Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nDhzrLxcyLLjzc6y-dZFN782_mc.roa
File: nDhzrLxcyLLjzc6y-dZFN782_mc.roa (raw, json)
Hash identifier: Sv5tmd5YTh8kERqmuCQZHsGLazjSOgg9R+pn+m7/UQY=
Subject key identifier: 9C:38:73:AC:BC:5C:C8:B2:E3:CD:CE:B2:F9:D6:45:37:BF:36:FE:67
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D7216341125CDC7F8A8D6B639DFCD0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nDhzrLxcyLLjzc6y-dZFN782_mc.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
139.28.222.0/24 maxlen: 24
139.28.223.0/24 maxlen: 24
147.78.64.0/24 maxlen: 24
147.78.65.0/24 maxlen: 24
147.78.66.0/24 maxlen: 24
147.78.67.0/24 maxlen: 24
185.17.3.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.104.249.0/24 maxlen: 24
185.139.68.0/24 maxlen: 24
185.139.69.0/24 maxlen: 24
185.139.70.0/24 maxlen: 24
185.139.71.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.180.231.0/24 maxlen: 24
185.188.182.0/24 maxlen: 24
185.188.183.0/24 maxlen: 24
185.195.24.0/24 maxlen: 24
185.195.25.0/24 maxlen: 24
185.195.26.0/24 maxlen: 24
185.195.27.0/24 maxlen: 24
185.204.0.0/24 maxlen: 24
185.204.2.0/24 maxlen: 24
185.204.3.0/24 maxlen: 24
185.212.148.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.255.132.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
195.66.114.0/24 maxlen: 24
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 16:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:21:63:41:12:5c:dc:7f:8a:8d:6b:63:9d:fc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c3873acbc5cc8b2e3cdceb2f9d64537bf36fe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:27:56:4f:fe:41:6f:58:eb:e2:2f:b2:7f:
c7:94:39:1c:29:4d:27:d2:6e:79:45:be:61:04:be:
07:d4:df:e5:6e:dd:8e:3f:66:a2:42:02:3d:df:5e:
3c:5f:ab:c5:0f:d4:8a:8c:8f:cc:eb:c3:51:ca:8a:
3c:ae:28:5a:27:c3:ee:ce:0d:24:cf:33:7b:ba:eb:
d3:66:52:c4:b5:ba:33:79:d7:5e:80:f3:e7:06:b8:
b6:02:4f:29:03:ac:62:e2:e4:0e:bc:25:67:c1:fe:
95:7d:f8:d8:48:8b:94:c5:a7:0b:02:54:3c:3b:d3:
67:e8:eb:60:36:fc:92:c1:76:4b:78:34:ba:91:df:
55:e2:62:06:22:8f:80:fd:42:79:19:60:57:51:f5:
f1:ff:ec:38:dc:82:27:3d:57:2c:72:d7:31:de:9f:
ae:63:33:67:58:46:f5:9f:28:21:a0:58:5d:64:ea:
96:85:a9:3a:db:69:49:6b:91:03:ba:3f:0c:3b:87:
7e:fb:ab:fb:b7:41:04:cd:0c:93:26:6e:9e:2f:cb:
91:07:c4:67:1b:4b:ea:3e:1b:a8:e7:6d:53:57:6e:
73:f8:63:7a:01:d8:85:dd:04:38:2f:ca:f4:73:a7:
69:38:27:13:e1:3c:c2:23:e6:a1:ab:b2:78:e1:70:
d9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:38:73:AC:BC:5C:C8:B2:E3:CD:CE:B2:F9:D6:45:37:BF:36:FE:67
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nDhzrLxcyLLjzc6y-dZFN782_mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
139.28.222.0/23
147.78.64.0/22
