Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/iVxqVidGKnP1SoI2OlvYVxQj9-U.roa
File: iVxqVidGKnP1SoI2OlvYVxQj9-U.roa (raw, json)
Hash identifier: XvDkZscHwlewJ0n9kssh34M909S4x/8s35Lbe5NyR5E=
Subject key identifier: 89:5C:6A:56:27:46:2A:73:F5:4A:82:36:3A:5B:D8:57:14:23:F7:E5
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0194D805330CE6E4E282CB038E1BECCF018A
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/iVxqVidGKnP1SoI2OlvYVxQj9-U.roa
Signing time: Wed 05 Feb 2025 21:30:06 +0000
ROA not before: Wed 05 Feb 2025 21:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58305
IP address blocks: 45.43.64.0/19 maxlen: 24
45.43.66.0/23 maxlen: 24
45.43.74.0/23 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
113.20.156.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.32.0/22 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.241.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.124.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
2a05:9f40::/29 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a07:9944:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Feb 2025 21:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d8:05:33:0c:e6:e4:e2:82:cb:03:8e:1b:ec:cf:01:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Feb 5 21:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=895c6a5627462a73f54a82363a5bd8571423f7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3a:51:cb:b7:a9:47:fa:00:b7:d7:79:48:e1:
24:24:09:c6:46:98:97:78:77:ab:5d:7c:85:76:d7:
31:12:89:7f:6a:a4:4b:d8:d0:82:5f:c6:03:8f:6c:
c5:86:8b:b0:20:70:b9:82:47:ad:6f:9e:bc:b4:a9:
1e:70:12:93:93:b1:ac:82:a5:b1:f2:2e:c2:36:b9:
0e:97:02:8e:89:c4:1c:73:14:7b:2e:7d:38:e5:cf:
c4:7a:2f:43:62:74:34:31:36:72:3b:86:c1:09:cb:
d1:e2:c3:7e:62:f6:e5:6c:29:bf:17:27:b8:e2:0e:
73:b6:af:f9:32:35:15:aa:38:e6:d5:51:40:be:1f:
07:c1:cc:84:a6:ce:18:a4:0a:ec:b3:f7:35:4a:f1:
b5:60:2b:36:98:68:fc:36:d0:e7:3b:0b:82:4c:eb:
77:29:15:df:38:8d:38:05:73:8c:ea:1a:fa:99:11:
a2:f3:61:40:de:22:c8:0d:78:0f:85:4e:3f:a3:20:
b7:50:6b:96:5b:ee:1c:8c:57:d2:3b:25:13:65:64:
2e:8c:97:53:97:e6:a8:3c:27:db:9a:2e:d7:fc:10:
4e:0d:ab:b9:ab:54:ea:13:3b:35:64:69:cc:80:8c:
32:f7:93:1c:94:cf:21:0a:0d:0c:20:f9:d1:27:9b:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5C:6A:56:27:46:2A:73:F5:4A:82:36:3A:5B:D8:57:14:23:F7:E5
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/iVxqVidGKnP1SoI2OlvYVxQj9-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.162.255
107.161.168.0/22
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.250.0/23
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
69:c6:c7:26:f2:0c:8e:1a:1c:8f:50:86:e4:9d:ad:ae:f2:b8:
2b:0f:c0:e6:4f:89:df:f4:4a:c2:15:dd:05:3d:9a:b6:b3:b2:
e8:2f:e9:03:a6:a1:e0:a9:10:a0:bd:4f:13:7c:bf:2c:48:5e:
1a:23:6d:c5:db:d6:77:93:19:81:e4:61:2b:1d:20:f7:b1:0d:
6a:08:45:cf:15:ec:d9:5c:25:6c:f6:57:8b:be:59:ab:33:d7:
d2:07:40:0e:5b:9a:49:15:53:b2:f8:51:1e:ee:ef:59:d7:2e:
78:77:61:c4:e2:d2:4b:ce:64:d2:7a:c1:2b:50:a0:f5:16:0a:
7f:06:82:d9:b1:6c:8e:90:57:ce:f9:dc:77:de:c2:83:17:2e:
58:0d:95:a4:13:c4:89:8e:38:0a:10:c6:d6:a4:b7:19:5c:a3:
de:01:1c:f6:7f:e0:35:b3:ec:56:48:88:c0:91:5f:04:e4:ec:
ef:c0:df:ba:b1:fd:f5:29:ff:68:01:7a:69:5d:a3:d3:d6:e7:
6c:95:c5:57:16:c5:87:06:c4:cd:d1:05:27:53:2a:75:3d:9f:
df:cf:36:49:63:ce:73:81:28:24:23:b1:c1:60:e8:77:15:c1:
97:08:77:b7:d0:a3:a4:6e:61:21:ba:a2:56:9f:de:63:69:02:
44:d8:c2:4a
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZTYBTMM5uTigssDjhvszwGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMjA1MjEzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVjNmE1NjI3NDYyYTczZjU0YTgyMzYzYTViZDg1NzE0MjNmN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jpRy7epR/oAt9d5SOEkJAnGRpiX
eHerXXyFdtcxEol/aqRL2NCCX8YDj2zFhouwIHC5gketb568tKkecBKTk7GsgqWx
8i7CNrkOlwKOicQccxR7Ln045c/Eei9DYnQ0MTZyO4bBCcvR4sN+YvblbCm/Fye4
4g5ztq/5MjUVqjjm1VFAvh8HwcyEps4YpArss/c1SvG1YCs2mGj8NtDnOwuCTOt3
KRXfOI04BXOM6hr6mRGi82FA3iLIDXgPhU4/oyC3UGuWW+4cjFfSOyUTZWQujJdT
l+aoPCfbmi7X/BBODau5q1TqEzs1ZGnMgIwy95MclM8hCg0MIPnRJ5s/KQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFIlcalYnRipz9UqCNjpb2FcUI/flMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvaVZ4cVZpZEdLblAxU29JMk9sdllWeFFqOS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBEBAIAATA+AwQFLStAMAwD
BAVroaADBABroaIDBAJroagDBAVrtYADBAJxFJwDBAWb/iADBAGi2foDBAOi3PAD
BAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG9w0BAQsF
AAOCAQEAacbHJvIMjhocj1CG5J2trvK4Kw/A5k+J3/RKwhXdBT2atrOy6C/pA6ah
4KkQoL1PE3y/LEheGiNtxdvWd5MZgeRhKx0g97ENaghFzxXs2VwlbPZXi75ZqzPX
0gdADluaSRVTsvhRHu7vWdcueHdhxOLSS85k0nrBK1Cg9RYKfwaC2bFsjpBXzvnc
d97CgxcuWA2VpBPEiY44ChDG1qS3GVyj3gEc9n/gNbPsVkiIwJFfBOTs78DfurH9
9Sn/aAF6aV2j09bnbJXFVxbFhwbEzdEFJ1MqdT2f3882SWPOc4EoJCOxwWDodxXB
lwh3t9CjpG5hIbqiVp/eY2kCRNjCSg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:36:57 2025 by rpki-client