Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/MzTTXO7ncbInnmrfLDoMUaNQM0k.roa
File: MzTTXO7ncbInnmrfLDoMUaNQM0k.roa (raw, json)
Hash identifier: Amijikw4FQOUi9baN1ScBs4Zdrr2HPhoUdlHj8OoY4A=
Subject key identifier: 33:34:D3:5C:EE:E7:71:B2:27:9E:6A:DF:2C:3A:0C:51:A3:50:33:49
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0194D7B1E1DF039C9BEE1551E60DE9979D49
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/MzTTXO7ncbInnmrfLDoMUaNQM0k.roa
Signing time: Wed 05 Feb 2025 19:59:06 +0000
ROA not before: Wed 05 Feb 2025 19:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64080
IP address blocks: 45.43.64.0/24 maxlen: 24
45.43.65.0/24 maxlen: 24
45.43.67.0/24 maxlen: 24
45.43.68.0/22 maxlen: 24
45.43.80.0/22 maxlen: 24
45.43.84.0/23 maxlen: 24
45.43.87.0/24 maxlen: 24
45.43.93.0/24 maxlen: 24
45.43.94.0/24 maxlen: 24
45.43.95.0/24 maxlen: 24
87.239.253.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
94.177.5.0/24 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.132.0/23 maxlen: 24
107.181.140.0/22 maxlen: 24
107.181.148.0/23 maxlen: 24
107.181.150.0/24 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
107.181.154.0/24 maxlen: 24
113.20.157.0/24 maxlen: 24
113.20.158.0/24 maxlen: 24
155.254.32.0/24 maxlen: 24
155.254.33.0/24 maxlen: 24
155.254.34.0/24 maxlen: 24
155.254.36.0/22 maxlen: 24
155.254.48.0/23 maxlen: 24
155.254.61.0/24 maxlen: 24
162.220.246.0/23 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.110.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
198.105.119.0/24 maxlen: 24
198.105.121.0/24 maxlen: 24
198.105.122.0/24 maxlen: 24
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
2a05:9f46::/32 maxlen: 48
2a05:9f47::/32 maxlen: 48
2a07:9946::/32 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Feb 2025 17:09:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:b1:e1:df:03:9c:9b:ee:15:51:e6:0d:e9:97:9d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Feb 5 19:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3334d35ceee771b2279e6adf2c3a0c51a3503349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7b:f5:e7:9c:aa:ba:79:90:d9:57:fc:01:c6:
33:1d:f2:4b:0b:07:bc:8f:8d:b8:82:2e:1f:d9:3d:
17:35:f2:03:44:a9:b4:ea:b8:cd:c0:4e:5d:2a:25:
c8:19:20:77:57:c6:b2:da:30:26:a1:4a:66:5b:fb:
fa:52:02:59:ff:ea:58:89:22:2c:72:b8:ff:04:a0:
80:a0:6c:2e:81:c2:63:64:2a:b8:00:bb:a2:6c:aa:
4d:ab:65:70:80:94:dd:2c:92:c7:c5:1f:b8:16:4e:
ab:a2:b5:19:c0:33:25:5d:9b:c9:38:67:86:33:c1:
fb:3d:3c:39:03:b9:32:49:7d:0a:77:9c:b6:65:36:
cb:52:71:8f:58:45:10:45:d3:d0:a8:df:71:06:ee:
16:74:66:43:fa:65:9f:30:a1:d3:b0:3a:e0:21:a4:
ad:59:43:de:ee:98:c6:68:25:eb:f8:82:a8:8f:aa:
10:2b:2e:69:b2:da:35:ab:a8:be:f0:6a:ce:a4:d9:
41:50:a7:ae:8f:dd:52:58:68:1e:63:49:ca:fd:8d:
3b:5b:4d:59:48:9a:b7:a8:e0:37:ba:69:2a:ff:a4:
03:13:08:dc:1f:4e:9c:7a:60:8c:03:c0:20:6d:c9:
ae:89:9d:e4:93:6b:89:50:99:50:2b:78:40:ba:05:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:34:D3:5C:EE:E7:71:B2:27:9E:6A:DF:2C:3A:0C:51:A3:50:33:49
