Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/SuTxKajtRpy2HANDzCL9GrJcxnE.roa
File: SuTxKajtRpy2HANDzCL9GrJcxnE.roa (raw, json)
Hash identifier: aJ9iz8tty+lZF2Y5SjxY6oi37oa4CjBGwYXDSEperhU=
Subject key identifier: 4A:E4:F1:29:A8:ED:46:9C:B6:1C:03:43:CC:22:FD:1A:B2:5C:C6:71
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 01954DEAABC2C4E889731BB238477011B12C
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/SuTxKajtRpy2HANDzCL9GrJcxnE.roa
Signing time: Fri 28 Feb 2025 18:56:19 +0000
ROA not before: Fri 28 Feb 2025 18:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203847
IP address blocks: 45.142.15.0/24 maxlen: 24
62.112.200.0/22 maxlen: 22
77.83.132.0/22 maxlen: 22
89.222.64.0/20 maxlen: 20
178.210.240.0/21 maxlen: 21
185.122.44.0/24 maxlen: 24
185.122.45.0/24 maxlen: 24
185.122.46.0/24 maxlen: 24
185.122.47.0/24 maxlen: 24
185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
2a01:57e0:1::/48 maxlen: 48
2a01:57e0:200::/39 maxlen: 39
2a01:57e0:400::/39 maxlen: 39
2a01:57e0:600::/39 maxlen: 39
2a01:57e0:800::/37 maxlen: 37
Validation: Failed, certificate revoked on Wed 05 Mar 2025 15:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:ea:ab:c2:c4:e8:89:73:1b:b2:38:47:70:11:b1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Feb 28 18:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae4f129a8ed469cb61c0343cc22fd1ab25cc671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:96:69:6f:6c:57:53:e2:b4:5f:bd:c2:e0:
7d:a6:28:aa:fd:d4:b0:5c:cb:ac:19:bb:05:9f:19:
dc:09:88:48:80:6c:50:83:61:8d:a6:e9:27:3a:70:
15:76:19:b0:f0:40:09:5f:64:2d:74:72:02:cc:1c:
12:b5:ad:d4:d3:62:64:50:3e:16:d7:8f:41:bc:21:
b2:85:3a:5c:2a:1a:d8:db:2b:83:b4:8e:5f:63:d3:
f7:7c:c5:ac:fa:ce:25:e1:f8:f9:67:1f:90:dd:ef:
0e:b4:9d:17:b0:75:d0:6a:23:36:48:e4:a4:ba:39:
88:a8:db:f2:f9:9b:c2:ce:97:69:06:fd:0f:14:04:
14:ac:eb:e6:77:a4:c2:0d:63:ef:6d:82:3f:f3:92:
ac:62:7e:ce:d8:6a:82:e9:d9:90:75:02:af:5a:a3:
df:ce:60:e4:a5:a4:34:a8:1e:a2:b8:05:7c:13:a9:
da:28:d1:3f:98:0a:7a:04:dd:8d:c2:30:e4:1e:e9:
c1:ab:e5:90:0c:b6:b0:f2:c1:11:60:ce:43:45:ed:
a2:ac:e7:d8:80:30:33:8b:4c:07:8f:d2:c6:dd:c0:
94:9d:09:17:d6:f4:09:8b:0a:6f:df:92:ca:7a:0d:
c0:00:69:93:20:c9:cb:4b:98:11:12:31:c3:f3:19:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E4:F1:29:A8:ED:46:9C:B6:1C:03:43:CC:22:FD:1A:B2:5C:C6:71
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/SuTxKajtRpy2HANDzCL9GrJcxnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
