Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NDz51zuaG3RlAt_HDEKoCkyCXBU.roa
File: NDz51zuaG3RlAt_HDEKoCkyCXBU.roa (raw, json)
Hash identifier: J03fCSMGVBtcE5xZE62H6ZPISleKI7tMFhbihSPJnsI=
Subject key identifier: 34:3C:F9:D7:3B:9A:1B:74:65:02:DF:C7:0C:42:A8:0A:4C:82:5C:15
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019594D8C861C6E7D03E944AD5A668AB4C1D
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NDz51zuaG3RlAt_HDEKoCkyCXBU.roa
Signing time: Fri 14 Mar 2025 13:29:49 +0000
ROA not before: Fri 14 Mar 2025 13:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210415
IP address blocks: 45.10.104.0/23 maxlen: 23
45.80.80.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
201.49.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 11:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:d8:c8:61:c6:e7:d0:3e:94:4a:d5:a6:68:ab:4c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 14 13:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343cf9d73b9a1b746502dfc70c42a80a4c825c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:40:b3:e7:37:c3:f9:5a:32:ac:56:fe:40:84:
00:f6:51:c4:27:d3:f8:cc:65:d8:25:a0:cc:b2:d3:
fe:56:4f:f9:48:b3:25:04:f4:b5:4f:a6:10:f9:b1:
ed:16:09:66:72:11:57:39:c1:9c:7c:60:ab:df:15:
8f:51:71:33:67:87:fc:65:d6:43:0e:48:06:e5:8e:
d3:03:d0:f0:cc:da:60:fd:90:5f:6d:e0:b2:5f:63:
c5:96:c5:8e:7f:13:f8:5f:e1:93:c7:bc:0b:a0:fa:
b4:02:27:cb:b6:e5:da:cb:07:31:18:c1:f8:5a:81:
be:8e:62:d2:b7:02:45:f4:28:ad:1f:5d:f9:9f:3f:
e8:be:0a:75:cb:8c:ec:cd:59:8e:a7:65:cc:bb:6f:
4e:50:8f:12:c4:48:81:f5:03:3f:37:52:cd:56:fd:
cf:a1:88:5c:61:4a:85:30:d3:53:34:0e:12:26:05:
32:3b:69:74:f4:84:5d:87:84:e9:a6:4d:01:98:bb:
61:07:32:b6:9d:c5:6c:88:0b:6e:60:7f:e7:82:df:
2c:cf:37:35:5f:62:4b:28:fc:21:91:68:30:d4:56:
c0:9d:02:40:c0:1c:64:97:f8:12:39:f7:da:e4:97:
4c:1e:f8:b9:11:f6:ed:a8:5a:e6:f9:4f:41:89:4c:
2d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3C:F9:D7:3B:9A:1B:74:65:02:DF:C7:0C:42:A8:0A:4C:82:5C:15
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NDz51zuaG3RlAt_HDEKoCkyCXBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/23
45.80.80.0/24
80.66.125.0/24
178.19.42.0/24
201.49.188.0/24
Signature Algorithm: sha256WithRSAEncryption
39:33:6e:3a:9e:6e:8b:91:81:57:45:58:96:5a:d3:7b:d4:25:
03:1d:0e:d8:65:e3:45:6e:04:15:13:8e:9f:63:4b:c6:fa:2a:
83:fb:16:6e:3a:fb:17:42:e4:cf:a7:ae:eb:94:36:f2:73:74:
7c:d0:b0:e6:de:7d:e6:63:1d:1d:33:b7:f9:f0:97:4f:68:16:
69:1c:bc:35:1b:1e:bf:de:aa:63:c2:53:42:11:f6:32:9f:1c:
bd:27:0e:cb:58:21:51:22:9e:51:bd:c1:1d:9c:09:b2:38:e9:
ce:c9:cd:eb:6a:1b:44:6b:3a:78:d5:95:1e:25:5e:35:1f:6e:
52:a2:b9:45:59:a1:10:4e:91:55:25:81:24:f1:a5:10:3e:e6:
83:bc:4c:94:92:e2:82:ff:83:2d:65:0d:ce:28:e1:ad:8d:fa:
c1:79:9c:cf:86:38:1f:b2:a0:03:a2:02:ee:39:8f:fc:c0:4a:
d4:ed:44:55:42:5f:f2:55:12:0f:69:72:a0:9d:45:be:ba:73:
59:2e:66:36:ae:25:cb:65:b0:0f:64:a3:b2:15:2e:7c:ae:5e:
1d:58:0a:5e:e6:fc:7f:94:89:e8:54:62:33:28:59:46:b8:a4:
6b:84:f7:ca:66:cf:20:d2:7d:44:b7:ed:fd:7f:85:df:fc:1c:
98:d0:6a:05
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWU2MhhxufQPpRK1aZoq0wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzE0MTMyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNjZjlkNzNiOWExYjc0NjUwMmRmYzcwYzQyYTgwYTRjODI1YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kCz5zfD+VoyrFb+QIQA9lHEJ9P4
zGXYJaDMstP+Vk/5SLMlBPS1T6YQ+bHtFglmchFXOcGcfGCr3xWPUXEzZ4f8ZdZD
DkgG5Y7TA9DwzNpg/ZBfbeCyX2PFlsWOfxP4X+GTx7wLoPq0AifLtuXaywcxGMH4
WoG+jmLStwJF9CitH135nz/ovgp1y4zszVmOp2XMu29OUI8SxEiB9QM/N1LNVv3P
oYhcYUqFMNNTNA4SJgUyO2l09IRdh4Tppk0BmLthBzK2ncVsiAtuYH/ngt8szzc1
X2JLKPwhkWgw1FbAnQJAwBxkl/gSOffa5JdMHvi5EfbtqFrm+U9BiUwt5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDQ8+dc7mht0ZQLfxwxCqApMglwVMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTkR6NTF6dWFHM1JsQXRfSERFS29Da3lDWEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLQpoAwQA
LVBQAwQAUEJ9AwQAshMqAwQAyTG8MA0GCSqGSIb3DQEBCwUAA4IBAQA5M246nm6L
kYFXRViWWtN71CUDHQ7YZeNFbgQVE46fY0vG+iqD+xZuOvsXQuTPp67rlDbyc3R8
0LDm3n3mYx0dM7f58JdPaBZpHLw1Gx6/3qpjwlNCEfYynxy9Jw7LWCFRIp5RvcEd
nAmyOOnOyc3rahtEazp41ZUeJV41H25SorlFWaEQTpFVJYEk8aUQPuaDvEyUkuKC
/4MtZQ3OKOGtjfrBeZzPhjgfsqADogLuOY/8wErU7URVQl/yVRIPaXKgnUW+unNZ
LmY2riXLZbAPZKOyFS58rl4dWApe5vx/lInoVGIzKFlGuKRrhPfKZs8g0n1Et+39
f4Xf/ByY0GoF
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:36 2025 by rpki-client