Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/OnYowCwyjrnEHHxkFliUKX7BX7Y.roa
File: OnYowCwyjrnEHHxkFliUKX7BX7Y.roa (raw, json)
Hash identifier: qjMHGkgwf/a5ywruNgWWEWY9ZXlrehiOAuMRZu+bDto=
Subject key identifier: 3A:76:28:C0:2C:32:8E:B9:C4:1C:7C:64:16:58:94:29:7E:C1:5F:B6
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01938E28AA98D6DD08619F00308322EBA7E2
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/OnYowCwyjrnEHHxkFliUKX7BX7Y.roa
Signing time: Tue 03 Dec 2024 20:14:09 +0000
ROA not before: Tue 03 Dec 2024 20:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.137.52.0/24 maxlen: 24
45.137.53.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.140.173.0/24 maxlen: 24
45.141.186.0/24 maxlen: 24
45.141.187.0/24 maxlen: 24
45.145.162.0/24 maxlen: 24
45.147.1.0/24 maxlen: 24
45.149.83.0/24 maxlen: 24
45.152.225.0/24 maxlen: 24
45.154.162.0/24 maxlen: 24
85.202.166.0/24 maxlen: 24
85.202.167.0/24 maxlen: 24
91.212.82.0/24 maxlen: 24
91.220.84.0/24 maxlen: 24
91.220.90.0/24 maxlen: 24
91.220.126.0/24 maxlen: 24
91.221.38.0/24 maxlen: 24
92.249.13.0/24 maxlen: 24
92.249.14.0/24 maxlen: 24
193.150.98.0/24 maxlen: 24
193.150.170.0/24 maxlen: 24
193.150.171.0/24 maxlen: 24
193.163.199.0/24 maxlen: 24
194.33.8.0/24 maxlen: 24
194.33.9.0/24 maxlen: 24
194.55.103.0/24 maxlen: 24
194.55.104.0/24 maxlen: 24
194.61.76.0/24 maxlen: 24
194.147.84.0/24 maxlen: 24
194.147.85.0/24 maxlen: 24
195.245.110.0/24 maxlen: 24
213.139.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8e:28:aa:98:d6:dd:08:61:9f:00:30:83:22:eb:a7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Dec 3 20:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7628c02c328eb9c41c7c64165894297ec15fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c3:62:4a:b2:7c:46:68:fd:ab:a5:61:7d:4f:
e6:09:bf:c7:d0:fe:c0:2c:c8:fc:3f:eb:c8:c7:ae:
4f:7e:c9:89:ef:5c:37:c2:18:3d:55:2a:b9:95:ea:
7e:e0:28:10:28:b0:c1:c0:49:7c:62:cb:4e:18:39:
bc:5f:be:d6:9a:2e:74:72:ff:e5:16:47:62:e1:46:
6a:3f:bd:a7:a5:0a:df:43:6a:e8:f3:fa:79:c1:b9:
45:69:09:4f:6f:fb:96:11:f8:54:19:a2:5c:b0:88:
d7:f5:6d:e2:66:5b:e1:f8:f8:e5:49:8c:6f:1e:f7:
3e:45:14:f2:99:6d:db:ab:85:c5:b8:53:04:3f:c3:
1b:4b:13:bd:20:99:95:29:85:83:05:7e:78:85:e3:
06:a3:e7:4b:78:42:93:8c:f8:74:51:cf:72:4b:3f:
3a:9a:07:8b:0b:42:66:f6:56:2f:bd:34:01:4a:bc:
92:90:c7:07:27:00:23:c2:3f:31:17:16:1f:0a:93:
b6:19:38:16:fd:19:1b:dc:f2:8f:27:da:3f:2b:28:
ac:44:27:c7:e2:83:32:b1:f8:62:b6:6c:32:70:75:
21:b1:30:f7:9f:8f:69:12:81:8c:a9:8d:dc:85:e6:
40:c6:da:50:c4:06:5f:a4:23:1e:a2:61:9f:30:db:
86:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:76:28:C0:2C:32:8E:B9:C4:1C:7C:64:16:58:94:29:7E:C1:5F:B6
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/OnYowCwyjrnEHHxkFliUKX7BX7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.52.0/23
45.137.55.0/24
45.137.191.0/24
