Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9CfadE2NW4BEjwjlrQPcv9fW8xk.roa
File: 9CfadE2NW4BEjwjlrQPcv9fW8xk.roa (raw, json)
Hash identifier: PqwVmqft0sNAw3y0+n9vG6v2OV0HkiiQJVIDrVxI/Yo=
Subject key identifier: F4:27:DA:74:4D:8D:5B:80:44:8F:08:E5:AD:03:DC:BF:D7:D6:F3:19
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01957F87C9861D47AC57A2CA3BD388CE0CF0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9CfadE2NW4BEjwjlrQPcv9fW8xk.roa
Signing time: Mon 10 Mar 2025 10:09:20 +0000
ROA not before: Mon 10 Mar 2025 10:09:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:87:c9:86:1d:47:ac:57:a2:ca:3b:d3:88:ce:0c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 10 10:09:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f427da744d8d5b80448f08e5ad03dcbfd7d6f319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:b9:ac:22:80:76:d9:25:9a:40:eb:e4:d0:
97:8d:e3:f6:b3:b0:ac:54:69:da:8a:32:06:1b:14:
20:98:fd:30:47:d0:73:b6:45:5c:c6:48:ed:89:00:
1a:7a:b4:b1:c5:9f:34:aa:5c:e7:20:8a:f8:da:83:
ab:a8:45:d5:3d:fa:c1:db:30:99:53:d5:47:84:77:
83:fa:76:d3:fb:e8:8b:ed:ba:47:ed:9e:f5:27:b8:
e3:a4:6c:9a:8c:28:3c:fc:b4:d4:e1:92:b1:ef:54:
82:af:e1:ce:04:46:55:dd:5b:a6:a8:58:d8:3b:ae:
72:55:9b:c2:f2:6e:56:b7:f2:34:cc:7c:2a:ee:d2:
0d:80:d5:54:29:9a:6c:c0:5f:0e:2b:68:2c:bb:f9:
94:41:c2:47:34:88:e6:a2:2a:50:cc:99:41:50:19:
2b:d7:6b:ed:99:b4:de:8b:78:9d:c8:ee:98:dc:26:
b3:c5:32:9c:9f:2b:93:16:1c:69:5d:fa:1d:1d:b7:
fc:d1:a7:03:65:70:46:5b:bd:14:b7:c7:be:c6:04:
91:e2:aa:26:95:3a:7f:ac:1f:4d:cc:39:62:8e:40:
a4:5d:7e:5b:3d:af:df:1c:b8:49:cd:5e:a2:57:15:
b0:e3:75:b8:7a:a8:a2:db:6a:d1:c9:f3:c0:d3:c4:
ad:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:27:DA:74:4D:8D:5B:80:44:8F:08:E5:AD:03:DC:BF:D7:D6:F3:19
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9CfadE2NW4BEjwjlrQPcv9fW8xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
46.102.237.0/24
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
94.177.106.0/24
188.208.103.0/24
194.85.251.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:8e:26:78:84:b5:99:c6:06:62:11:bd:c2:43:5f:3e:3f:1e:
85:f6:f4:cf:f1:1b:05:b2:54:4d:d4:ee:d0:2f:b2:69:5d:17:
36:2f:b4:b7:40:a8:bd:d6:16:71:d4:24:ae:f9:d2:c6:29:06:
31:79:12:4e:bb:c2:5d:0a:2a:05:7d:ba:cc:da:40:ae:52:b8:
51:b3:56:d9:f7:37:8f:8a:fa:a6:fc:3d:80:de:78:4b:69:bd:
1e:71:21:c1:12:d5:e6:a9:4e:4a:3c:e7:85:d6:41:74:dc:88:
bb:0d:64:8e:c7:f2:c1:34:02:c1:9f:d4:ab:75:82:98:29:23:
ac:1c:48:e1:fc:df:b6:45:09:58:3d:42:fc:71:c4:cf:e4:99:
a9:b8:cf:ff:c8:1f:ce:fd:5f:c4:68:1d:2d:56:d5:04:ef:85:
5c:b1:b0:23:c4:e9:b0:17:bd:f9:9c:44:2c:82:1c:ae:04:12:
94:4c:74:73:6e:6a:fa:ce:7c:07:11:96:37:ff:fc:65:33:a2:
b2:d5:db:d6:d1:30:f7:c6:c4:a8:82:19:73:84:04:d3:b6:29:
7e:5b:66:d0:75:e8:48:e1:1b:c9:84:b2:02:a2:c7:f5:a0:c3:
20:04:c5:23:dc:52:55:11:0a:96:59:ae:85:f1:c0:36:64:e3:
2b:96:da:87
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZV/h8mGHUesV6LKO9OIzgzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMzEwMTAwOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI3ZGE3NDRkOGQ1YjgwNDQ4ZjA4ZTVhZDAzZGNiZmQ3ZDZmMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoui5rCKAdtklmkDr5NCXjeP2s7Cs
VGnaijIGGxQgmP0wR9BztkVcxkjtiQAaerSxxZ80qlznIIr42oOrqEXVPfrB2zCZ
U9VHhHeD+nbT++iL7bpH7Z71J7jjpGyajCg8/LTU4ZKx71SCr+HOBEZV3VumqFjY
O65yVZvC8m5Wt/I0zHwq7tINgNVUKZpswF8OK2gsu/mUQcJHNIjmoipQzJlBUBkr
12vtmbTei3idyO6Y3CazxTKcnyuTFhxpXfodHbf80acDZXBGW70Ut8e+xgSR4qom
lTp/rB9NzDlijkCkXX5bPa/fHLhJzV6iVxWw43W4eqii22rRyfPA08StswIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPQn2nRNjVuARI8I5a0D3L/X1vMZMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOUNmYWRFMk5XNEJFandqbHJRUGN2OWZXOHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
LmbtAwQAWSJqAwQAXXK3AwQAXXNqAwQAXrFqAwQAvNBnAwQAwlX7MA0GCSqGSIb3
DQEBCwUAA4IBAQBbjiZ4hLWZxgZiEb3CQ18+Px6F9vTP8RsFslRN1O7QL7JpXRc2
L7S3QKi91hZx1CSu+dLGKQYxeRJOu8JdCioFfbrM2kCuUrhRs1bZ9zePivqm/D2A
3nhLab0ecSHBEtXmqU5KPOeF1kF03Ii7DWSOx/LBNALBn9SrdYKYKSOsHEjh/N+2
RQlYPUL8ccTP5JmpuM//yB/O/V/EaB0tVtUE74VcsbAjxOmwF735nEQsghyuBBKU
THRzbmr6znwHEZY3//xlM6Ky1dvW0TD3xsSoghlzhATTtil+W2bQdehI4RvJhLIC
osf1oMMgBMUj3FJVEQqWWa6F8cA2ZOMrltqH
-----END CERTIFICATE-----
Generated at Sat Apr 19 09:47:02 2025 by rpki-client