Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/cHTM44ThEf33Pge17u-4NncUWwQ.roa
File: cHTM44ThEf33Pge17u-4NncUWwQ.roa (raw, json)
Hash identifier: E7LwJxFLPZSxhyNPdsN6yLExgfci/zYOrmKjdCd4Lpc=
Subject key identifier: 70:74:CC:E3:84:E1:11:FD:F7:3E:07:B5:EE:EF:B8:36:77:14:5B:04
Certificate issuer: /CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
Certificate serial: 01941F8C3E2CFE5616C78AEF17BEF913B2BF
Authority key identifier: FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/cHTM44ThEf33Pge17u-4NncUWwQ.roa
Signing time: Wed 01 Jan 2025 01:47:52 +0000
ROA not before: Wed 01 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60631
IP address blocks: 45.149.76.0/24 maxlen: 24
45.149.77.0/24 maxlen: 24
45.149.78.0/24 maxlen: 24
45.149.79.0/24 maxlen: 24
158.255.74.0/24 maxlen: 24
171.22.24.0/24 maxlen: 24
171.22.25.0/24 maxlen: 24
171.22.26.0/24 maxlen: 24
171.22.27.0/24 maxlen: 24
176.97.218.0/24 maxlen: 24
178.211.145.0/24 maxlen: 24
185.190.39.0/24 maxlen: 24
193.105.234.0/24 maxlen: 24
212.23.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 04:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3e:2c:fe:56:16:c7:8a:ef:17:be:f9:13:b2:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
Validity
Not Before: Jan 1 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7074cce384e111fdf73e07b5eeefb83677145b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:22:d7:c9:e1:45:6f:83:a4:fd:24:c2:f1:f9:
6b:09:8d:58:e5:5b:27:23:05:43:5e:4b:d6:1d:b9:
cd:f9:46:fd:0a:fc:df:43:f5:2e:84:0b:c6:61:8c:
75:aa:22:08:34:9d:e6:50:65:07:76:31:29:ca:93:
64:33:67:02:e4:de:07:a0:79:e9:c2:ac:cc:b0:98:
d6:1c:b4:40:2d:34:0c:02:cf:e0:1c:da:41:ca:06:
b9:ac:fa:bb:20:07:41:cd:62:19:b8:66:fb:bf:86:
53:7d:4b:c0:0b:cc:6c:dd:24:cb:0e:cb:2d:6d:1c:
9d:de:06:f7:61:e2:ad:cf:2e:f6:a8:ee:e3:a9:12:
90:54:c0:46:55:31:c4:9b:3d:da:ba:ff:8f:7c:18:
01:4e:4f:0a:be:7b:bb:9c:2a:0a:69:c1:17:d1:df:
8d:df:e3:4e:5b:8b:3a:10:5f:26:67:af:11:f1:e4:
58:d2:a3:c2:bc:2c:42:bb:da:a8:50:fd:34:eb:cf:
ab:ce:57:86:49:04:ba:8f:b9:ed:d3:e9:bb:ce:a8:
76:04:46:33:ab:1c:9f:f3:bf:57:44:79:01:7b:74:
17:d4:f8:5b:de:19:be:c7:eb:78:a6:ab:4a:24:96:
34:1d:db:f2:d7:d1:7f:0f:da:e0:51:30:aa:25:2e:
22:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:74:CC:E3:84:E1:11:FD:F7:3E:07:B5:EE:EF:B8:36:77:14:5B:04
X509v3 Authority Key Identifier:
keyid:FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/cHTM44ThEf33Pge17u-4NncUWwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/_Y7_IBIYpagjy-hTNoU-PbTdFus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.76.0/22
