Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/Sdr9U8AD2g7TkZhfqFXS4sTe_lI.roa
File: Sdr9U8AD2g7TkZhfqFXS4sTe_lI.roa (raw, json)
Hash identifier: KGZG8P0N1zCcs7QVvFWObzA3U0UAGxV+Eiq0QmJl604=
Subject key identifier: 49:DA:FD:53:C0:03:DA:0E:D3:91:98:5F:A8:55:D2:E2:C4:DE:FE:52
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 01941F8C076C4C5B75D8B1D68BCE2C0653BC
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/Sdr9U8AD2g7TkZhfqFXS4sTe_lI.roa
Signing time: Wed 01 Jan 2025 01:47:37 +0000
ROA not before: Wed 01 Jan 2025 01:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 2.59.68.0/22 maxlen: 24
2.59.72.0/22 maxlen: 24
5.252.60.0/22 maxlen: 24
5.252.88.0/22 maxlen: 24
45.11.148.0/22 maxlen: 24
45.65.104.0/21 maxlen: 24
45.85.176.0/22 maxlen: 24
45.90.224.0/22 maxlen: 24
45.129.48.0/22 maxlen: 24
45.152.184.0/22 maxlen: 24
80.240.176.0/20 maxlen: 24
91.92.18.0/23 maxlen: 24
95.214.44.0/22 maxlen: 24
109.70.16.0/21 maxlen: 24
128.127.16.0/21 maxlen: 24
185.13.180.0/22 maxlen: 24
185.61.144.0/22 maxlen: 24
185.107.84.0/22 maxlen: 24
185.128.140.0/22 maxlen: 24
185.163.60.0/22 maxlen: 24
185.189.20.0/22 maxlen: 24
185.203.180.0/22 maxlen: 24
185.229.176.0/22 maxlen: 24
185.253.36.0/22 maxlen: 24
188.92.64.0/21 maxlen: 24
193.8.116.0/22 maxlen: 24
193.56.168.0/22 maxlen: 24
194.182.112.0/20 maxlen: 24
212.104.240.0/20 maxlen: 24
2a02:79e0::/32 maxlen: 48
2a02:cfc0::/29 maxlen: 48
2a06:4280::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 11:34:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:07:6c:4c:5b:75:d8:b1:d6:8b:ce:2c:06:53:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49dafd53c003da0ed391985fa855d2e2c4defe52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a3:1f:a5:70:b2:f0:9f:16:86:52:3a:9c:3a:
78:99:94:1b:00:97:a0:88:ed:8f:8e:95:01:7e:ad:
10:9c:c4:f9:61:ec:22:98:0c:6b:7e:78:0a:15:6d:
65:b2:2e:7b:cc:e5:bc:05:6c:90:3a:ee:fc:43:b7:
8a:bc:8f:b0:3e:cd:15:f5:6c:38:e6:69:5e:7c:0c:
e1:1e:3e:a5:eb:61:32:14:ea:0c:59:56:74:1f:82:
2a:b7:11:d0:92:d4:ee:ca:a7:62:d3:19:d7:84:52:
88:42:de:7e:ee:42:03:d9:9b:86:06:36:46:2d:f1:
ab:33:79:71:6f:a6:34:b3:d3:3f:4d:74:ed:df:b0:
4a:2c:c3:49:d1:dc:60:35:7a:f1:71:58:c0:2c:01:
3a:4b:b6:54:21:72:a4:09:47:ee:5b:0e:b4:62:a9:
d2:3b:2d:05:fc:a2:d8:48:5e:21:a4:6a:40:c8:74:
1a:e0:a4:0f:64:a0:2f:c0:af:57:84:52:dc:ef:d8:
99:c0:65:6a:82:98:d2:4b:ab:52:c3:20:02:09:be:
fd:f4:29:54:a9:c7:08:4e:ed:54:10:86:c2:60:00:
a7:07:dc:4c:41:d5:c9:51:e3:82:54:b2:44:f4:7f:
3a:ca:42:01:97:8d:83:e2:c0:19:53:13:8b:c4:3a:
