Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nz75gfGDETaG6k3iV8wHemhni3Y.roa
File: nz75gfGDETaG6k3iV8wHemhni3Y.roa (raw, json)
Hash identifier: N+Uap9Vy2FnVyb6LQ5lIPeCzLfFTG2M2zwnSpUSr1Es=
Subject key identifier: 9F:3E:F9:81:F1:83:11:36:86:EA:4D:E2:57:CC:07:7A:68:67:8B:76
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019570B7AB936CAB98B78034843FCD2DB2D9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nz75gfGDETaG6k3iV8wHemhni3Y.roa
Signing time: Fri 07 Mar 2025 13:07:19 +0000
ROA not before: Fri 07 Mar 2025 13:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
45.144.173.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Mar 2025 13:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:b7:ab:93:6c:ab:98:b7:80:34:84:3f:cd:2d:b2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 7 13:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f3ef981f183113686ea4de257cc077a68678b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:b5:e7:4a:d0:cd:88:58:9f:b8:ab:87:ce:
de:56:c1:ac:06:94:7c:0f:ef:ee:c3:52:63:0d:fd:
48:96:a7:39:02:a6:5f:e4:54:48:0c:c5:7a:0f:26:
30:57:ab:fd:90:ff:03:58:37:50:a0:05:86:0d:2e:
26:d6:78:d3:64:da:81:4c:1b:a5:3a:6c:2c:96:a1:
be:c1:36:92:7c:08:29:3f:98:e1:2c:58:f6:9f:70:
38:36:10:de:a8:3e:02:2a:87:4d:c4:e4:4c:90:37:
f4:2b:98:25:76:16:d4:ce:8c:2a:d7:f9:3c:ae:7a:
a3:ac:ca:ed:1e:5a:ff:00:e0:73:89:bf:39:dd:6f:
35:a6:a0:78:99:1f:75:25:80:00:37:4a:2e:27:be:
61:c5:53:fc:8b:6f:09:1a:9c:1a:a2:5c:58:0b:4e:
a4:91:aa:e1:66:78:ee:34:fc:b8:51:25:43:1d:c5:
8d:b3:24:b2:a8:d1:64:08:06:31:ad:ce:1a:d3:22:
4a:f7:c7:71:85:5f:55:6c:88:6c:65:f4:c9:a6:6a:
59:f7:f9:7e:d8:47:8e:fc:cb:52:1c:97:d9:82:0a:
e2:2f:3a:6a:c2:a3:b5:d7:64:80:48:15:85:14:39:
c5:72:13:21:c9:35:af:b4:24:8c:29:7a:00:77:60:
eb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3E:F9:81:F1:83:11:36:86:EA:4D:E2:57:CC:07:7A:68:67:8B:76
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nz75gfGDETaG6k3iV8wHemhni3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
45.144.173.0/24
89.34.106.0/24
89.40.70.0/24
93.114.183.0/24
93.115.106.0/24
94.177.106.0/24
194.85.251.0/24
Signature Algorithm: sha256WithRSAEncryption
96:2e:1c:dc:e5:06:30:af:79:c6:8b:5f:86:91:73:db:e1:1d:
63:4a:d5:0e:0a:be:6c:2d:00:6f:5c:75:7b:4c:d6:f8:e1:f6:
27:48:b9:19:bb:2e:ef:8b:fc:bf:ee:b7:21:8a:03:3b:1d:57:
6a:75:d0:2a:6b:4d:80:67:f7:07:e6:22:20:8e:0a:5b:94:6e:
ab:09:84:18:53:1b:b6:f2:5b:40:5e:60:cc:64:e3:9a:be:03:
77:4a:6d:e5:8e:6c:a7:89:44:53:45:dd:03:60:05:f2:d5:04:
fd:b8:4b:40:b1:0d:59:e6:75:28:b3:58:d3:23:37:4b:3b:58:
4a:9a:f3:dd:36:1c:7b:29:2e:96:2e:b5:47:bb:a4:1d:7d:71:
ac:76:5c:30:73:03:04:66:a5:00:fc:5a:c1:c3:1a:ed:d8:69:
a8:8b:4c:d1:5a:6f:d1:82:73:53:cc:ba:54:4c:f2:46:2c:3d:
2a:f2:d6:6b:81:e6:43:50:87:bf:0e:6d:23:4c:0b:21:86:6d:
7a:98:72:8b:df:9a:26:0c:83:49:01:f3:24:b1:e5:6c:5e:95:
e8:c2:37:8f:b7:d5:a0:e2:cd:35:d3:7f:c7:f3:11:dc:42:7d:
5d:aa:d4:5a:e4:5c:83:5c:d1:a3:43:ff:cc:50:42:1b:75:dd:
78:57:1d:60
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZVwt6uTbKuYt4A0hD/NLbLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMzA3MTMwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNlZjk4MWYxODMxMTM2ODZlYTRkZTI1N2NjMDc3YTY4Njc4Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnty150rQzYhYn7irh87eVsGsBpR8
D+/uw1JjDf1Ilqc5AqZf5FRIDMV6DyYwV6v9kP8DWDdQoAWGDS4m1njTZNqBTBul
OmwslqG+wTaSfAgpP5jhLFj2n3A4NhDeqD4CKodNxORMkDf0K5gldhbUzowq1/k8
rnqjrMrtHlr/AOBzib853W81pqB4mR91JYAAN0ouJ75hxVP8i28JGpwaolxYC06k
karhZnjuNPy4USVDHcWNsySyqNFkCAYxrc4a0yJK98dxhV9VbIhsZfTJpmpZ9/l+
2EeO/MtSHJfZggriLzpqwqO112SASBWFFDnFchMhyTWvtCSMKXoAd2DrfQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ8++YHxgxE2hupN4lfMB3poZ4t2MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbno3NWdmR0RFVGFHNmszaVY4d0hlbWhuaTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
LZCtAwQAWSJqAwQAWShGAwQAXXK3AwQAXXNqAwQAXrFqAwQAwlX7MA0GCSqGSIb3
DQEBCwUAA4IBAQCWLhzc5QYwr3nGi1+GkXPb4R1jStUOCr5sLQBvXHV7TNb44fYn
SLkZuy7vi/y/7rchigM7HVdqddAqa02AZ/cH5iIgjgpblG6rCYQYUxu28ltAXmDM
ZOOavgN3Sm3ljmyniURTRd0DYAXy1QT9uEtAsQ1Z5nUos1jTIzdLO1hKmvPdNhx7
KS6WLrVHu6QdfXGsdlwwcwMEZqUA/FrBwxrt2Gmoi0zRWm/RgnNTzLpUTPJGLD0q
8tZrgeZDUIe/Dm0jTAshhm16mHKL35omDINJAfMkseVsXpXowjePt9Wg4s0103/H
8xHcQn1dqtRa5FyDXNGjQ//MUEIbdd14Vx1g
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:46 2025 by rpki-client