Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UsxJ0JlcYu_bEmxfUv0yXbt4DuI.roa
File: UsxJ0JlcYu_bEmxfUv0yXbt4DuI.roa (raw, json)
Hash identifier: nA0vdT2uR33oGjKuvafTMo5a7pAy+g/satSQkoFc41g=
Subject key identifier: 52:CC:49:D0:99:5C:62:EF:DB:12:6C:5F:52:FD:32:5D:BB:78:0E:E2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428248D9E9C70D5B446BEED8248E83A14
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UsxJ0JlcYu_bEmxfUv0yXbt4DuI.roa
Signing time: Thu 02 Jan 2025 17:51:11 +0000
ROA not before: Thu 02 Jan 2025 17:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.128.96.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 14:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:8d:9e:9c:70:d5:b4:46:be:ed:82:48:e8:3a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52cc49d0995c62efdb126c5f52fd325dbb780ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:8e:de:16:67:05:c7:62:23:7f:24:b1:bd:
2a:2d:fc:b2:17:ba:b9:70:98:59:1f:47:75:1e:7f:
c1:2b:c8:48:77:09:25:0d:01:7c:38:b9:b9:39:a9:
bc:61:58:7a:96:69:78:8c:76:47:f2:3c:01:39:25:
a7:fd:b9:6a:ba:0a:c0:af:04:02:ae:84:a3:09:e3:
6f:34:5d:c5:c5:b7:ac:66:1c:a3:62:96:ad:5a:31:
e2:05:0a:51:49:e0:ab:1d:f9:7e:7e:3c:75:e1:77:
7c:f1:6f:1a:1a:e8:5f:20:92:8f:65:cb:30:cc:66:
f8:9c:18:8c:7d:18:a8:5c:90:78:b1:f5:41:d8:c0:
f9:8a:5a:31:d5:76:73:8e:5b:87:7b:fa:de:d9:9d:
65:cf:a5:46:82:f5:d7:dd:cf:77:36:5f:47:55:36:
e2:0f:cb:9b:39:88:15:82:dc:c1:b9:6f:d6:88:16:
94:22:ca:0f:53:e6:b3:38:89:85:56:16:74:26:0b:
5e:25:db:57:84:ce:67:ca:48:a3:14:1d:fb:c5:70:
20:5f:37:24:d5:b1:80:a9:5e:14:8e:d1:1f:30:4d:
fb:8e:bb:32:44:c6:07:d8:d2:77:e6:45:29:e5:5e:
41:ee:db:1c:b2:0f:3c:c9:8d:62:00:06:4f:c5:9a:
96:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CC:49:D0:99:5C:62:EF:DB:12:6C:5F:52:FD:32:5D:BB:78:0E:E2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UsxJ0JlcYu_bEmxfUv0yXbt4DuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
84.54.51.0/24
87.120.33.0/24
87.121.38.0/24
87.121.58.0/24
91.92.16.0/24
94.103.127.0/24
94.156.2.0/24
94.156.79.0/24
94.156.113.0/24
141.98.4.0/24
193.58.120.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:1d:93:fc:a7:96:56:b3:b2:94:c9:b7:d9:92:b2:e9:24:25:
5e:69:33:73:1f:56:f2:21:d2:51:24:1d:f8:d4:15:0e:32:91:
2a:ba:94:08:b0:63:55:14:80:c3:6f:58:a5:5b:eb:39:61:2c:
53:08:45:b3:19:14:0e:c9:7e:ab:75:24:59:d6:85:f5:9e:27:
96:d0:cb:8e:b4:ec:4f:db:2f:a4:39:38:bc:94:12:bb:13:f6:
57:d6:54:ce:85:6e:aa:35:9c:16:4c:d5:82:ae:b4:4e:34:0c:
a3:1a:f8:d0:07:74:6b:f7:0f:fa:a9:f3:33:8b:ac:1d:58:cf:
48:a1:d8:60:b9:3b:3a:87:13:10:4d:71:4d:2d:f0:fc:7c:5c:
2f:1a:37:e3:fd:f2:0d:32:80:df:fd:16:cd:42:a0:af:58:fc:
33:2a:9d:d8:ad:ec:13:67:8c:43:76:ff:c2:14:dc:6b:8f:b3:
d6:1d:29:01:30:eb:11:7c:90:0d:24:1d:ce:60:55:6c:76:0b:
71:82:6f:ac:78:58:4f:f0:5a:12:44:06:96:90:ed:33:d3:08:
a9:7f:f9:4e:01:94:27:25:a3:46:76:69:59:23:4c:39:ad:b3:
d1:b4:7a:12:53:87:18:42:95:05:71:c6:da:da:1b:5a:ff:e6:
63:1b:db:08
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQoJI2enHDVtEa+7YJI6DoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNjNDlkMDk5NWM2MmVmZGIxMjZjNWY1MmZkMzI1ZGJiNzgwZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd6O3hZnBcdiI38ksb0qLfyyF7q5
cJhZH0d1Hn/BK8hIdwklDQF8OLm5Oam8YVh6lml4jHZH8jwBOSWn/blqugrArwQC
roSjCeNvNF3FxbesZhyjYpatWjHiBQpRSeCrHfl+fjx14Xd88W8aGuhfIJKPZcsw
zGb4nBiMfRioXJB4sfVB2MD5ilox1XZzjluHe/re2Z1lz6VGgvXX3c93Nl9HVTbi
D8ubOYgVgtzBuW/WiBaUIsoPU+azOImFVhZ0JgteJdtXhM5nykijFB37xXAgXzck
1bGAqV4UjtEfME37jrsyRMYH2NJ35kUp5V5B7tscsg88yY1iAAZPxZqW6wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFLMSdCZXGLv2xJsX1L9Ml27eA7iMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVXN4SjBKbGNZdV9iRW14ZlV2MHlYYnQ0RHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALYBgAwQA
VDYzAwQAV3ghAwQAV3kmAwQAV3k6AwQAW1wQAwQAXmd/AwQAXpwCAwQAXpxPAwQA
XpxxAwQAjWIEAwQAwTp4AwQAwh/MMA0GCSqGSIb3DQEBCwUAA4IBAQCeHZP8p5ZW
s7KUybfZkrLpJCVeaTNzH1byIdJRJB341BUOMpEqupQIsGNVFIDDb1ilW+s5YSxT
CEWzGRQOyX6rdSRZ1oX1nieW0MuOtOxP2y+kOTi8lBK7E/ZX1lTOhW6qNZwWTNWC
rrRONAyjGvjQB3Rr9w/6qfMzi6wdWM9IodhguTs6hxMQTXFNLfD8fFwvGjfj/fIN
MoDf/RbNQqCvWPwzKp3YrewTZ4xDdv/CFNxrj7PWHSkBMOsRfJANJB3OYFVsdgtx
gm+seFhP8FoSRAaWkO0z0wipf/lOAZQnJaNGdmlZI0w5rbPRtHoSU4cYQpUFccba
2hta/+ZjG9sI
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:21:09 2025 by rpki-client