Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzHRxMbyqpuEJFEpIa3kKdBJPzk.roa
File: rzHRxMbyqpuEJFEpIa3kKdBJPzk.roa (raw, json)
Hash identifier: 4cxk4T/rTPVRM40F/DqOLkazbEmkmYLFrN2iF4OeZPg=
Subject key identifier: AF:31:D1:C4:C6:F2:AA:9B:84:24:51:29:21:AD:E4:29:D0:49:3F:39
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195047F8F1E787EADAAA2DC2D0164B27FF1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzHRxMbyqpuEJFEpIa3kKdBJPzk.roa
Signing time: Fri 14 Feb 2025 12:47:03 +0000
ROA not before: Fri 14 Feb 2025 12:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Sat 15 Feb 2025 09:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:7f:8f:1e:78:7e:ad:aa:a2:dc:2d:01:64:b2:7f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 14 12:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af31d1c4c6f2aa9b8424512921ade429d0493f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:65:b5:dd:a1:25:2d:3a:59:c1:6b:66:b1:
b6:44:7c:c4:79:a4:eb:3b:62:d0:5a:f2:33:53:c0:
91:2a:46:45:ca:de:63:db:17:b9:74:70:dc:13:6d:
da:8f:b7:c6:7d:17:83:ed:84:8a:84:cc:5f:80:b9:
ab:ea:21:bb:41:72:ca:27:aa:e1:31:5a:59:f1:a0:
70:25:b3:6f:b9:17:09:90:9b:8a:44:2c:0f:25:83:
f9:ff:12:a6:03:54:0c:81:04:8c:a0:3d:a5:20:8c:
a0:ad:5c:93:87:c6:cc:0f:41:22:3c:17:11:68:17:
cb:25:45:48:af:89:2b:49:6f:57:2a:b3:86:bc:67:
99:33:35:5b:42:e0:78:ed:ab:c2:ff:9f:df:e4:7b:
ac:f1:67:c9:43:1a:94:c6:ca:d7:01:ff:1b:24:a1:
01:05:44:68:cf:54:43:ea:30:a1:08:dc:4d:34:b3:
18:f5:27:1e:22:b8:48:93:53:51:94:e9:63:3b:b6:
52:c4:56:51:81:97:53:9c:4c:33:b7:f0:53:11:90:
d6:2d:06:7e:e4:ee:44:17:a7:7a:2b:1c:07:2e:8a:
b6:6b:21:99:df:ad:49:35:8f:51:c1:e7:c9:78:78:
fc:5d:d8:3a:49:3b:ed:0a:0c:7c:f9:d8:0d:2b:5c:
fb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:31:D1:C4:C6:F2:AA:9B:84:24:51:29:21:AD:E4:29:D0:49:3F:39
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzHRxMbyqpuEJFEpIa3kKdBJPzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
94.177.122.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
9d:10:79:d7:d6:b7:09:4b:b0:1f:e4:f0:4a:8e:a1:7c:f0:f7:
65:c7:a9:5f:e0:88:d7:77:24:c7:f3:60:b0:96:e3:f2:48:b4:
9b:24:3f:dc:c0:61:76:a4:7c:39:9d:06:cb:e8:89:ae:77:e3:
09:39:88:d8:bd:07:e3:b7:0c:7d:bb:2c:1f:72:be:b0:4c:6d:
dd:60:38:f9:ad:54:32:60:b4:fa:67:07:cb:5d:d7:d6:38:8e:
47:21:63:7d:aa:72:e0:41:ad:02:2c:33:7e:5d:c8:5b:8e:82:
ad:d0:3f:8c:8c:2c:de:f8:ec:39:74:e8:a9:04:d8:6e:b6:61:
40:9f:67:48:34:ba:18:b1:84:00:e5:26:1b:97:08:da:96:3e:
83:e2:9f:5c:ff:bb:6a:6a:ec:6a:ab:dd:80:69:5a:bb:e4:8b:
11:7f:19:05:e1:c9:0e:3e:1f:2c:71:7d:fd:d3:a8:fb:15:34:
c5:17:f1:05:48:4d:07:1c:9e:46:13:a6:be:de:32:ed:9d:e6:
bc:e3:7c:4a:f4:8d:9e:86:60:83:09:4b:da:35:83:d4:bf:53:
e4:87:ea:56:49:df:55:34:54:ca:1d:b5:74:ba:6d:4a:0a:10:
c5:e4:3e:2f:53:3c:06:aa:07:8c:fc:af:b2:8a:5b:fd:e1:27:
de:8f:67:32
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZUEf48eeH6tqqLcLQFksn/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjE0MTI0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMxZDFjNGM2ZjJhYTliODQyNDUxMjkyMWFkZTQyOWQwNDkzZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmJltd2hJS06WcFrZrG2RHzEeaTr
O2LQWvIzU8CRKkZFyt5j2xe5dHDcE23aj7fGfReD7YSKhMxfgLmr6iG7QXLKJ6rh
MVpZ8aBwJbNvuRcJkJuKRCwPJYP5/xKmA1QMgQSMoD2lIIygrVyTh8bMD0EiPBcR
aBfLJUVIr4krSW9XKrOGvGeZMzVbQuB47avC/5/f5Hus8WfJQxqUxsrXAf8bJKEB
BURoz1RD6jChCNxNNLMY9SceIrhIk1NRlOljO7ZSxFZRgZdTnEwzt/BTEZDWLQZ+
5O5EF6d6KxwHLoq2ayGZ361JNY9RwefJeHj8Xdg6STvtCgx8+dgNK1z7DQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFK8x0cTG8qqbhCRRKSGt5CnQST85MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcnpIUnhNYnlxcHVFSkZFcElhM2tLZEJKUHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MCoEAgABMCQDBAIt
iIgDBABesXoDBAC56HUDBAHBIV4DBADBo1YDBADCMlwwgc8EAgACMIHIMBADBwAq
BMzA//8DBQEqBMzAMA4DBQAqBMzDAwUDKgTMwAMFAyoJBMAwDgMFByoMO4ADBQAq
DDuGAwcEKg6XwAHQAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfDARADBwQqDpfEASAD
BwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwMqDrEHIcADBwQqDrEHIiADBwAq
D+QEAQIDBwAqEC8AAY0DBwAqEC8AAY8DBwAqEC8AAZMDBwQqEMxAAlADBwQqEMxF
ATAwDQYJKoZIhvcNAQELBQADggEBAJ0QedfWtwlLsB/k8EqOoXzw92XHqV/giNd3
JMfzYLCW4/JItJskP9zAYXakfDmdBsvoia534wk5iNi9B+O3DH27LB9yvrBMbd1g
OPmtVDJgtPpnB8td19Y4jkchY32qcuBBrQIsM35dyFuOgq3QP4yMLN747Dl06KkE
2G62YUCfZ0g0uhixhADlJhuXCNqWPoPin1z/u2pq7Gqr3YBpWrvkixF/GQXhyQ4+
Hyxxff3TqPsVNMUX8QVITQccnkYTpr7eMu2d5rzjfEr0jZ6GYIMJS9o1g9S/U+SH
6lZJ31U0VModtXS6bUoKEMXkPi9TPAaqB4z8r7KKW/3hJ96PZzI=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:42:34 2025 by rpki-client