140.146.0/23
45.140.166.0/23
45.144.28.0/22
45.150.64.0/23
45.150.67.0/24
45.155.52.0/22
91.194.11.0/24
138.124.180.0/24
138.124.183.0-138.124.184.255
146.19.230.0/24
185.74.222.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
da:f9:85:9b:2c:1d:b9:2e:da:00:c1:57:fc:0b:84:e2:46:0a:
f1:76:58:c9:d1:b2:ca:25:e2:e2:6a:59:db:9b:2c:8e:25:4a:
5c:a3:08:54:42:ef:cf:0d:03:7b:cd:dc:bc:e9:cc:e2:4d:fe:
b1:8c:32:70:07:8a:80:1c:4c:fe:66:a2:af:86:ab:9e:9d:b7:
33:4d:18:36:4d:1c:97:36:c0:e3:a3:54:06:8e:b4:98:e0:6a:
c9:48:f3:3d:2c:dc:ba:b3:3e:ed:3f:fa:c9:09:2b:bd:e5:07:
8b:da:e1:1f:6d:5c:5f:49:6c:ba:18:a9:2b:91:0a:45:98:8d:
e5:cd:fa:b2:51:53:59:45:c5:b1:15:d7:48:65:9b:88:cb:88:
a3:ab:8f:26:4e:1f:22:57:a5:21:21:1f:26:b6:ce:59:1a:d1:
e7:62:83:ab:08:69:5c:dc:b3:ef:3b:29:cc:89:8b:2d:7d:50:
12:45:d7:78:28:9e:3d:bf:05:12:19:e7:bb:9e:2d:2c:ac:53:
be:7d:71:c1:3e:57:7e:55:5e:0c:d2:b7:7f:a2:24:3c:93:87:
44:75:06:43:9f:5b:9e:ba:8d:78:31:70:a7:07:0e:83:88:9a:
72:96:e0:12:46:31:bb:75:fd:e5:75:e9:f2:e0:90:01:bc:90:
ea:02:eb:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZQi+1/bch2qv67p3s0qe18GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2U3NzE5Y2EwYzA4YjcwNzM1NmJkNDc4N2NkNDI4MTUyMmRjNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Ukt4lgKf/F8lbwBz7OhSILo9kr
CQSLlp9wmvb0mLI5obAQXZyFuSQJUvVbUffBfys76xu2/KP21j/RJQtFGe4it0NL
licY+hxuDwiQLTQ9+s9fKeoxCM/SAiE9z5zeLvGdyBy2kfHqSSK6OqVYBA8g9pNW
Pjmtofkwn8+ZzYRdJ2rXFV226vpuLCz290Z5kaKFE1x7tUpXgkwDoyQMnqxFBfuk
CYFzLoz6h1eRuZ16tromwWZ5cBIeoatug/4daRPdGIJKFSyjJBM2U2bclGeeuq39
fsaVLZYwT+WAoeQPZRbK5EPWNnUIfLSR3zadj9P9PYaRHZnflHMXLiATjwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFLfncZygwItwc1a9R4fNQoFSLcYNMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdC1keG5LREFpM0J6VnIxSGg4MUNnVkl0eGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAgW1FAME
Ai0O9AMEAi1bNAMEAS2MkgMEAS2MpgMEAi2QHAMEAS2WQAMEAC2WQwMEAi2bNAME
AFvCCwMEAIp8tDAMAwQAiny3AwQAiny4AwQAkhPmAwQAuUreAwQAuer3AwQAwxBK
MA0GCSqGSIb3DQEBCwUAA4IBAQDa+YWbLB25LtoAwVf8C4TiRgrxdljJ0bLKJeLi
alnbmyyOJUpcowhUQu/PDQN7zdy86cziTf6xjDJwB4qAHEz+ZqKvhquenbczTRg2
TRyXNsDjo1QGjrSY4GrJSPM9LNy6sz7tP/rJCSu95QeL2uEfbVxfSWy6GKkrkQpF
mI3lzfqyUVNZRcWxFddIZZuIy4ijq48mTh8iV6UhIR8mts5ZGtHnYoOrCGlc3LPv
OynMiYstfVASRdd4KJ49vwUSGee7ni0srFO+fXHBPld+VV4M0rd/oiQ8k4dEdQZD
n1ueuo14MXCnBw6DiJpyluASRjG7df3ldeny4JABvJDqAutR
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:25:47 2025 by rpki-client