Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jMYtjT0ZbuH8PH02zEVz_h9mQhA.roa
File: jMYtjT0ZbuH8PH02zEVz_h9mQhA.roa (raw, json)
Hash identifier: nH9PRF8AyIklhXgmSNqCDc4/CGejocZv/UmJ5geHwXA=
Subject key identifier: 8C:C6:2D:8D:3D:19:6E:E1:FC:3C:7D:36:CC:45:73:FE:1F:66:42:10
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0196ED241D107336BC59388315189A7876A2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jMYtjT0ZbuH8PH02zEVz_h9mQhA.roa
Signing time: Tue 20 May 2025 10:01:28 +0000
ROA not before: Tue 20 May 2025 10:01:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 10:41:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:24:1d:10:73:36:bc:59:38:83:15:18:9a:78:76:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 20 10:01:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cc62d8d3d196ee1fc3c7d36cc4573fe1f664210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:19:1e:c2:40:60:7d:9e:be:66:3c:21:fd:1b:
fc:61:0f:55:a9:84:a1:d1:a0:be:c8:b0:30:69:4a:
c9:49:ac:47:4e:81:c3:d3:2c:f6:7f:e8:46:fc:38:
e5:67:86:7c:1b:5d:2b:f4:f0:63:83:4d:a7:6d:68:
45:7a:b7:92:6a:94:b3:9e:36:1c:3e:e3:2f:d0:d1:
f5:39:9d:e1:25:d1:20:4d:aa:b1:09:36:cb:7f:c1:
7d:5f:3c:c2:21:a7:80:de:b4:7c:03:ae:35:1b:e9:
c3:a4:3f:98:ab:00:cd:d4:56:79:90:23:4b:e6:43:
b6:94:e8:ce:02:9a:0f:b5:c9:fc:58:2d:5e:42:8d:
92:01:9b:ce:c9:40:26:d6:6f:83:fb:c7:7d:54:c7:
cb:58:8d:63:de:af:9c:c8:b3:27:04:bc:77:4e:e5:
82:bd:1b:8c:49:15:56:88:43:e0:3c:0d:16:52:aa:
66:e7:17:cb:c4:38:60:54:89:8b:7d:98:b4:9d:21:
ae:93:67:73:5c:fa:8c:aa:df:cf:02:eb:8f:d6:a3:
ff:6d:76:76:25:d2:db:29:17:04:cd:cf:fc:fe:1f:
55:b0:de:b7:97:9d:b1:af:d8:b5:84:ec:58:23:92:
e4:87:8c:8b:95:d8:7c:f0:d2:ba:db:bc:41:fd:e1:
76:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C6:2D:8D:3D:19:6E:E1:FC:3C:7D:36:CC:45:73:FE:1F:66:42:10
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jMYtjT0ZbuH8PH02zEVz_h9mQhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
46.102.237.0/24
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
94.177.145.0/24
194.85.251.0/24
202.71.15.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4b:b8:9e:97:7a:99:67:5a:d4:61:6b:f7:c1:f1:09:2f:61:
d6:99:a1:57:4e:d6:23:85:e9:3a:da:31:45:b4:47:3e:b9:ef:
f5:b2:f7:b3:3c:d7:7f:8e:0f:d3:ab:f9:c6:9e:c0:c8:c1:15:
a0:94:66:1a:6b:32:7a:aa:b9:0b:bb:b7:8e:df:f5:4c:c2:97:
bf:63:5c:a3:ea:42:f4:bf:fa:23:7f:ca:6e:01:7b:96:6a:6e:
15:5c:40:78:da:93:cc:85:94:ac:e8:2b:c5:d2:d4:9d:b8:51:
b8:83:7a:91:9f:f4:71:07:93:ec:6c:9c:89:11:23:94:a0:78:
79:50:bc:8b:66:82:94:55:06:19:83:2a:90:1a:e8:8a:5a:07:
62:23:ed:10:94:f3:df:6e:c8:d1:a1:88:c8:56:cc:b5:5a:1e:
5a:66:fd:8a:7b:ee:1d:df:04:99:01:43:63:0e:49:d7:61:07:
5e:da:1f:07:63:82:61:fe:c4:de:e2:21:b0:e1:2b:90:84:f0:
b5:36:92:26:8f:39:50:50:e9:31:2f:3e:50:32:d8:00:53:91:
c5:39:26:79:32:a1:4b:eb:b6:2e:c3:ff:0e:07:1d:b6:e6:61:
e3:9c:5d:d1:d7:30:f1:35:8f:2c:72:63:8d:e1:3e:5e:6b:c8:
19:dc:ba:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZbtJB0Qcza8WTiDFRiaeHaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNTIwMTAwMTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2M2MmQ4ZDNkMTk2ZWUxZmMzYzdkMzZjYzQ1NzNmZTFmNjY0MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBkewkBgfZ6+Zjwh/Rv8YQ9VqYSh
0aC+yLAwaUrJSaxHToHD0yz2f+hG/DjlZ4Z8G10r9PBjg02nbWhFereSapSznjYc
PuMv0NH1OZ3hJdEgTaqxCTbLf8F9XzzCIaeA3rR8A641G+nDpD+YqwDN1FZ5kCNL
5kO2lOjOApoPtcn8WC1eQo2SAZvOyUAm1m+D+8d9VMfLWI1j3q+cyLMnBLx3TuWC
vRuMSRVWiEPgPA0WUqpm5xfLxDhgVImLfZi0nSGuk2dzXPqMqt/PAuuP1qP/bXZ2
JdLbKRcEzc/8/h9VsN63l52xr9i1hOxYI5Lkh4yLldh88NK627xB/eF2VwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIzGLY09GW7h/Dx9NsxFc/4fZkIQMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvak1ZdGpUMFpidUg4UEgwMnpFVnpfaDltUWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBLYe2AwQA
LmbtAwQAWSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAXrGRAwQAwlX7AwQA
ykcPMA0GCSqGSIb3DQEBCwUAA4IBAQAZS7iel3qZZ1rUYWv3wfEJL2HWmaFXTtYj
hek62jFFtEc+ue/1svezPNd/jg/Tq/nGnsDIwRWglGYaazJ6qrkLu7eO3/VMwpe/
Y1yj6kL0v/ojf8puAXuWam4VXEB42pPMhZSs6CvF0tSduFG4g3qRn/RxB5PsbJyJ
ESOUoHh5ULyLZoKUVQYZgyqQGuiKWgdiI+0QlPPfbsjRoYjIVsy1Wh5aZv2Ke+4d
3wSZAUNjDknXYQde2h8HY4Jh/sTe4iGw4SuQhPC1NpImjzlQUOkxLz5QMtgAU5HF
OSZ5MqFL67Yuw/8OBx225mHjnF3R1zDxNY8scmON4T5ea8gZ3LpD
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:38:43 2025 by rpki-client