Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PlTZaXUuTJ9gp_mqR2S3SbjEP9M.roa
File: PlTZaXUuTJ9gp_mqR2S3SbjEP9M.roa (raw, json)
Hash identifier: D8a5Y/jiJ/9bFyuh2HRSt2VkSyz6tOsP6gs82nRFrUo=
Subject key identifier: 3E:54:D9:69:75:2E:4C:9F:60:A7:F9:AA:47:64:B7:49:B8:C4:3F:D3
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01946422867364AA59FD54F37EC4ADBC2135
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PlTZaXUuTJ9gp_mqR2S3SbjEP9M.roa
Signing time: Tue 14 Jan 2025 09:26:11 +0000
ROA not before: Tue 14 Jan 2025 09:26:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35277
IP address blocks: 5.8.45.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.101.44.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.201.0/24 maxlen: 24
5.188.202.0/24 maxlen: 24
5.189.216.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.252.0/24 maxlen: 24
5.189.253.0/24 maxlen: 24
5.189.255.0/24 maxlen: 24
91.243.40.0/24 maxlen: 24
91.243.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 11:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:22:86:73:64:aa:59:fd:54:f3:7e:c4:ad:bc:21:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 14 09:26:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e54d969752e4c9f60a7f9aa4764b749b8c43fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:4b:d0:45:09:44:27:78:6f:fc:cb:c0:55:
e6:d5:9f:8a:c5:00:1e:51:fe:f5:5d:12:a5:49:d8:
0c:4a:9d:d7:3a:9d:6e:90:33:bd:48:e5:ce:97:89:
86:83:81:68:6a:b6:0e:14:51:71:b6:95:19:29:69:
dd:9d:e7:95:6f:ee:79:ea:79:da:26:3c:6e:2e:07:
19:02:c4:78:3e:6a:23:07:73:9a:f8:d7:70:f4:9a:
ad:0b:9d:ef:46:af:22:f3:e0:c3:2f:e4:3e:23:57:
2f:69:81:a2:78:27:68:82:7a:59:12:59:36:ca:ac:
86:43:7b:8f:3b:0c:bb:cd:51:d9:ca:30:27:91:02:
a3:a6:56:14:a9:d9:32:ee:f3:3b:8d:8e:1d:1c:ff:
7f:f4:b7:2f:c4:16:ce:a9:a6:e2:86:f2:40:d9:3c:
25:bf:6b:0a:37:81:b7:ee:a8:e4:08:68:e6:72:74:
82:64:76:84:31:16:38:bc:46:8e:c3:b8:ee:b2:8d:
2b:d4:89:09:24:3d:7b:ca:b2:31:d1:35:16:b2:75:
1a:f1:0c:6b:70:8c:dd:b5:0d:eb:b8:2c:db:62:16:
28:20:3d:05:b4:9a:69:bb:19:ca:2c:b4:6e:7e:a9:
b0:01:61:ed:36:75:fa:31:cf:09:38:f4:d9:70:89:
22:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:54:D9:69:75:2E:4C:9F:60:A7:F9:AA:47:64:B7:49:B8:C4:3F:D3
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PlTZaXUuTJ9gp_mqR2S3SbjEP9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.45.0-5.8.47.255
5.101.44.0-5.101.46.255
5.188.50.0/24
5.188.201.0-5.188.202.255
5.189.216.0/23
5.189.252.0/23
5.189.255.0/24
91.243.40.0/24
91.243.43.0/24
Signature Algorithm: sha256WithRSAEncryption
07:11:f3:46:e8:6a:63:4a:40:ab:07:fb:1c:67:c1:c4:f5:d5:
98:96:4f:94:6d:76:9a:07:9c:47:93:f3:d3:2f:7f:9c:41:93:
f1:7f:33:c0:3a:7b:1e:da:a8:92:40:20:16:18:7c:bc:2e:08:
64:b5:2a:c2:bb:e0:f8:1f:4e:bd:a7:1e:9a:ad:9d:83:84:c1:
20:92:d6:f5:77:f6:42:5f:4c:2a:d1:4e:42:76:20:94:b9:6c:
ac:a3:3e:72:34:d9:f9:06:78:7c:69:a4:57:ff:5f:43:d1:68:
25:67:64:d5:26:eb:05:5b:e6:5b:52:d3:5d:ab:47:17:43:03:
4a:47:1a:30:5c:ad:36:fe:c4:95:4d:4f:79:9f:98:c9:39:c7:
93:56:b3:6d:35:c1:09:1b:c9:be:cc:7b:81:32:76:55:a5:59:
f0:b2:20:83:d1:44:b4:a4:e6:4c:dc:72:75:1f:7e:fb:65:43:
16:92:07:d3:44:ff:12:b3:56:ca:5f:c8:e9:e9:c3:e3:79:30:
1b:c3:55:42:da:e0:6e:6c:39:46:23:e2:51:56:c5:54:b0:7b:
4c:2e:a4:5c:5a:85:ab:4a:3c:8b:64:e8:d0:04:73:8a:70:b2:
b6:8c:d3:61:5f:70:67:39:4c:b2:c8:fc:06:a5:46:53:fd:0f:
4a:3b:a0:a7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZRkIoZzZKpZ/VTzfsStvCE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMTE0MDkyNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTU0ZDk2OTc1MmU0YzlmNjBhN2Y5YWE0NzY0Yjc0OWI4YzQzZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPhL0EUJRCd4b/zLwFXm1Z+KxQAe
Uf71XRKlSdgMSp3XOp1ukDO9SOXOl4mGg4FoarYOFFFxtpUZKWndneeVb+556nna
JjxuLgcZAsR4PmojB3Oa+Ndw9JqtC53vRq8i8+DDL+Q+I1cvaYGieCdognpZElk2
yqyGQ3uPOwy7zVHZyjAnkQKjplYUqdky7vM7jY4dHP9/9LcvxBbOqabihvJA2Twl
v2sKN4G37qjkCGjmcnSCZHaEMRY4vEaOw7juso0r1IkJJD17yrIx0TUWsnUa8Qxr
cIzdtQ3ruCzbYhYoID0FtJppuxnKLLRufqmwAWHtNnX6Mc8JOPTZcIki7QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFD5U2Wl1LkyfYKf5qkdkt0m4xD/TMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUGxUWmFYVXVUSjlncF9tcVIyUzNTYmpFUDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBAAFCC0D
BAQFCCAwDAMEAgVlLAMEAAVlLgMEAAW8MjAMAwQABbzJAwQABbzKAwQBBb3YAwQB
Bb38AwQABb3/AwQAW/MoAwQAW/MrMA0GCSqGSIb3DQEBCwUAA4IBAQAHEfNG6Gpj
SkCrB/scZ8HE9dWYlk+UbXaaB5xHk/PTL3+cQZPxfzPAOnse2qiSQCAWGHy8Lghk
tSrCu+D4H069px6arZ2DhMEgktb1d/ZCX0wq0U5CdiCUuWysoz5yNNn5Bnh8aaRX
/19D0WglZ2TVJusFW+ZbUtNdq0cXQwNKRxowXK02/sSVTU95n5jJOceTVrNtNcEJ
G8m+zHuBMnZVpVnwsiCD0US0pOZM3HJ1H377ZUMWkgfTRP8Ss1bKX8jp6cPjeTAb
w1VC2uBubDlGI+JRVsVUsHtMLqRcWoWrSjyLZOjQBHOKcLK2jNNhX3BnOUyyyPwG
pUZT/Q9KO6Cn
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:00:59 2025 by rpki-client