45.139.28.0/24
45.139.31.0/24
45.140.171.0/24
45.140.173.0/24
45.141.186.0/23
45.145.162.0/24
45.147.1.0/24
45.149.83.0/24
45.152.225.0/24
45.154.162.0/24
85.202.166.0/23
91.212.82.0/24
91.220.84.0/24
91.220.90.0/24
91.220.126.0/24
91.221.38.0/24
92.249.13.0-92.249.14.255
193.150.98.0/24
193.150.170.0/23
193.163.199.0/24
194.33.8.0/23
194.55.103.0-194.55.104.255
194.61.76.0/24
194.147.84.0/23
195.245.110.0/24
213.139.194.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:ad:90:e8:bf:ad:ef:35:c8:99:3e:29:2a:ae:e3:b6:16:df:
63:bf:46:60:2c:f2:5d:6f:04:d5:4a:f9:28:1e:e6:53:f4:82:
d6:87:50:e0:55:e7:72:ab:f8:13:d1:92:17:eb:8e:71:67:82:
25:79:a3:41:84:20:47:97:35:ce:98:b2:1c:eb:f5:04:94:1a:
ac:50:f2:e7:de:c9:08:3a:e8:44:8b:64:c8:6b:81:72:16:a1:
c7:4b:f5:b8:7d:36:bc:d0:ba:75:dc:58:95:75:fd:8a:be:e4:
76:a1:5c:f2:bf:9f:ef:34:4d:70:5e:80:61:07:49:92:8a:83:
d8:82:df:52:75:58:b7:ef:9a:83:8a:11:40:64:50:dc:3b:33:
7b:6b:2a:0f:0a:fe:8d:66:10:cd:1b:a9:24:34:75:28:68:1b:
33:f1:90:ae:8f:0e:b9:9e:da:48:e0:fc:d4:79:e6:d0:e3:ac:
78:99:42:5f:6c:1e:a3:cb:c9:82:b7:ab:79:54:07:5b:c1:6d:
43:21:2d:84:44:bc:eb:b5:5a:c7:75:4e:9d:11:5c:fb:bb:30:
3a:6e:e1:b5:d4:f6:80:17:1f:3f:a5:4a:b9:28:b7:59:5b:2b:
9b:c4:46:61:10:f7:94:41:0d:82:b8:ac:d2:43:69:41:f4:a7:
9e:aa:e7:83
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZOOKKqY1t0IYZ8AMIMi66fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQxMjAzMjAxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc2MjhjMDJjMzI4ZWI5YzQxYzdjNjQxNjU4OTQyOTdlYzE1ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8NiSrJ8Rmj9q6VhfU/mCb/H0P7A
LMj8P+vIx65PfsmJ71w3whg9VSq5lep+4CgQKLDBwEl8YstOGDm8X77Wmi50cv/l
Fkdi4UZqP72npQrfQ2ro8/p5wblFaQlPb/uWEfhUGaJcsIjX9W3iZlvh+PjlSYxv
Hvc+RRTymW3bq4XFuFMEP8MbSxO9IJmVKYWDBX54heMGo+dLeEKTjPh0Uc9ySz86
mgeLC0Jm9lYvvTQBSrySkMcHJwAjwj8xFxYfCpO2GTgW/Rkb3PKPJ9o/KyisRCfH
4oMysfhitmwycHUhsTD3n49pEoGMqY3cheZAxtpQxAZfpCMeomGfMNuGIQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFDp2KMAsMo65xBx8ZBZYlCl+wV+2MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvT25Zb3dDd3lqcm5FSEh4a0ZsaVVLWDdCWDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAEt
iTQDBAAtiTcDBAAtib8DBAAtixwDBAAtix8DBAAtjKsDBAAtjK0DBAEtjboDBAAt
kaIDBAAtkwEDBAAtlVMDBAAtmOEDBAAtmqIDBAFVyqYDBABb1FIDBABb3FQDBABb
3FoDBABb3H4DBABb3SYwDAMEAFz5DQMEAFz5DgMEAMGWYgMEAcGWqgMEAMGjxwME
AcIhCDAMAwQAwjdnAwQAwjdoAwQAwj1MAwQBwpNUAwQAw/VuAwQA1YvCMA0GCSqG
SIb3DQEBCwUAA4IBAQA8rZDov63vNciZPikqruO2Ft9jv0ZgLPJdbwTVSvkoHuZT
9ILWh1DgVedyq/gT0ZIX645xZ4IleaNBhCBHlzXOmLIc6/UElBqsUPLn3skIOuhE
i2TIa4FyFqHHS/W4fTa80Lp13FiVdf2KvuR2oVzyv5/vNE1wXoBhB0mSioPYgt9S
dVi375qDihFAZFDcOzN7ayoPCv6NZhDNG6kkNHUoaBsz8ZCujw65ntpI4PzUeebQ
46x4mUJfbB6jy8mCt6t5VAdbwW1DIS2ERLzrtVrHdU6dEVz7uzA6buG11PaAFx8/
pUq5KLdZWyubxEZhEPeUQQ2CuKzSQ2lB9KeequeD
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:14:11 2025 by rpki-client