185.17.3.0/24
185.104.248.0/23
185.139.68.0/22
185.180.230.0/23
185.188.182.0/23
185.195.24.0/22
185.204.0.0/24
185.204.2.0/23
185.212.148.0/24
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
193.109.78.0/23
195.66.114.0/24
IPv6:
2a04:5200:ff00::/48
2a04:5200:ff10::/48
2a04:5200:fff1::-2a04:5200:fff9:ffff:ffff:ffff:ffff:ffff
2a04:5200:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
2a:52:91:bd:7b:be:00:00:47:4e:c4:c9:70:e3:06:0a:5f:d6:
c7:e0:f2:73:31:da:91:16:db:59:bd:e7:1d:27:95:24:38:06:
ed:e1:3c:7f:92:7c:fe:fc:3f:50:d8:63:86:14:9f:7c:36:53:
c8:8b:b2:5d:6e:36:5f:d4:e8:f6:66:b8:4d:ee:ec:08:bb:80:
5c:7c:46:d5:c5:30:9b:ca:43:a3:90:76:60:88:b2:3c:c5:fc:
27:ba:80:4a:18:b6:49:12:ad:9f:d9:95:4e:a7:96:87:22:ab:
32:65:5d:85:c3:6d:91:d3:3f:22:4d:19:ed:00:88:41:8e:44:
49:a2:1d:a5:4b:50:f0:40:e7:db:12:d2:71:be:75:d2:ca:5d:
6d:8d:2e:35:ab:2c:f3:44:ee:2c:60:15:38:08:c1:69:a5:d2:
4f:6f:e4:ff:bd:69:9a:f0:3f:2b:39:8f:d1:ad:f7:c6:91:aa:
90:5b:ea:99:92:34:55:eb:3c:7a:d0:47:54:3e:7d:74:c5:3a:
3c:96:a4:2a:b8:ae:fd:52:cd:f0:4b:ff:9b:c3:ca:51:53:df:
11:1f:06:c8:95:12:01:13:30:22:f7:28:24:9d:d1:45:64:7e:
cb:a7:83:21:58:20:20:45:53:70:16:4c:1b:5e:9b:8e:08:62:
2a:cf:ea:46
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQj1yFjQRJc3H+KjWtjnfzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM4NzNhY2JjNWNjOGIyZTNjZGNlYjJmOWQ2NDUzN2JmMzZmZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4wnVk/+QW9Y6+Ivsn/HlDkcKU0n
0m55Rb5hBL4H1N/lbt2OP2aiQgI93148X6vFD9SKjI/M68NRyoo8rihaJ8Puzg0k
zzN7uuvTZlLEtbozeddegPPnBri2Ak8pA6xi4uQOvCVnwf6VffjYSIuUxacLAlQ8
O9Nn6OtgNvySwXZLeDS6kd9V4mIGIo+A/UJ5GWBXUfXx/+w43IInPVcsctcx3p+u
YzNnWEb1nyghoFhdZOqWhak622lJa5EDuj8MO4d++6v7t0EEzQyTJm6eL8uRB8Rn
G0vqPhuo521TV25z+GN6AdiF3QQ4L8r0c6dpOCcT4TzCI+ahq7J44XDZxwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJw4c6y8XMiy483OsvnWRTe/Nv5nMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbkRoenJMeGN5TExqemM2eS1kWkZONzgyX21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB4BAIAATByAwQCLZBA
AwQALhFoAwQAW9lRAwQBixzeAwQCk05AAwQAuREDAwQBuWj4AwQCuYtEAwQBubTm
AwQBuby2AwQCucMYAwQAucwAAwQBucwCAwQAudSUAwQBufSsAwQBufySAwQCuf+E
AwQBwW1OAwQAw0JyMDUEAgACMC8DBwAqBFIA/wADBwAqBFIA/xAwEgMHACoEUgD/
8QMHASoEUgD/+AMHACoEUgD//zANBgkqhkiG9w0BAQsFAAOCAQEAKlKRvXu+AABH
TsTJcOMGCl/Wx+DyczHakRbbWb3nHSeVJDgG7eE8f5J8/vw/UNhjhhSffDZTyIuy
XW42X9To9ma4Te7sCLuAXHxG1cUwm8pDo5B2YIiyPMX8J7qAShi2SRKtn9mVTqeW
hyKrMmVdhcNtkdM/Ik0Z7QCIQY5ESaIdpUtQ8EDn2xLScb510spdbY0uNass80Tu
LGAVOAjBaaXST2/k/71pmvA/KzmP0a33xpGqkFvqmZI0Ves8etBHVD59dMU6PJak
Kriu/VLN8Ev/m8PKUVPfER8GyJUSARMwIvcoJJ3RRWR+y6eDIVggIEVTcBZMG16b
jghiKs/qRg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:41:37 2025 by rpki-client