Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Pp1aFHW5mnAwvpU_6EOJX8Nx-h4.roa
File: Pp1aFHW5mnAwvpU_6EOJX8Nx-h4.roa (raw, json)
Hash identifier: /Laq1tTW6tCNcTm2JV4dgaVK4Hz0MJ16RhWacEQsBUY=
Subject key identifier: 3E:9D:5A:14:75:B9:9A:70:30:BE:95:3F:E8:43:89:5F:C3:71:FA:1E
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA37B4F1DCC459F5783F3ADBEAC0DA
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Pp1aFHW5mnAwvpU_6EOJX8Nx-h4.roa
Signing time: Sun 06 Jul 2025 22:27:44 +0000
ROA not before: Sun 06 Jul 2025 22:27:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:37:b4:f1:dc:c4:59:f5:78:3f:3a:db:ea:c0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e9d5a1475b99a7030be953fe843895fc371fa1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:77:6d:af:06:b8:71:10:fa:13:35:d6:97:
11:c3:4f:54:04:a1:84:f8:07:0a:38:6b:8d:42:9a:
95:cf:4e:bd:71:95:9e:f1:95:9d:e6:cc:f0:07:a4:
5d:2a:2c:a2:aa:e3:23:a0:19:2c:cb:e8:72:c6:58:
7b:7e:12:d3:d7:0a:10:97:9e:47:b1:6d:d6:4e:e0:
d3:87:ea:72:cd:ce:aa:5b:c2:00:ce:cb:90:36:29:
db:1f:cb:34:4c:13:22:fb:d4:98:eb:f1:b9:45:17:
04:12:af:9c:76:00:70:72:35:41:72:b2:cb:f4:63:
64:fa:20:54:da:08:db:c6:be:05:67:95:fb:ef:c0:
16:30:4e:aa:88:fa:5d:0f:37:c5:86:8c:16:01:2e:
ec:27:a8:47:a7:09:9a:24:2d:9e:81:50:6a:d8:a9:
f7:a1:1b:f5:db:d8:97:41:8b:e4:cf:0d:9a:20:91:
2f:52:8a:c5:f5:d6:2f:2b:11:54:18:59:85:c1:37:
d0:96:3b:0b:1d:5b:b6:3a:10:01:3f:0f:79:8b:8b:
53:39:e1:69:f2:f4:0f:92:92:02:58:2e:5d:3f:58:
50:67:6d:07:c5:11:16:ff:90:2d:31:c3:63:70:24:
cf:b0:5e:8c:45:1d:00:1c:46:33:5e:79:01:77:48:
b7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9D:5A:14:75:B9:9A:70:30:BE:95:3F:E8:43:89:5F:C3:71:FA:1E
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Pp1aFHW5mnAwvpU_6EOJX8Nx-h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
193.109.78.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:9b:84:91:5b:da:36:f5:38:50:4c:80:7f:2c:a1:a6:6f:ad:
68:71:5a:ec:6e:f2:48:83:e4:50:76:61:f4:8f:75:15:19:4c:
14:7a:c8:a8:e0:51:c1:1f:74:20:83:19:69:c1:79:e2:59:cc:
a2:05:d3:46:15:d4:3f:b1:56:e1:f4:00:1c:5f:ab:70:4d:d4:
0f:6d:c7:e8:39:3c:dc:82:9a:77:29:3c:8f:3c:c4:6c:0d:7d:
c6:a4:f4:8f:dc:05:61:64:ed:64:b4:01:b0:f9:69:d7:6a:49:
79:e4:c9:de:0b:63:8b:8c:99:73:3a:0f:53:9d:cf:11:cf:2b:
e4:27:3a:6a:15:94:c9:38:59:d5:37:39:85:31:34:18:bb:0f:
4a:22:15:db:d3:99:e5:ae:b2:e8:00:49:a6:77:9c:1a:b7:6f:
35:3a:5a:20:c0:64:d7:d2:77:5f:ec:99:4c:b2:11:37:24:0c:
ac:23:e1:8f:37:f1:3b:7a:83:99:5b:e5:17:d2:f2:59:2c:a2:
5c:8e:ed:e2:8d:13:e7:c6:90:ee:d2:7b:77:4b:81:1d:78:3b:
8a:18:97:64:bd:98:66:29:6f:4b:b8:7f:5f:ee:19:1b:f2:ee:
58:9a:c1:32:8b:ce:38:f3:cd:9f:0e:ab:67:35:fd:cb:97:c7:
89:db:65:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfh2je08dzEWfV4Pzrb6sDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTlkNWExNDc1Yjk5YTcwMzBiZTk1M2ZlODQzODk1ZmMzNzFmYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi13ba8GuHEQ+hM11pcRw09UBKGE
+AcKOGuNQpqVz069cZWe8ZWd5szwB6RdKiyiquMjoBksy+hyxlh7fhLT1woQl55H
sW3WTuDTh+pyzc6qW8IAzsuQNinbH8s0TBMi+9SY6/G5RRcEEq+cdgBwcjVBcrLL
9GNk+iBU2gjbxr4FZ5X778AWME6qiPpdDzfFhowWAS7sJ6hHpwmaJC2egVBq2Kn3
oRv129iXQYvkzw2aIJEvUorF9dYvKxFUGFmFwTfQljsLHVu2OhABPw95i4tTOeFp
8vQPkpICWC5dP1hQZ20HxREW/5AtMcNjcCTPsF6MRR0AHEYzXnkBd0i39wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6dWhR1uZpwML6VP+hDiV/DcfoeMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvUHAxYUZIVzVtbkF3dnBVXzZFT0pYOE54LWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZBAAwQA
LhFoAwQAW9lRAwQBwW1OMA0GCSqGSIb3DQEBCwUAA4IBAQA/m4SRW9o29ThQTIB/
LKGmb61ocVrsbvJIg+RQdmH0j3UVGUwUesio4FHBH3QggxlpwXniWcyiBdNGFdQ/
sVbh9AAcX6twTdQPbcfoOTzcgpp3KTyPPMRsDX3GpPSP3AVhZO1ktAGw+WnXakl5
5MneC2OLjJlzOg9Tnc8RzyvkJzpqFZTJOFnVNzmFMTQYuw9KIhXb05nlrrLoAEmm
d5wat281OlogwGTX0ndf7JlMshE3JAysI+GPN/E7eoOZW+UX0vJZLKJcju3ijRPn
xpDu0nt3S4EdeDuKGJdkvZhmKW9LuH9f7hkb8u5YmsEyi844882fDqtnNf3Ll8eJ
22Ux
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:21:24 2025 by rpki-client