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/MzTTXO7ncbInnmrfLDoMUaNQM0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.67.0-45.43.71.255
45.43.80.0-45.43.85.255
45.43.87.0/24
45.43.93.0-45.43.95.255
87.239.253.0/24
89.33.6.0/23
94.177.5.0/24
107.181.128.0-107.181.133.255
107.181.140.0/22
107.181.148.0-107.181.150.255
107.181.152.0-107.181.154.255
113.20.157.0-113.20.158.255
155.254.32.0-155.254.34.255
155.254.36.0/22
155.254.48.0/23
155.254.61.0/24
162.220.246.0/23
198.105.100.0/22
198.105.108.0/22
198.105.119.0/24
198.105.121.0-198.105.122.255
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
2a05:9f46::/31
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
44:5e:a9:1a:93:82:b6:d0:f5:b8:cf:da:21:57:18:b4:87:bd:
65:d6:52:ed:d6:af:20:69:67:6b:14:c6:b8:7b:47:11:15:04:
0d:48:33:26:17:ae:dc:f1:5f:af:9d:50:33:e0:cd:6c:14:19:
49:3d:28:65:69:39:ae:8d:3e:c7:ba:ea:67:80:1c:5d:66:05:
73:c1:a5:34:77:2a:42:f8:2b:95:a2:29:50:0d:12:b0:da:1e:
a7:78:da:18:7b:15:40:13:ae:9c:63:c9:e5:17:c2:e3:21:5a:
57:4b:89:c5:48:12:ba:3a:7c:de:36:b7:08:e5:15:2c:05:40:
cd:3d:9a:c8:23:3b:18:ac:ce:cc:76:79:26:a5:35:b5:4d:ee:
24:8d:cf:c6:fc:b8:3e:56:c5:37:d3:e1:07:56:f0:5c:66:a1:
94:a1:24:d6:22:e9:72:6b:f2:2b:16:6c:d8:13:ac:64:0c:ee:
28:3c:89:ad:d4:a4:4a:ee:3f:67:6e:9e:e0:28:b2:ba:6d:04:
66:c8:3f:ed:fe:28:25:2e:af:77:e5:9b:9e:94:ff:6e:07:08:
34:ea:a5:5a:f5:1e:89:1d:ca:fb:98:bd:57:30:e6:71:64:bd:
0c:82:3a:17:f3:ca:98:9b:66:71:ae:21:b0:50:2a:ce:d4:c6:
46:19:8e:a7
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZTXseHfA5yb7hVR5g3pl51JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMjA1MTk1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM0ZDM1Y2VlZTc3MWIyMjc5ZTZhZGYyYzNhMGM1MWEzNTAzMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHv155yqunmQ2Vf8AcYzHfJLCwe8
j424gi4f2T0XNfIDRKm06rjNwE5dKiXIGSB3V8ay2jAmoUpmW/v6UgJZ/+pYiSIs
crj/BKCAoGwugcJjZCq4ALuibKpNq2VwgJTdLJLHxR+4Fk6rorUZwDMlXZvJOGeG
M8H7PTw5A7kySX0Kd5y2ZTbLUnGPWEUQRdPQqN9xBu4WdGZD+mWfMKHTsDrgIaSt
WUPe7pjGaCXr+IKoj6oQKy5psto1q6i+8GrOpNlBUKeuj91SWGgeY0nK/Y07W01Z
SJq3qOA3umkq/6QDEwjcH06cemCMA8AgbcmuiZ3kk2uJUJlQK3hAugXd7QIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFDM001zu53GyJ55q3yw6DFGjUDNJMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvTXpUVFhPN25jYklubm1yZkxEb01VYU5RTTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIHTBAIAATCBzAME
AS0rQDAMAwQALStDAwQDLStAMAwDBAQtK1ADBAEtK1QDBAAtK1cwDAMEAC0rXQME
BS0rQAMEAFfv/QMEAVkhBgMEAF6xBTAMAwQHa7WAAwQBa7WEAwQCa7WMMAwDBAJr
tZQDBABrtZYwDAMEA2u1mAMEAGu1mjAMAwQAcRSdAwQAcRSeMAwDBAWb/iADBACb
/iIDBAKb/iQDBAGb/jADBACb/j0DBAGi3PYDBALGaWQDBALGaWwDBADGaXcwDAME
AMZpeQMEAMZpejAmBAIAAjAgAwcAKgWfQAAfAwcAKgWfRCoFAwUBKgWfRgMFASoH
mUYwDQYJKoZIhvcNAQELBQADggEBAEReqRqTgrbQ9bjP2iFXGLSHvWXWUu3WryBp
Z2sUxrh7RxEVBA1IMyYXrtzxX6+dUDPgzWwUGUk9KGVpOa6NPse66meAHF1mBXPB
pTR3KkL4K5WiKVANErDaHqd42hh7FUATrpxjyeUXwuMhWldLicVIEro6fN42twjl
FSwFQM09msgjOxiszsx2eSalNbVN7iSNz8b8uD5WxTfT4QdW8FxmoZShJNYi6XJr
8isWbNgTrGQM7ig8ia3UpEruP2dunuAosrptBGbIP+3+KCUur3flm56U/24HCDTq
pVr1HokdyvuYvVcw5nFkvQyCOhfzypibZnGuIbBQKs7UxkYZjqc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:53:02 2025 by rpki-client