Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9hiQDLt4OOKwifMTdqZSDibuuyc.roa
File: 9hiQDLt4OOKwifMTdqZSDibuuyc.roa (raw, json)
Hash identifier: m0Jfko1gKBmtrwSrVL5qPBNf4Qn3rHGzsazYN/ebsYw=
Subject key identifier: F6:18:90:0C:BB:78:38:E2:B0:89:F3:13:76:A6:52:0E:26:EE:BB:27
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D708BEFB5ACBB22C36FCB4F3B18A3A
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9hiQDLt4OOKwifMTdqZSDibuuyc.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.43.66.0/24 maxlen: 24
87.239.249.0/24 maxlen: 24
87.239.252.0/24 maxlen: 24
107.181.134.0/24 maxlen: 24
107.181.147.0/24 maxlen: 24
107.181.151.0/24 maxlen: 24
107.181.155.0/24 maxlen: 24
198.105.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 17:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:08:be:fb:5a:cb:b2:2c:36:fc:b4:f3:b1:8a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f618900cbb7838e2b089f31376a6520e26eebb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:c6:1b:4c:1f:ba:55:7a:20:95:70:63:2c:
59:07:07:ab:e6:d2:e8:ae:19:04:23:b5:ed:bb:64:
24:29:6d:18:50:f0:f6:2b:e9:a6:7a:38:8c:49:b9:
3f:fa:74:2a:71:5d:5b:10:b8:16:e0:6d:d2:91:c7:
02:c3:69:e5:90:fd:ea:0f:6a:a8:36:fc:aa:71:06:
c3:f8:d7:87:1a:bc:69:86:71:a3:29:7b:d3:a5:d2:
2f:57:1e:5e:c8:00:62:f2:22:7b:3a:55:b1:62:f0:
50:28:5c:13:49:84:85:29:6a:3f:ac:0d:e6:b3:d5:
05:06:ea:f9:45:08:63:3a:3e:2c:4d:d0:60:4d:be:
94:cf:e9:9d:5a:c2:55:6c:3b:ab:0e:4a:08:bc:4a:
f6:6b:c4:b9:72:fe:48:d6:94:93:68:c1:0e:7e:cf:
b2:56:60:03:5b:06:1b:d5:26:a2:e3:da:24:47:38:
26:be:d0:b2:40:0d:4d:67:6f:63:6b:b9:6f:65:89:
3c:d9:4d:b4:8b:eb:59:38:71:71:00:62:5e:e2:49:
de:6b:73:22:8f:92:69:d6:b0:63:83:a7:90:22:fe:
4f:7d:13:fb:41:73:01:c5:74:da:0d:c0:b5:67:63:
8a:8a:ef:a1:52:1c:68:3e:52:14:04:c3:af:27:4a:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:18:90:0C:BB:78:38:E2:B0:89:F3:13:76:A6:52:0E:26:EE:BB:27
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9hiQDLt4OOKwifMTdqZSDibuuyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.66.0/24
87.239.249.0/24
87.239.252.0/24
107.181.134.0/24
107.181.147.0/24
107.181.151.0/24
107.181.155.0/24
198.105.118.0/24
Signature Algorithm: sha256WithRSAEncryption
29:30:52:0d:d3:8b:4b:09:da:8d:25:1f:13:4d:8e:35:36:6a:
da:38:4f:31:55:57:a5:6a:a9:d1:c3:23:97:cb:26:13:e5:ec:
cf:8e:b6:eb:db:42:dc:73:71:3d:fa:38:ad:eb:8f:3e:42:08:
8f:fb:13:6c:39:a6:ba:47:5c:8c:5f:8b:6c:a3:5f:4e:cc:41:
e4:52:5c:74:fb:de:df:34:2e:5d:b1:8a:70:13:7c:07:b0:f9:
c6:91:6c:f9:f1:e5:e4:d4:83:9d:ad:a7:02:37:bb:c1:72:1a:
de:c0:b9:92:4c:27:1b:f9:1c:a2:fc:c8:22:07:da:03:af:d7:
59:2b:a3:b4:d7:ad:50:b3:a7:89:13:90:c2:75:f0:b3:fb:c2:
31:00:aa:95:0a:73:bb:0b:63:df:54:ef:53:ea:d1:a5:d4:5d:
e4:62:40:44:7c:d9:9a:a7:86:49:8b:36:c0:da:88:e0:29:8e:
bd:96:e0:2c:1e:02:82:07:03:83:6c:7e:57:77:3c:ab:f5:ae:
e4:c2:59:04:31:d5:b2:85:a6:01:ed:ec:93:fc:6d:d3:88:7e:
c5:16:ee:19:5c:56:4b:d4:b4:85:1e:71:d5:8e:0e:9c:48:1e:
59:fb:71:c7:04:aa:4e:20:52:89:36:82:a2:55:ea:9b:0b:5e:
e1:79:ec:4f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1wi++1rLsiw2/LTzsYo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE4OTAwY2JiNzgzOGUyYjA4OWYzMTM3NmE2NTIwZTI2ZWViYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC7GG0wfulV6IJVwYyxZBwer5tLo
rhkEI7Xtu2QkKW0YUPD2K+mmejiMSbk/+nQqcV1bELgW4G3SkccCw2nlkP3qD2qo
NvyqcQbD+NeHGrxphnGjKXvTpdIvVx5eyABi8iJ7OlWxYvBQKFwTSYSFKWo/rA3m
s9UFBur5RQhjOj4sTdBgTb6Uz+mdWsJVbDurDkoIvEr2a8S5cv5I1pSTaMEOfs+y
VmADWwYb1Sai49okRzgmvtCyQA1NZ29ja7lvZYk82U20i+tZOHFxAGJe4knea3Mi
j5Jp1rBjg6eQIv5PfRP7QXMBxXTaDcC1Z2OKiu+hUhxoPlIUBMOvJ0p6FQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPYYkAy7eDjisInzE3amUg4m7rsnMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvOWhpUURMdDRPT0t3aWZNVGRxWlNEaWJ1dXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALStCAwQA
V+/5AwQAV+/8AwQAa7WGAwQAa7WTAwQAa7WXAwQAa7WbAwQAxml2MA0GCSqGSIb3
DQEBCwUAA4IBAQApMFIN04tLCdqNJR8TTY41NmraOE8xVVelaqnRwyOXyyYT5ezP
jrbr20Lcc3E9+jit648+QgiP+xNsOaa6R1yMX4tso19OzEHkUlx0+97fNC5dsYpw
E3wHsPnGkWz58eXk1IOdracCN7vBchrewLmSTCcb+Ryi/MgiB9oDr9dZK6O0161Q
s6eJE5DCdfCz+8IxAKqVCnO7C2PfVO9T6tGl1F3kYkBEfNmap4ZJizbA2ojgKY69
luAsHgKCBwODbH5Xdzyr9a7kwlkEMdWyhaYB7eyT/G3TiH7FFu4ZXFZL1LSFHnHV
jg6cSB5Z+3HHBKpOIFKJNoKiVeqbC17heexP
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:46:07 2025 by rpki-client