Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/9MZJpN7gLzvWhADvux8VULspncM.roa
File: 9MZJpN7gLzvWhADvux8VULspncM.roa (raw, json)
Hash identifier: nVfT6YTqCMiQ+xUmjNNb98mYP31ts6jO71eEnlBeDkk=
Subject key identifier: F4:C6:49:A4:DE:E0:2F:3B:D6:84:00:EF:BB:1F:15:50:BB:29:9D:C3
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195586AA85ABFC74873DA24833C725225A4
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/9MZJpN7gLzvWhADvux8VULspncM.roa
Signing time: Sun 02 Mar 2025 19:52:19 +0000
ROA not before: Sun 02 Mar 2025 19:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.65.114.0/24 maxlen: 24
45.154.156.0/22 maxlen: 24
185.83.200.0/22 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 08:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:58:6a:a8:5a:bf:c7:48:73:da:24:83:3c:72:52:25:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 2 19:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4c649a4dee02f3bd68400efbb1f1550bb299dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:ea:6a:57:59:29:5e:2d:98:bb:7d:1b:42:
b2:84:25:cf:e5:22:da:5b:10:e0:ce:9f:20:64:00:
1d:e3:07:d9:0b:e4:dc:40:6a:b6:10:6e:63:43:84:
b1:ee:4b:b3:6f:57:a0:23:6e:ea:ba:e9:72:84:21:
61:e1:ed:d4:33:e6:d9:3b:2e:fa:f7:7e:4c:dc:94:
36:d0:fa:26:b1:c3:cd:74:e3:26:b9:49:c6:ce:4c:
a8:d6:6b:0c:85:d1:3f:ef:fd:9b:10:b0:b2:16:e4:
d5:84:0d:1d:f0:df:0e:4c:4a:0b:97:15:cc:0b:83:
b0:5f:a5:89:c9:11:af:85:cd:06:0b:ab:00:17:98:
14:23:0e:8a:eb:6a:c4:9c:c2:96:f5:63:4c:48:88:
ba:b7:d7:59:a8:52:16:92:a5:c0:e9:dd:44:dd:5a:
39:4a:26:b8:8b:f9:a0:b5:ee:1f:a4:db:1e:d7:76:
ad:fd:a4:a1:13:ac:df:c3:0b:04:51:3f:d2:b2:6a:
5c:a5:a4:20:bf:16:bf:e0:48:eb:7b:b4:2a:ce:dd:
f4:a8:8c:b4:54:30:d5:53:4d:2e:11:f1:79:99:99:
61:36:b1:be:fd:17:e8:dd:94:a9:97:cf:fc:ca:a3:
44:d7:89:c8:4b:fb:ba:54:9f:1d:91:be:bf:21:c2:
8a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C6:49:A4:DE:E0:2F:3B:D6:84:00:EF:BB:1F:15:50:BB:29:9D:C3
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/9MZJpN7gLzvWhADvux8VULspncM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/24
45.154.156.0/22
185.83.200.0/22
188.209.131.0/24
188.209.139.0/24
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e9:a6:98:7e:ab:9e:35:35:ea:d8:33:63:d3:5e:c3:5a:0d:
f5:7f:b9:96:e8:93:e7:25:18:1d:81:2d:8b:aa:31:e3:59:36:
52:2e:1d:ef:ae:99:2d:65:37:ae:eb:33:3c:6d:07:c6:5f:7b:
c3:27:4a:7e:0e:5d:84:f8:67:38:1d:0a:3e:5a:86:d4:12:9e:
a2:ff:2f:75:78:e1:f8:79:e7:ad:27:ea:6b:7c:33:a1:cd:b7:
86:84:00:c8:9a:1d:b8:04:22:29:a4:68:cb:7b:05:42:78:2d:
77:b6:c3:45:ef:e0:ee:ca:73:85:9d:e3:b1:b4:0c:20:4c:13:
c9:04:88:1f:b5:8a:46:ee:47:db:12:96:cb:0f:0a:91:e3:1b:
39:a8:b7:22:44:ed:1e:92:79:99:ff:a6:4b:54:58:ae:57:cf:
6f:ca:21:cc:90:aa:e0:ee:81:c2:a9:3e:b4:ff:4f:6e:47:4f:
fd:26:f2:b0:37:ee:a5:ab:0a:be:e5:b4:dc:71:f9:a3:63:54:
90:bd:7e:11:fa:08:ed:97:c6:a9:56:e6:bc:3c:91:58:42:2d:
6c:1a:85:59:c2:4a:d4:1f:bd:0f:dd:0b:7d:a1:5d:8a:f3:45:
eb:d1:23:95:ad:56:14:ae:5f:a1:27:e9:3f:2c:4a:e0:d7:09:
f2:96:ea:84
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVYaqhav8dIc9okgzxyUiWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzAyMTk1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM2NDlhNGRlZTAyZjNiZDY4NDAwZWZiYjFmMTU1MGJiMjk5ZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhfqaldZKV4tmLt9G0KyhCXP5SLa
WxDgzp8gZAAd4wfZC+TcQGq2EG5jQ4Sx7kuzb1egI27quulyhCFh4e3UM+bZOy76
935M3JQ20PomscPNdOMmuUnGzkyo1msMhdE/7/2bELCyFuTVhA0d8N8OTEoLlxXM
C4OwX6WJyRGvhc0GC6sAF5gUIw6K62rEnMKW9WNMSIi6t9dZqFIWkqXA6d1E3Vo5
Sia4i/mgte4fpNse13at/aShE6zfwwsEUT/SsmpcpaQgvxa/4Ejre7Qqzt30qIy0
VDDVU00uEfF5mZlhNrG+/Rfo3ZSpl8/8yqNE14nIS/u6VJ8dkb6/IcKKOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPTGSaTe4C871oQA77sfFVC7KZ3DMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvOU1aSnBON2dMenZXaEFEdnV4OFZVTHNwbmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALUFyAwQC
LZqcAwQCuVPIAwQAvNGDAwQAvNGLAwQAwg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCW
6aaYfqueNTXq2DNj017DWg31f7mW6JPnJRgdgS2LqjHjWTZSLh3vrpktZTeu6zM8
bQfGX3vDJ0p+Dl2E+Gc4HQo+WobUEp6i/y91eOH4eeetJ+prfDOhzbeGhADImh24
BCIppGjLewVCeC13tsNF7+DuynOFneOxtAwgTBPJBIgftYpG7kfbEpbLDwqR4xs5
qLciRO0eknmZ/6ZLVFiuV89vyiHMkKrg7oHCqT60/09uR0/9JvKwN+6lqwq+5bTc
cfmjY1SQvX4R+gjtl8apVua8PJFYQi1sGoVZwkrUH70P3Qt9oV2K80Xr0SOVrVYU
rl+hJ+k/LErg1wnyluqE
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:34 2025 by rpki-client