158.255.74.0/24
171.22.24.0/22
176.97.218.0/24
178.211.145.0/24
185.190.39.0/24
193.105.234.0/24
212.23.201.0/24
Signature Algorithm: sha256WithRSAEncryption
55:2d:d0:43:04:9a:77:ce:ff:c5:d8:67:4f:c3:42:84:fc:79:
f5:db:e6:fa:b5:cf:0a:97:30:e0:37:db:6f:2e:4a:e4:0f:7c:
e3:0a:f3:7d:55:ec:ff:09:f4:69:8b:06:37:fa:f0:ab:5c:68:
8a:ec:54:21:0a:83:00:6d:a1:60:ba:36:05:9c:be:7d:52:b0:
08:12:cb:15:d9:93:65:b9:11:79:be:fa:fe:6a:76:91:74:2a:
f5:02:58:40:5e:59:35:bc:82:81:3b:3e:45:2b:ed:72:cd:36:
72:56:d4:13:ea:c4:02:ae:c5:86:79:fa:68:48:b1:47:10:dc:
43:58:d0:2e:33:81:08:73:e4:ba:dc:61:c6:79:99:fc:34:c4:
dd:0f:09:61:a1:9d:50:d1:22:09:8c:1a:7d:b6:23:6f:c1:b2:
4c:1c:4c:46:01:cd:23:0d:6c:24:83:85:b4:8c:95:a4:f4:01:
62:e8:82:86:1f:0c:b6:5b:f9:4f:9c:33:4a:a2:bd:7d:d9:64:
52:49:48:82:b1:5e:45:fe:6e:c9:8a:0f:fd:38:45:b6:14:52:
0b:87:53:5b:18:e6:33:c2:4f:ee:fb:69:69:3c:ef:d4:7e:d8:
dd:d5:05:0e:32:9c:45:f2:e2:69:8f:7f:d6:96:d6:8d:d2:3e:
be:22:1b:4f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQfjD4s/lYWx4rvF775E7K/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOGVmZjIwMTIxOGE1YTgyM2NiZTg1MzM2ODUzZTNkYjRk
ZDE2ZWIwHhcNMjUwMTAxMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc0Y2NlMzg0ZTExMWZkZjczZTA3YjVlZWVmYjgzNjc3MTQ1YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyLXyeFFb4Ok/STC8flrCY1Y5Vsn
IwVDXkvWHbnN+Ub9CvzfQ/UuhAvGYYx1qiIINJ3mUGUHdjEpypNkM2cC5N4HoHnp
wqzMsJjWHLRALTQMAs/gHNpByga5rPq7IAdBzWIZuGb7v4ZTfUvAC8xs3STLDsst
bRyd3gb3YeKtzy72qO7jqRKQVMBGVTHEmz3auv+PfBgBTk8Kvnu7nCoKacEX0d+N
3+NOW4s6EF8mZ68R8eRY0qPCvCxCu9qoUP0068+rzleGSQS6j7nt0+m7zqh2BEYz
qxyf879XRHkBe3QX1Phb3hm+x+t4pqtKJJY0Hdvy19F/D9rgUTCqJS4iaQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHB0zOOE4RH99z4Hte7vuDZ3FFsEMB8GA1UdIwQY
MBaAFP2O/yASGKWoI8voUzaFPj203RbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYt
YzdhYzI2YmNjMmRhLzEvY0hUTTQ0VGhFZjMzUGdlMTd1LTRObmNVV3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYtYzdhYzI2YmNjMmRh
LzEvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZVMAwQA
nv9KAwQCqxYYAwQAsGHaAwQAstORAwQAub4nAwQAwWnqAwQA1BfJMA0GCSqGSIb3
DQEBCwUAA4IBAQBVLdBDBJp3zv/F2GdPw0KE/Hn12+b6tc8KlzDgN9tvLkrkD3zj
CvN9Vez/CfRpiwY3+vCrXGiK7FQhCoMAbaFgujYFnL59UrAIEssV2ZNluRF5vvr+
anaRdCr1AlhAXlk1vIKBOz5FK+1yzTZyVtQT6sQCrsWGefpoSLFHENxDWNAuM4EI
c+S63GHGeZn8NMTdDwlhoZ1Q0SIJjBp9tiNvwbJMHExGAc0jDWwkg4W0jJWk9AFi
6IKGHwy2W/lPnDNKor192WRSSUiCsV5F/m7Jig/9OEW2FFILh1NbGOYzwk/u+2lp
PO/Uftjd1QUOMpxF8uJpj3/WltaN0j6+IhtP
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:58 2025 by rpki-client