Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rfNLSTGLwl4bLmSpl4cCyr_DRZE.roa
File: rfNLSTGLwl4bLmSpl4cCyr_DRZE.roa (raw, json)
Hash identifier: bWgf3KibXLVeuHP57pWhJxCJBLVqbtHh2v0lE7u8y4w=
Subject key identifier: AD:F3:4B:49:31:8B:C2:5E:1B:2E:64:A9:97:87:02:CA:BF:C3:45:91
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0196D8696EBD35B49900C4275599B4300D48
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rfNLSTGLwl4bLmSpl4cCyr_DRZE.roa
Signing time: Fri 16 May 2025 09:25:10 +0000
ROA not before: Fri 16 May 2025 09:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 10:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:69:6e:bd:35:b4:99:00:c4:27:55:99:b4:30:0d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 16 09:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adf34b49318bc25e1b2e64a9978702cabfc34591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b5:12:be:15:b5:12:a2:e0:88:f0:da:c6:ab:
d5:bb:46:b3:3a:ab:2b:67:78:c5:89:dd:b7:c1:26:
85:a5:c7:a2:46:01:69:8b:00:fe:b5:ed:bf:44:75:
0f:e6:4a:fc:ae:ce:bc:32:2d:8d:d0:a4:0d:01:7d:
6a:b8:7f:1d:67:bc:71:fd:61:13:1f:bd:d5:90:b5:
da:4c:74:18:1f:95:85:45:7d:e3:d5:9f:59:6b:74:
17:da:b0:61:a9:e0:06:b3:41:dc:e1:8e:58:d2:ad:
34:26:c7:27:3d:a1:c9:92:8d:95:c5:6a:99:ba:db:
10:30:02:2c:a4:94:4a:9b:4f:d0:57:26:0c:43:89:
09:9e:a6:b6:7a:d9:ba:6f:03:b3:52:c7:f5:cc:68:
40:74:2a:8c:81:98:0e:80:8a:5b:1f:e7:fe:42:5e:
bd:63:6f:d0:fd:8c:05:69:c0:8f:59:d2:46:86:48:
50:80:48:d4:78:b7:95:64:36:9a:69:e3:a1:24:35:
37:ab:3c:36:f4:ad:20:de:6b:e5:c6:fb:a0:3b:eb:
bc:b7:f5:e6:ce:b9:58:72:28:25:99:1c:27:c8:cb:
1a:30:67:b5:fd:1b:9b:a8:aa:b8:60:44:6e:a3:9b:
21:c2:f2:6c:78:ad:93:13:f9:70:13:d9:8a:f6:19:
3f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:4B:49:31:8B:C2:5E:1B:2E:64:A9:97:87:02:CA:BF:C3:45:91
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rfNLSTGLwl4bLmSpl4cCyr_DRZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
46.102.237.0/24
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
194.85.251.0/24
202.71.15.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:4c:3f:b8:30:6b:23:fc:06:4e:d6:d6:17:c0:47:92:52:65:
44:13:53:7a:bd:10:35:e6:19:ab:8d:5a:d5:2f:27:cd:50:0e:
37:5d:e8:28:52:d0:92:c2:58:b6:75:30:59:f2:1e:96:3e:96:
2b:4e:f0:4a:9a:14:e1:fc:9c:a9:fc:67:23:88:d3:80:8c:a1:
7d:5f:ee:6c:60:13:22:df:d2:0d:79:06:33:89:c7:69:ff:41:
32:8d:0e:dc:25:d4:b9:d2:42:be:9b:45:07:b8:14:33:c9:95:
f9:96:0b:0b:fe:ea:52:a1:03:cb:e0:64:a9:a0:c8:21:e5:a7:
59:bd:50:50:6f:be:5c:80:95:1e:98:ff:92:da:2a:58:64:3c:
56:e6:7d:aa:56:d7:bc:f4:21:14:96:fa:a4:06:ab:da:e7:ff:
ab:97:5a:e7:ba:53:fb:29:83:1d:17:14:e5:31:59:6b:5a:35:
b8:30:e7:c8:48:44:68:7f:c4:c4:cf:c3:a2:02:82:1b:d0:8d:
f6:5a:bb:90:5f:3d:4c:48:28:4b:b8:83:ab:5a:68:fc:7d:80:
be:fe:cd:05:83:5c:2e:49:c4:49:d1:34:d9:0e:df:e6:4f:f1:
52:cf:4e:45:79:1c:4d:c6:d3:c3:b7:c5:11:50:72:ad:7d:62:
9b:ae:ef:44
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZbYaW69NbSZAMQnVZm0MA1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNTE2MDkyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGYzNGI0OTMxOGJjMjVlMWIyZTY0YTk5Nzg3MDJjYWJmYzM0NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7USvhW1EqLgiPDaxqvVu0azOqsr
Z3jFid23wSaFpceiRgFpiwD+te2/RHUP5kr8rs68Mi2N0KQNAX1quH8dZ7xx/WET
H73VkLXaTHQYH5WFRX3j1Z9Za3QX2rBhqeAGs0Hc4Y5Y0q00JscnPaHJko2VxWqZ
utsQMAIspJRKm0/QVyYMQ4kJnqa2etm6bwOzUsf1zGhAdCqMgZgOgIpbH+f+Ql69
Y2/Q/YwFacCPWdJGhkhQgEjUeLeVZDaaaeOhJDU3qzw29K0g3mvlxvugO+u8t/Xm
zrlYciglmRwnyMsaMGe1/RubqKq4YERuo5shwvJseK2TE/lwE9mK9hk/2QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFK3zS0kxi8JeGy5kqZeHAsq/w0WRMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcmZOTFNUR0x3bDRiTG1TcGw0Y0N5cl9EUlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYe2AwQA
LmbtAwQAWSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAwlX7AwQAykcPMA0G
CSqGSIb3DQEBCwUAA4IBAQAfTD+4MGsj/AZO1tYXwEeSUmVEE1N6vRA15hmrjVrV
LyfNUA43XegoUtCSwli2dTBZ8h6WPpYrTvBKmhTh/Jyp/GcjiNOAjKF9X+5sYBMi
39INeQYzicdp/0EyjQ7cJdS50kK+m0UHuBQzyZX5lgsL/upSoQPL4GSpoMgh5adZ
vVBQb75cgJUemP+S2ipYZDxW5n2qVte89CEUlvqkBqva5/+rl1rnulP7KYMdFxTl
MVlrWjW4MOfISERof8TEz8OiAoIb0I32WruQXz1MSChLuIOrWmj8fYC+/s0Fg1wu
ScRJ0TTZDt/mT/FSz05FeRxNxtPDt8URUHKtfWKbru9E
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:14:38 2025 by rpki-client