ee:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DA:FD:53:C0:03:DA:0E:D3:91:98:5F:A8:55:D2:E2:C4:DE:FE:52
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/Sdr9U8AD2g7TkZhfqFXS4sTe_lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.189.20.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
90:ac:0f:98:56:0a:d7:7e:11:72:43:a0:e8:f5:27:59:51:c3:
ea:87:63:40:7a:86:2e:33:a4:98:54:4c:35:29:d1:1d:37:62:
e4:26:64:ab:86:0b:13:a0:d4:4d:87:3b:ba:e1:66:b8:87:e9:
62:2d:7e:5f:c7:57:26:dc:ce:5c:09:06:09:a8:51:19:b3:5f:
c8:e9:a6:93:10:3b:7b:22:97:c2:a5:2d:07:72:f3:0c:45:6e:
50:50:f8:47:29:29:8e:0e:c4:8b:25:b2:b2:94:78:a4:86:27:
f3:7b:26:92:09:cc:b6:8e:bc:32:49:5b:56:a6:41:3e:0f:e8:
c8:21:1f:15:22:14:c0:cc:36:29:83:fc:a4:4f:6e:a5:28:3f:
7f:2a:28:ef:d0:c8:83:ee:43:29:33:af:c6:47:32:c8:16:f6:
b4:d2:23:16:d2:1e:bc:16:1c:d7:dc:9a:ca:ee:eb:6d:93:11:
8d:49:41:6c:6c:5e:cf:7f:0b:78:cd:f4:25:1e:fa:1f:54:da:
44:50:9a:09:b6:4c:69:b8:bf:de:b9:8a:62:72:06:21:53:19:
95:41:5c:ab:ba:c0:9f:4a:19:26:54:41:49:05:e8:54:d6:31:
f7:f0:44:d3:54:aa:f7:b5:32:69:8d:5a:6c:8c:44:45:73:d5:
43:af:e9:a3
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZQfjAdsTFt12LHWi84sBlO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRhZmQ1M2MwMDNkYTBlZDM5MTk4NWZhODU1ZDJlMmM0ZGVmZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qMfpXCy8J8WhlI6nDp4mZQbAJeg
iO2PjpUBfq0QnMT5YewimAxrfngKFW1lsi57zOW8BWyQOu78Q7eKvI+wPs0V9Ww4
5mlefAzhHj6l62EyFOoMWVZ0H4IqtxHQktTuyqdi0xnXhFKIQt5+7kID2ZuGBjZG
LfGrM3lxb6Y0s9M/TXTt37BKLMNJ0dxgNXrxcVjALAE6S7ZUIXKkCUfuWw60YqnS
Oy0F/KLYSF4hpGpAyHQa4KQPZKAvwK9XhFLc79iZwGVqgpjSS6tSwyACCb799ClU
qccITu1UEIbCYACnB9xMQdXJUeOCVLJE9H86ykIBl42D4sAZUxOLxDru0wIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFEna/VPAA9oO05GYX6hV0uLE3v5SMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvU2RyOVU4QUQyZzdUa1poZnFGWFM0c1RlX2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbAwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArm9FAMEArnLtAMEArnlsAMEArn9JAME
A7xcQAMEAsEIdAMEAsE4qAMEBMK2cAMEBNRo8DAbBAIAAjAVAwUAKgJ54AMFAyoC
z8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQCQrA+YVgrXfhFyQ6Do9SdZUcPq
h2NAeoYuM6SYVEw1KdEdN2LkJmSrhgsToNRNhzu64Wa4h+liLX5fx1cm3M5cCQYJ
qFEZs1/I6aaTEDt7IpfCpS0HcvMMRW5QUPhHKSmODsSLJbKylHikhifzeyaSCcy2
jrwySVtWpkE+D+jIIR8VIhTAzDYpg/ykT26lKD9/Kijv0MiD7kMpM6/GRzLIFva0
0iMW0h68FhzX3JrK7uttkxGNSUFsbF7Pfwt4zfQlHvofVNpEUJoJtkxpuL/euYpi
cgYhUxmVQVyrusCfShkmVEFJBehU1jH38ETTVKr3tTJpjVpsjERFc9VDr+mj
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:55:45 2025 by rpki-client