Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3bKf5I3fOfAQME0z6q0DP1QFwls.roa
File: 3bKf5I3fOfAQME0z6q0DP1QFwls.roa (raw, json)
Hash identifier: mFg+wddpn9YV+txA6TnyBw39kcVXAEQ0/bf+f8LU9HM=
Subject key identifier: DD:B2:9F:E4:8D:DF:39:F0:10:30:4D:33:EA:AD:03:3F:54:05:C2:5B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0196CF4AD6D3D47F913B65F773775D9FB5DE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3bKf5I3fOfAQME0z6q0DP1QFwls.roa
Signing time: Wed 14 May 2025 14:55:10 +0000
ROA not before: Wed 14 May 2025 14:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 14:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:4a:d6:d3:d4:7f:91:3b:65:f7:73:77:5d:9f:b5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 14 14:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddb29fe48ddf39f010304d33eaad033f5405c25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c1:99:68:6e:ef:83:20:e5:68:c7:4f:ff:81:
c8:37:62:87:8d:58:8b:31:a4:c4:e0:e7:d2:57:96:
60:09:b0:5c:70:0f:ac:c3:4b:cf:3d:b0:8a:71:b0:
a6:31:b3:5f:5f:66:92:79:c7:de:fb:7b:34:41:3a:
6b:be:e5:6d:52:71:ba:28:45:bf:56:5e:00:61:1a:
cd:56:b7:af:20:5a:81:51:69:32:37:8b:f3:44:1c:
a2:e9:98:7e:73:ca:6e:ef:90:f0:a2:06:8a:2b:21:
45:a1:c6:57:ce:a4:84:bf:cb:68:57:d7:dc:ce:f9:
dd:11:29:2a:db:8a:e4:1d:c2:ea:4b:30:9c:62:12:
5b:65:41:8c:0a:09:a3:c4:c0:2f:e2:94:9c:c8:1a:
61:9f:d6:5c:1c:00:3d:0b:78:29:2a:cc:72:6a:21:
31:41:70:0d:a0:61:dc:00:54:cf:b5:d1:72:7b:7a:
f1:2a:f1:59:f1:dc:09:d4:57:61:cb:14:11:21:31:
87:41:23:47:81:f5:98:bb:20:ad:00:ca:b8:47:62:
98:89:f7:dc:30:b0:9e:52:53:4c:d1:48:6f:4d:eb:
f3:66:df:f3:7d:03:ba:c9:c9:82:a1:da:77:a0:38:
39:b5:81:0a:ea:49:1c:5b:b6:63:e0:1b:4c:2f:06:
8a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B2:9F:E4:8D:DF:39:F0:10:30:4D:33:EA:AD:03:3F:54:05:C2:5B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3bKf5I3fOfAQME0z6q0DP1QFwls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
46.102.237.0/24
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
188.215.31.0/24
194.85.251.0/24
202.71.15.0/24
212.192.6.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:b2:31:f4:a3:a4:0c:7b:42:ba:8e:3c:19:90:33:cb:23:
df:5d:cb:e7:57:cb:24:18:0b:aa:f0:30:70:46:91:24:3f:8b:
fd:e5:31:83:a6:8d:fa:e9:89:e6:a9:12:67:db:47:1a:cc:13:
ca:32:e1:e6:bf:cd:28:f8:6f:02:d7:7d:b5:9b:06:f5:e1:2a:
7c:7e:7d:0b:b5:42:d3:f0:19:07:a5:56:2f:36:c6:71:ed:3a:
a6:61:0e:f1:03:dd:16:fd:16:ad:dd:38:b9:50:e1:36:2a:eb:
a8:88:fe:cf:89:fe:3e:9c:0d:ac:a6:51:da:9f:e7:12:a9:99:
08:4d:8b:a4:6c:11:10:7e:d3:e6:84:cb:00:24:62:bf:2f:8f:
19:90:80:53:e9:a1:22:dd:b4:5e:b2:a5:59:96:9e:90:2a:e5:
82:39:99:52:84:9b:a0:3b:ee:55:a9:7c:17:82:db:70:94:2a:
73:c6:66:25:91:48:c4:41:89:83:7d:c2:d9:b0:c7:81:4f:4d:
cb:6c:b8:9f:73:dc:3f:a7:78:30:25:9b:57:12:9d:4a:ee:d7:
ef:ea:3b:15:ef:33:79:01:40:a4:53:28:c2:8f:ca:b4:8f:31:
81:a3:6f:5d:8e:27:1f:48:f0:e1:79:22:21:3e:ea:08:fd:76:
d9:89:6e:18
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZbPStbT1H+RO2X3c3ddn7XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNTE0MTQ1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIyOWZlNDhkZGYzOWYwMTAzMDRkMzNlYWFkMDMzZjU0MDVjMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsGZaG7vgyDlaMdP/4HIN2KHjViL
MaTE4OfSV5ZgCbBccA+sw0vPPbCKcbCmMbNfX2aSecfe+3s0QTprvuVtUnG6KEW/
Vl4AYRrNVrevIFqBUWkyN4vzRByi6Zh+c8pu75DwogaKKyFFocZXzqSEv8toV9fc
zvndESkq24rkHcLqSzCcYhJbZUGMCgmjxMAv4pScyBphn9ZcHAA9C3gpKsxyaiEx
QXANoGHcAFTPtdFye3rxKvFZ8dwJ1FdhyxQRITGHQSNHgfWYuyCtAMq4R2KYiffc
MLCeUlNM0UhvTevzZt/zfQO6ycmCodp3oDg5tYEK6kkcW7Zj4BtMLwaKPQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFN2yn+SN3znwEDBNM+qtAz9UBcJbMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM2JLZjVJM2ZPZkFRTUUwejZxMERQMVFGd2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBLYe2AwQA
LmbtAwQAWSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAvNcfAwQAwlX7AwQA
ykcPAwQA1MAGMA0GCSqGSIb3DQEBCwUAA4IBAQAq7bIx9KOkDHtCuo48GZAzyyPf
XcvnV8skGAuq8DBwRpEkP4v95TGDpo366YnmqRJn20cazBPKMuHmv80o+G8C1321
mwb14Sp8fn0LtULT8BkHpVYvNsZx7TqmYQ7xA90W/Rat3Ti5UOE2KuuoiP7Pif4+
nA2splHan+cSqZkITYukbBEQftPmhMsAJGK/L48ZkIBT6aEi3bResqVZlp6QKuWC
OZlShJugO+5VqXwXgttwlCpzxmYlkUjEQYmDfcLZsMeBT03LbLifc9w/p3gwJZtX
Ep1K7tfv6jsV7zN5AUCkUyjCj8q0jzGBo29djicfSPDheSIhPuoI/XbZiW4Y
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:38:49 2025 by rpki-client