Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kQxxqdknepSHoxmAGdftua6PqnU.roa
File: kQxxqdknepSHoxmAGdftua6PqnU.roa (raw, json)
Hash identifier: ASa2af5VDs58OBctOIH6qBY3RBeldl3QzoxqZMknrjM=
Subject key identifier: 91:0C:71:A9:D9:27:7A:94:87:A3:19:80:19:D7:ED:B9:AE:8F:AA:75
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01973A76900EA8BADD41E0B16AB37D183438
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kQxxqdknepSHoxmAGdftua6PqnU.roa
Signing time: Wed 04 Jun 2025 10:22:18 +0000
ROA not before: Wed 04 Jun 2025 10:22:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49791
IP address blocks: 45.43.137.0/24 maxlen: 24
45.43.159.0/24 maxlen: 24
64.137.9.0/24 maxlen: 24
104.222.177.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 12:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:76:90:0e:a8:ba:dd:41:e0:b1:6a:b3:7d:18:34:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 4 10:22:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=910c71a9d9277a9487a3198019d7edb9ae8faa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:96:5e:1b:08:23:ca:f6:0b:63:df:08:a2:ac:
52:0b:3f:d7:3d:6a:20:cb:89:12:07:e7:92:a0:14:
f5:49:96:62:7f:47:e4:0d:67:7f:fb:da:5d:6c:12:
53:30:09:72:c3:d8:34:06:91:93:64:be:b5:33:c7:
8c:91:f4:80:7a:30:90:56:a8:87:3d:51:cd:c7:33:
45:bd:db:a4:42:63:38:1d:96:b1:32:e9:b3:e4:be:
87:84:82:7a:1f:f3:5c:3d:74:88:a0:09:5d:58:e0:
38:e2:9d:ad:ff:83:40:63:ee:95:e8:2c:c3:dd:c9:
39:eb:ef:a9:2e:06:b2:e9:af:c8:3d:62:28:6e:f4:
9b:42:b3:89:15:cc:69:36:55:ed:26:a5:94:dd:34:
c2:f6:10:68:41:9f:b4:90:bb:bf:61:db:db:33:b8:
2e:c0:85:6f:bd:80:ef:66:7c:1c:d3:6c:f1:a3:fe:
9a:1d:e3:b3:f5:85:6f:73:59:e0:1f:ba:7d:ae:fe:
29:32:f5:10:3d:3b:f5:0a:64:d7:dd:ec:4f:7a:08:
54:c7:9c:1c:5b:df:e8:f4:22:16:62:f1:63:e7:1a:
21:ef:d8:20:8c:6d:67:3c:1b:0a:99:b8:6a:45:ed:
44:72:aa:46:c8:80:fb:1c:91:e0:6e:29:75:0f:7b:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0C:71:A9:D9:27:7A:94:87:A3:19:80:19:D7:ED:B9:AE:8F:AA:75
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kQxxqdknepSHoxmAGdftua6PqnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.137.0/24
45.43.159.0/24
64.137.9.0/24
104.222.177.0/24
104.238.24.0/24
104.238.27.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:40:79:b1:7a:63:fc:83:7e:3e:ac:8f:5c:48:b9:c1:33:1d:
31:de:40:8d:e5:41:92:17:4a:ef:49:9a:99:b8:ea:12:ef:51:
dd:0d:62:46:e1:65:3c:2b:4f:9a:48:8c:1e:1f:54:31:c3:02:
e3:07:a3:15:f5:ea:23:94:24:e7:ff:e5:18:dc:8a:54:b4:0e:
bf:00:37:a1:9d:fc:ca:f6:f5:71:e8:92:35:e9:0e:f2:c9:92:
25:b3:8d:98:86:01:ed:97:ce:d9:17:46:c6:d8:bd:36:8e:ae:
7b:95:de:46:16:4e:53:2e:83:b2:c9:df:61:c1:53:cd:74:3b:
47:07:a8:3d:8f:ac:08:3d:5a:ef:41:cf:b3:5d:94:21:f1:32:
28:5b:41:db:15:9f:60:d1:2a:80:0f:48:2c:a8:02:0e:98:61:
51:50:d0:8a:d0:11:41:05:2c:67:60:c1:ef:3e:62:a1:95:98:
6b:2e:e2:36:25:be:90:67:df:1e:3d:bd:5d:b1:98:8d:fd:01:
3a:2d:87:b7:e5:4f:a0:91:a8:59:cd:be:af:e6:87:33:c5:38:
2b:05:08:f0:df:02:c6:db:13:89:ba:2a:dc:ab:8e:b6:01:b8:
0c:b6:fd:14:bd:55:c5:6d:09:04:56:e1:4d:4f:56:45:1f:db:
61:9c:3c:7a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZc6dpAOqLrdQeCxarN9GDQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNjA0MTAyMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBjNzFhOWQ5Mjc3YTk0ODdhMzE5ODAxOWQ3ZWRiOWFlOGZhYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+pZeGwgjyvYLY98IoqxSCz/XPWog
y4kSB+eSoBT1SZZif0fkDWd/+9pdbBJTMAlyw9g0BpGTZL61M8eMkfSAejCQVqiH
PVHNxzNFvdukQmM4HZaxMumz5L6HhIJ6H/NcPXSIoAldWOA44p2t/4NAY+6V6CzD
3ck56++pLgay6a/IPWIobvSbQrOJFcxpNlXtJqWU3TTC9hBoQZ+0kLu/YdvbM7gu
wIVvvYDvZnwc02zxo/6aHeOz9YVvc1ngH7p9rv4pMvUQPTv1CmTX3exPeghUx5wc
W9/o9CIWYvFj5xoh79ggjG1nPBsKmbhqRe1EcqpGyID7HJHgbil1D3t+ZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJEMcanZJ3qUh6MZgBnX7bmuj6p1MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEva1F4eHFka25lcFNIb3htQUdkZnR1YTZQcW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALSuJAwQA
LSufAwQAQIkJAwQAaN6xAwQAaO4YAwQAaO4bMA0GCSqGSIb3DQEBCwUAA4IBAQCL
QHmxemP8g34+rI9cSLnBMx0x3kCN5UGSF0rvSZqZuOoS71HdDWJG4WU8K0+aSIwe
H1QxwwLjB6MV9eojlCTn/+UY3IpUtA6/ADehnfzK9vVx6JI16Q7yyZIls42YhgHt
l87ZF0bG2L02jq57ld5GFk5TLoOyyd9hwVPNdDtHB6g9j6wIPVrvQc+zXZQh8TIo
W0HbFZ9g0SqAD0gsqAIOmGFRUNCK0BFBBSxnYMHvPmKhlZhrLuI2Jb6QZ98ePb1d
sZiN/QE6LYe35U+gkahZzb6v5oczxTgrBQjw3wLG2xOJuircq462AbgMtv0UvVXF
bQkEVuFNT1ZFH9thnDx6
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:24:34 2025 by rpki-client