Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mXcCQKRm_wqfVaOlthJQ00N_gpg.roa
File: mXcCQKRm_wqfVaOlthJQ00N_gpg.roa (raw, json)
Hash identifier: dfo31pfAtxq+YsrvDgy5xeTurAbcUVM2Pc7OURu8XRc=
Subject key identifier: 99:77:02:40:A4:66:FF:0A:9F:55:A3:A5:B6:12:50:D3:43:7F:82:98
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01956C3E583DE4FE63D93EFD2DC8AAD70FF7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mXcCQKRm_wqfVaOlthJQ00N_gpg.roa
Signing time: Thu 06 Mar 2025 16:16:19 +0000
ROA not before: Thu 06 Mar 2025 16:16:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 11:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:3e:58:3d:e4:fe:63:d9:3e:fd:2d:c8:aa:d7:0f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 6 16:16:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99770240a466ff0a9f55a3a5b61250d3437f8298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:db:92:30:0d:90:98:26:a2:ad:c2:08:19:
ea:99:3c:ac:9c:8b:e7:57:b4:dd:6c:75:b3:6a:3a:
e3:67:5c:90:c3:23:9c:d8:1c:40:c0:91:91:f6:f5:
24:79:ec:5e:a5:3b:a4:df:f1:cf:b8:1b:ac:e5:79:
a6:3c:7e:0d:1f:96:bc:55:fd:94:c3:93:5b:6c:83:
7f:ba:d3:07:7b:9d:45:15:b3:2b:18:db:cd:74:ec:
f2:a4:31:d2:e9:e3:32:17:37:92:48:5b:08:b5:db:
4e:b1:02:2e:80:5e:33:55:5f:56:bf:3b:b8:8c:4c:
9c:4b:14:a6:41:0c:d1:92:7b:33:8d:0e:2d:d3:d2:
23:b7:6c:57:40:d7:9c:11:56:6c:5a:fa:ad:a4:b2:
a0:fd:17:52:92:9c:32:1e:58:9c:98:18:8c:76:31:
b8:19:1d:6f:45:71:74:15:7e:97:f8:b8:f4:5b:f0:
89:c5:b5:5b:cf:02:be:27:5b:b0:58:21:fe:80:ad:
33:d6:dc:6c:ba:43:d4:c3:02:8e:f4:38:39:18:4a:
40:d3:f3:90:67:49:ae:5b:b0:f3:0a:34:57:a9:7e:
a6:69:98:c8:ef:26:6a:7e:ee:10:f7:1b:4a:5f:47:
3e:97:a7:f9:f9:2e:33:6d:0e:92:fd:d7:0f:15:1e:
72:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:77:02:40:A4:66:FF:0A:9F:55:A3:A5:B6:12:50:D3:43:7F:82:98
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mXcCQKRm_wqfVaOlthJQ00N_gpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.40.70.0/24
93.114.183.0/24
93.115.106.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ca:9d:62:61:3e:99:43:41:05:fa:9d:1a:12:87:2e:33:d5:
51:7c:89:9a:0c:28:04:9d:5a:b0:a3:e6:27:63:d4:c6:09:0f:
f3:f6:e6:ba:34:27:f9:c8:f1:62:40:c4:c8:c3:ca:30:2e:e4:
97:03:13:a5:37:82:90:f9:57:7f:87:da:fd:4d:84:d7:80:22:
58:d9:ac:39:b7:8b:90:7d:19:01:5c:a4:b9:c3:1e:b2:29:ca:
d6:24:e3:cd:90:8d:20:af:79:4f:92:ab:d1:44:f8:5e:e6:85:
88:a8:cc:c8:76:98:d6:f1:04:94:11:30:ba:89:9a:c1:55:fa:
5c:6f:9d:83:f4:df:e6:6b:06:38:9c:d4:7f:1e:94:9e:c4:ac:
1a:b0:76:8e:7c:fb:99:82:3b:62:43:7b:aa:9e:a1:0a:3b:3d:
67:04:64:58:45:3f:f7:11:40:e4:73:ed:24:c7:7a:81:7c:72:
cc:3e:56:43:6d:3d:56:13:0a:5b:22:ea:10:d7:e6:d8:b0:14:
6b:5e:86:92:5b:5a:9a:dc:41:6b:cd:7c:bf:d8:eb:c0:c2:97:
21:ad:0d:8f:98:b0:bc:7a:55:61:e8:d5:4e:13:b0:ab:7b:19:
b4:dc:08:9a:73:69:63:1e:98:e3:16:5c:5d:5c:64:65:03:75:
4c:db:d8:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVsPlg95P5j2T79Lciq1w/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMzA2MTYxNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc3MDI0MGE0NjZmZjBhOWY1NWEzYTViNjEyNTBkMzQzN2Y4Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA3bkjANkJgmoq3CCBnqmTysnIvn
V7TdbHWzajrjZ1yQwyOc2BxAwJGR9vUkeexepTuk3/HPuBus5XmmPH4NH5a8Vf2U
w5NbbIN/utMHe51FFbMrGNvNdOzypDHS6eMyFzeSSFsItdtOsQIugF4zVV9Wvzu4
jEycSxSmQQzRknszjQ4t09Ijt2xXQNecEVZsWvqtpLKg/RdSkpwyHlicmBiMdjG4
GR1vRXF0FX6X+Lj0W/CJxbVbzwK+J1uwWCH+gK0z1txsukPUwwKO9Dg5GEpA0/OQ
Z0muW7DzCjRXqX6maZjI7yZqfu4Q9xtKX0c+l6f5+S4zbQ6S/dcPFR5yVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJl3AkCkZv8Kn1WjpbYSUNNDf4KYMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbVhjQ1FLUm1fd3FmVmFPbHRoSlEwME5fZ3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYe2AwQA
WSJqAwQAWShGAwQAXXK3AwQAXXNqMA0GCSqGSIb3DQEBCwUAA4IBAQBcyp1iYT6Z
Q0EF+p0aEocuM9VRfImaDCgEnVqwo+YnY9TGCQ/z9ua6NCf5yPFiQMTIw8owLuSX
AxOlN4KQ+Vd/h9r9TYTXgCJY2aw5t4uQfRkBXKS5wx6yKcrWJOPNkI0gr3lPkqvR
RPhe5oWIqMzIdpjW8QSUETC6iZrBVfpcb52D9N/mawY4nNR/HpSexKwasHaOfPuZ
gjtiQ3uqnqEKOz1nBGRYRT/3EUDkc+0kx3qBfHLMPlZDbT1WEwpbIuoQ1+bYsBRr
XoaSW1qa3EFrzXy/2OvAwpchrQ2PmLC8elVh6NVOE7Crexm03Aiac2ljHpjjFlxd
XGRlA3VM29j1
-----END CERTIFICATE-----
Generated at Sat Apr 19 09:48:01 2025 by rpki-client