Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7PGk5c3uDBZBC1Jr8L3f53DYaGc.roa
File: 7PGk5c3uDBZBC1Jr8L3f53DYaGc.roa (raw, json)
Hash identifier: U4D7QaCq8m8D1y1GqbAhRjZascV+Oz8c3DQJdJ8flyc=
Subject key identifier: EC:F1:A4:E5:CD:EE:0C:16:41:0B:52:6B:F0:BD:DF:E7:70:D8:68:67
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019504347A3DF5D99BDB41C44E40BF40CC7D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7PGk5c3uDBZBC1Jr8L3f53DYaGc.roa
Signing time: Fri 14 Feb 2025 11:25:02 +0000
ROA not before: Fri 14 Feb 2025 11:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
212.192.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 14:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:34:7a:3d:f5:d9:9b:db:41:c4:4e:40:bf:40:cc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 11:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecf1a4e5cdee0c16410b526bf0bddfe770d86867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:1d:08:25:21:ec:57:03:8f:cc:03:bc:f2:
88:db:05:cb:1a:7d:71:69:da:62:33:e3:bc:a0:7d:
74:22:22:cf:4f:77:a7:79:33:f3:b5:1c:1d:c1:5f:
37:c5:2e:30:4d:9f:a8:9f:6b:e3:36:a5:94:3a:61:
4e:9a:4e:3f:07:1f:db:55:37:d0:c9:cc:54:db:fb:
21:6c:5a:5f:ac:27:96:00:d3:95:2f:3c:fb:74:fa:
da:02:1e:f9:25:9a:5d:53:95:46:07:c0:57:05:85:
cc:7f:0f:00:eb:08:95:c7:f5:d5:01:a1:cc:ea:29:
5a:31:62:73:cc:7f:34:3a:65:3d:f3:7c:63:0b:d9:
5e:30:df:4d:92:f9:34:d1:2f:e4:28:7d:49:7b:e6:
46:5d:be:64:6b:7d:15:5d:b6:f2:d2:b4:05:fe:c7:
36:7a:dc:5d:b4:7b:15:c1:66:90:12:6f:6a:17:c1:
d2:f7:98:2e:6f:74:cd:09:f7:0a:40:49:ff:ea:aa:
1f:0c:e0:8c:d4:52:cb:fa:85:64:96:e6:8a:a9:50:
32:33:69:05:d1:2b:28:bc:cc:f8:c2:19:c1:74:51:
9d:0d:5b:b5:8e:38:02:e7:86:7c:b9:50:56:21:47:
75:5e:46:f3:79:92:56:00:3b:96:c0:61:94:73:d9:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F1:A4:E5:CD:EE:0C:16:41:0B:52:6B:F0:BD:DF:E7:70:D8:68:67
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7PGk5c3uDBZBC1Jr8L3f53DYaGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
212.192.21.0/24
Signature Algorithm: sha256WithRSAEncryption
52:af:cc:d2:5d:10:28:a4:d0:f0:4a:fe:5c:57:de:ff:22:ad:
9a:ed:49:90:34:81:66:d4:5d:64:bb:06:02:40:eb:fd:ff:9b:
dd:ed:f3:4f:3b:cc:3e:fe:c9:ef:4b:2a:29:a9:7b:49:18:d9:
b1:30:fc:ce:44:71:63:5e:d2:1c:cf:6c:de:f7:d5:09:ef:4e:
60:74:32:87:bc:41:be:e4:93:7c:d4:1f:d1:eb:f7:59:d2:5a:
f3:c4:70:01:ef:3f:57:50:2b:ef:17:71:10:e1:bb:7c:92:e0:
84:d1:59:45:08:ac:d3:30:0b:6e:ce:61:5b:78:80:72:91:c1:
9d:a6:14:af:b7:25:6d:86:0b:df:aa:6b:22:ee:32:d9:9b:f7:
b7:c2:e1:0d:a0:d1:85:47:9c:b8:f1:b3:1e:19:3f:19:cc:09:
74:8d:f3:16:40:a3:82:c6:ba:7e:ae:9f:f7:ec:78:7c:47:1a:
e5:27:89:b1:c3:9c:15:f3:99:e7:37:19:a4:ef:6a:db:17:fa:
1f:b2:9a:87:b7:28:25:5c:f9:e6:4c:45:0e:74:b4:f7:04:65:
8f:b6:98:ac:10:01:8b:72:35:83:b4:40:e4:0c:4c:81:f3:f0:
35:2b:2c:0a:bc:a8:25:65:85:45:95:c3:05:93:f1:7c:24:e4:
91:93:96:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUENHo99dmb20HETkC/QMx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjE0MTEyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2YxYTRlNWNkZWUwYzE2NDEwYjUyNmJmMGJkZGZlNzcwZDg2ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvwdCCUh7FcDj8wDvPKI2wXLGn1x
adpiM+O8oH10IiLPT3eneTPztRwdwV83xS4wTZ+on2vjNqWUOmFOmk4/Bx/bVTfQ
ycxU2/shbFpfrCeWANOVLzz7dPraAh75JZpdU5VGB8BXBYXMfw8A6wiVx/XVAaHM
6ilaMWJzzH80OmU983xjC9leMN9Nkvk00S/kKH1Je+ZGXb5ka30VXbby0rQF/sc2
etxdtHsVwWaQEm9qF8HS95gub3TNCfcKQEn/6qofDOCM1FLL+oVkluaKqVAyM2kF
0SsovMz4whnBdFGdDVu1jjgC54Z8uVBWIUd1XkbzeZJWADuWwGGUc9kiBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOzxpOXN7gwWQQtSa/C93+dw2GhnMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvN1BHazVjM3VEQlpCQzFKcjhMM2Y1M0RZYUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYe2AwQA
WSJqAwQAXXK3AwQA1MAVMA0GCSqGSIb3DQEBCwUAA4IBAQBSr8zSXRAopNDwSv5c
V97/Iq2a7UmQNIFm1F1kuwYCQOv9/5vd7fNPO8w+/snvSyopqXtJGNmxMPzORHFj
XtIcz2ze99UJ705gdDKHvEG+5JN81B/R6/dZ0lrzxHAB7z9XUCvvF3EQ4bt8kuCE
0VlFCKzTMAtuzmFbeIBykcGdphSvtyVthgvfqmsi7jLZm/e3wuENoNGFR5y48bMe
GT8ZzAl0jfMWQKOCxrp+rp/37Hh8RxrlJ4mxw5wV85nnNxmk72rbF/ofspqHtygl
XPnmTEUOdLT3BGWPtpisEAGLcjWDtEDkDEyB8/A1KywKvKglZYVFlcMFk/F8JOSR
k5Ye
-----END CERTIFICATE-----
Generated at Sat Apr 19 09:44:20 2025 by rpki-client