62.112.200.0/22
77.83.132.0/22
89.222.64.0/20
178.210.240.0/21
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0:1::/48
2a01:57e0:200::-2a01:57e0:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4b:c2:d1:01:30:7c:ba:93:cb:75:93:eb:6b:c0:ca:c7:7c:5c:
01:b0:b7:d6:c4:56:a2:7c:dc:72:b9:5d:84:0b:87:50:a9:87:
65:a5:ce:3b:b0:7d:a2:79:7f:c5:bd:96:d2:b1:65:9b:02:8d:
39:67:69:f2:cf:91:d4:b3:73:e5:6c:21:99:15:c3:2d:d9:49:
8c:a9:7f:32:b9:08:28:5b:df:24:16:1b:a1:6e:89:17:2c:4d:
af:82:bc:f1:cc:94:07:be:bb:9c:02:0b:72:fb:f0:95:94:60:
21:bf:0d:4d:f3:7b:26:ba:e0:f4:a7:93:ee:5f:a6:de:07:40:
f4:1a:7f:c6:13:cc:66:91:4a:27:54:d4:83:58:a7:1c:b3:46:
a5:58:34:68:5e:c0:13:34:c7:ce:95:68:54:ab:86:1f:44:02:
3b:a8:86:9a:dd:24:bb:ff:ea:16:bc:fa:7f:73:18:00:62:f7:
9c:b8:ce:5a:26:d8:cd:d8:fd:0a:77:2d:69:0f:d3:ec:0e:29:
cd:09:9b:a9:e9:8c:bf:ac:ec:a9:57:42:b5:90:ce:2b:27:46:
7a:60:8f:0c:96:58:4b:07:ac:f4:ab:86:b4:f9:77:79:52:db:
37:19:a4:ba:e9:ab:29:e5:93:e9:66:8e:7a:21:90:68:1b:cf:
77:8a:f8:86
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZVN6qvCxOiJcxuyOEdwEbEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMjI4MTg1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU0ZjEyOWE4ZWQ0NjljYjYxYzAzNDNjYzIyZmQxYWIyNWNjNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NyWaW9sV1PitF+9wuB9piiq/dSw
XMusGbsFnxncCYhIgGxQg2GNpuknOnAVdhmw8EAJX2QtdHICzBwSta3U02JkUD4W
149BvCGyhTpcKhrY2yuDtI5fY9P3fMWs+s4l4fj5Zx+Q3e8OtJ0XsHXQaiM2SOSk
ujmIqNvy+ZvCzpdpBv0PFAQUrOvmd6TCDWPvbYI/85KsYn7O2GqC6dmQdQKvWqPf
zmDkpaQ0qB6iuAV8E6naKNE/mAp6BN2NwjDkHunBq+WQDLaw8sERYM5DRe2irOfY
gDAzi0wHj9LG3cCUnQkX1vQJiwpv35LKeg3AAGmTIMnLS5gREjHD8xlYOQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFErk8Smo7UacthwDQ8wi/RqyXMZxMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvU3VUeEthanRScHkySEFORHpDTDlHckpjeG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA2BAIAATAwAwQALY4PAwQC
PnDIAwQCTVOEAwQEWd5AAwQDstLwAwQCuXosAwQBuc40AwQAwaKAMCEEAgACMBsD
BwAqAVfgAAEwEAMGASoBV+ACAwYEKgFX4AAwDQYJKoZIhvcNAQELBQADggEBAEvC
0QEwfLqTy3WT62vAysd8XAGwt9bEVqJ83HK5XYQLh1Cph2WlzjuwfaJ5f8W9ltKx
ZZsCjTlnafLPkdSzc+VsIZkVwy3ZSYypfzK5CChb3yQWG6FuiRcsTa+CvPHMlAe+
u5wCC3L78JWUYCG/DU3zeya64PSnk+5fpt4HQPQaf8YTzGaRSidU1INYpxyzRqVY
NGhewBM0x86VaFSrhh9EAjuohprdJLv/6ha8+n9zGABi95y4zlom2M3Y/Qp3LWkP
0+wOKc0Jm6npjL+s7KlXQrWQzisnRnpgjwyWWEsHrPSrhrT5d3lS2zcZpLrpqynl
k+lmjnohkGgbz3eK+IY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:54 2025 by rpki-client