Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/X_atORXwm7u7BTlK_F5ATAn9oQM.roa
File: X_atORXwm7u7BTlK_F5ATAn9oQM.roa (raw, json)
Hash identifier: qL0ZqYA9twMi3qZCPTl/5kLJ2BauPal29wNMsW2YVBM=
Subject key identifier: 5F:F6:AD:39:15:F0:9B:BB:BB:05:39:4A:FC:5E:40:4C:09:FD:A1:03
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D70836A1CC978A70A5194F7E9177CB
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/X_atORXwm7u7BTlK_F5ATAn9oQM.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 45.43.92.0/24 maxlen: 24
94.177.4.0/24 maxlen: 24
113.20.156.0/24 maxlen: 24
113.20.159.0/24 maxlen: 24
155.254.32.0/24 maxlen: 24
155.254.35.0/24 maxlen: 24
198.105.120.0/24 maxlen: 24
198.105.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 21:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:08:36:a1:cc:97:8a:70:a5:19:4f:7e:91:77:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ff6ad3915f09bbbbb05394afc5e404c09fda103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c3:6e:3f:64:35:48:c2:dc:a1:30:37:44:23:
cd:c9:62:0c:02:bd:8a:34:6c:99:77:91:e1:43:e3:
39:41:17:8a:ca:5f:0e:1d:54:51:c7:3a:6c:46:c7:
f4:85:64:ed:78:88:65:a1:22:26:73:61:35:c9:ef:
51:3f:a0:61:09:91:d1:67:c2:49:76:2d:01:a6:00:
29:04:ab:d0:24:f4:5e:8c:9a:74:dd:c2:be:a5:8a:
f1:a3:be:ac:06:e5:56:e3:1e:c5:fa:b6:84:45:77:
21:cd:37:f5:cb:f0:de:ff:79:9f:35:45:91:d7:fc:
f0:7e:96:83:63:95:31:62:e0:f8:72:31:f2:71:e6:
2a:8c:61:f8:cf:9a:f2:95:6d:8e:08:7c:02:49:79:
52:76:82:37:42:aa:68:e4:2f:9a:16:b8:e9:fb:ac:
34:3b:72:ad:98:a5:fb:4c:dd:2f:8e:b7:52:d4:75:
dc:1d:9c:13:2c:0c:a9:ce:8e:3a:b4:bd:44:58:e1:
bf:cc:f0:c9:5d:d5:3d:ff:4c:24:e9:50:1b:84:ea:
c1:cd:25:20:a2:8b:47:f4:a1:bb:9b:e9:9c:b2:7f:
8a:12:d5:30:ff:f8:7e:49:e7:1b:e9:22:22:c6:fe:
cc:e2:42:b9:ea:2d:bf:bf:73:b9:19:d6:2b:55:a2:
58:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:AD:39:15:F0:9B:BB:BB:05:39:4A:FC:5E:40:4C:09:FD:A1:03
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/X_atORXwm7u7BTlK_F5ATAn9oQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.92.0/24
94.177.4.0/24
113.20.156.0/24
113.20.159.0/24
155.254.32.0/24
155.254.35.0/24
198.105.120.0/24
198.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
33:99:ea:70:6d:23:05:3a:55:fa:a1:ab:13:06:f1:07:69:ab:
4d:18:42:c4:2c:c6:98:80:34:a7:06:31:fd:f2:f9:f3:f9:cc:
e0:9c:49:f4:14:8a:b0:10:57:5d:44:b3:aa:b6:9d:49:cb:69:
2c:b5:1c:ee:0d:b0:7c:1d:ae:40:4a:60:5a:bc:a7:09:88:b1:
90:ba:6b:79:d2:8a:00:9d:a7:48:95:39:a4:69:c1:35:ea:2b:
61:80:37:28:d8:64:fa:c7:5c:ee:78:b9:61:70:df:e8:ae:6b:
dd:03:20:ce:33:4e:7a:82:e1:47:c6:48:ca:3d:40:08:45:ee:
4e:65:b7:92:3c:d5:54:06:cc:44:65:d1:a9:42:92:f9:0c:8d:
c8:43:2e:ba:1c:08:2b:3a:cd:8c:a8:4a:a7:7b:d5:20:ae:24:
f7:27:84:0d:64:70:7d:2e:35:20:70:c1:ac:e6:e3:b3:0c:06:
d4:be:ba:f2:6e:68:05:00:5c:fc:66:0f:a6:cd:2a:8b:00:16:
ae:ca:c5:49:3b:1e:35:d0:b1:49:7d:38:4c:0b:46:13:b3:80:
dd:db:62:3f:61:aa:1d:73:5e:ab:52:0f:51:19:a1:50:d5:36:
9a:95:77:94:10:4a:fc:00:b5:41:61:89:f8:31:cb:7c:6e:0d:
bd:19:0d:14
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1wg2ocyXinClGU9+kXfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY2YWQzOTE1ZjA5YmJiYmIwNTM5NGFmYzVlNDA0YzA5ZmRhMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucNuP2Q1SMLcoTA3RCPNyWIMAr2K
NGyZd5HhQ+M5QReKyl8OHVRRxzpsRsf0hWTteIhloSImc2E1ye9RP6BhCZHRZ8JJ
di0BpgApBKvQJPRejJp03cK+pYrxo76sBuVW4x7F+raERXchzTf1y/De/3mfNUWR
1/zwfpaDY5UxYuD4cjHyceYqjGH4z5rylW2OCHwCSXlSdoI3Qqpo5C+aFrjp+6w0
O3KtmKX7TN0vjrdS1HXcHZwTLAypzo46tL1EWOG/zPDJXdU9/0wk6VAbhOrBzSUg
ootH9KG7m+mcsn+KEtUw//h+Secb6SIixv7M4kK56i2/v3O5GdYrVaJY1wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF/2rTkV8Ju7uwU5SvxeQEwJ/aEDMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvWF9hdE9SWHdtN3U3QlRsS19GNUFUQW45b1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALStcAwQA
XrEEAwQAcRScAwQAcRSfAwQAm/4gAwQAm/4jAwQAxml4AwQAxml7MA0GCSqGSIb3
DQEBCwUAA4IBAQAzmepwbSMFOlX6oasTBvEHaatNGELELMaYgDSnBjH98vnz+czg
nEn0FIqwEFddRLOqtp1Jy2kstRzuDbB8Ha5ASmBavKcJiLGQumt50ooAnadIlTmk
acE16ithgDco2GT6x1zueLlhcN/ormvdAyDOM056guFHxkjKPUAIRe5OZbeSPNVU
BsxEZdGpQpL5DI3IQy66HAgrOs2MqEqne9UgriT3J4QNZHB9LjUgcMGs5uOzDAbU
vrrybmgFAFz8Zg+mzSqLABauysVJOx410LFJfThMC0YTs4Dd22I/Yaodc16rUg9R
GaFQ1TaalXeUEEr8ALVBYYn4Mct8bg29GQ0U
-----END CERTIFICATE-----
Generated at Sun Apr 13 00:07:08 2025 by rpki-client