Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1OHepdd5dOdZ433kZ479BTsMi80.roa
File: 1OHepdd5dOdZ433kZ479BTsMi80.roa (raw, json)
Hash identifier: HVM5Bk6btA+CtySvNmxxVC+3I+hO2BArUD3au11uYV8=
Subject key identifier: D4:E1:DE:A5:D7:79:74:E7:59:E3:7D:E4:67:8E:FD:05:3B:0C:8B:CD
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 019427B5BE9975029F50A9D70D77F66EAE11
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1OHepdd5dOdZ433kZ479BTsMi80.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
45.12.44.0/22 maxlen: 24
45.15.52.0/22 maxlen: 22
45.67.44.0/22 maxlen: 22
45.86.192.0/22 maxlen: 22
45.95.140.0/22 maxlen: 24
45.130.204.0/22 maxlen: 24
45.136.60.0/22 maxlen: 24
45.145.192.0/22 maxlen: 24
45.151.204.0/22 maxlen: 24
91.225.0.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
91.239.37.0/24 maxlen: 24
94.142.164.0/22 maxlen: 22
185.39.11.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
185.232.89.0/24 maxlen: 24
193.3.158.0/24 maxlen: 24
194.99.66.0/23 maxlen: 23
195.244.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 Jan 2025 08:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:be:99:75:02:9f:50:a9:d7:0d:77:f6:6e:ae:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4e1dea5d77974e759e37de4678efd053b0c8bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:aa:4f:f4:4e:80:bd:89:56:2e:42:5d:8c:
26:2a:79:42:2b:3c:76:08:c0:f4:2b:b5:fc:91:bb:
70:eb:bd:4a:55:43:de:51:97:7b:bd:d4:3e:98:45:
7b:d2:e5:6b:fe:35:29:b2:e4:ac:09:2b:4b:1c:ca:
92:82:f1:58:c7:29:39:c2:c6:f9:d8:5e:1c:a6:fd:
1a:33:f7:44:95:0b:6f:41:78:7a:b3:12:61:04:f1:
04:18:fe:78:bd:b6:a6:9c:0d:ae:be:82:e7:79:e3:
1a:dc:0a:11:53:93:76:52:17:82:a1:7d:64:da:59:
8b:f1:91:ee:6e:0a:16:f8:e8:59:6e:11:10:8b:fe:
a1:59:a2:85:9f:0e:fc:0b:e4:1f:6d:a9:fb:19:fb:
cb:b1:29:e1:00:1e:e6:f8:7e:6e:7e:e1:69:f0:5d:
b9:a1:ea:1c:c4:8a:37:91:c7:91:ac:b8:3a:8d:79:
60:f9:df:54:19:03:12:c0:ac:e0:3a:94:25:0d:ca:
8f:9e:c0:15:45:64:e0:50:9a:25:b6:74:1d:f9:bc:
03:2e:26:80:4b:08:a0:fe:4b:1e:9c:7c:ca:98:50:
b2:f7:ac:10:be:73:ab:f1:3d:5d:e1:c5:ee:08:ec:
69:19:bf:82:82:e1:1d:c4:60:66:b3:fd:a7:ac:f1:
b1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E1:DE:A5:D7:79:74:E7:59:E3:7D:E4:67:8E:FD:05:3B:0C:8B:CD
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1OHepdd5dOdZ433kZ479BTsMi80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
91.225.0.0/24
91.227.240.0/23
91.239.37.0/24
94.142.164.0/22
185.39.11.0/24
185.57.176.0/22
185.232.89.0/24
193.3.158.0/24
194.99.66.0/23
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
71:63:f4:08:ce:05:72:53:a7:12:e1:3e:ea:ed:f3:27:07:45:
cc:39:5f:dd:a8:ec:d6:11:34:f6:d3:aa:47:2c:0f:a3:ed:13:
72:4e:24:21:ad:ec:40:3b:d3:6d:c3:2d:dd:6c:b6:f6:d6:bb:
a7:b7:32:7c:c7:a1:50:39:90:a6:72:63:d2:03:35:e5:62:25:
9e:c8:9f:85:27:84:4e:d6:23:c2:84:5d:74:ca:d3:2d:5c:e7:
e0:35:db:c4:9d:8b:14:43:48:04:a6:88:5c:0d:56:c6:65:96:
7d:4d:d5:9e:2d:8f:eb:1e:9b:a1:79:6b:3b:d1:dd:ea:dc:87:
f5:b6:0e:d1:4d:75:b1:c4:35:39:93:ed:41:5a:69:bf:d8:0f:
a5:a6:43:75:47:2c:9e:74:eb:b7:d3:aa:95:10:28:f5:02:b2:
89:9f:ff:58:17:2d:71:3d:b4:6f:20:a3:1a:ad:02:d6:c4:52:
dc:68:80:77:07:8a:1d:be:f2:12:59:65:a4:9a:c5:06:98:8d:
fd:72:a6:4c:4b:f5:96:51:49:2f:96:b4:0f:37:34:f2:8c:3b:
ed:14:9e:7d:89:b4:e9:8d:91:fc:d7:22:7d:2d:0b:92:6e:14:
92:d5:93:cd:59:49:16:66:3b:a0:ff:84:1f:85:ef:59:f2:3e:
0a:bf:4e:86
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQntb6ZdQKfUKnXDXf2bq4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGUxZGVhNWQ3Nzk3NGU3NTllMzdkZTQ2NzhlZmQwNTNiMGM4YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrKqT/ROgL2JVi5CXYwmKnlCKzx2
CMD0K7X8kbtw671KVUPeUZd7vdQ+mEV70uVr/jUpsuSsCStLHMqSgvFYxyk5wsb5
2F4cpv0aM/dElQtvQXh6sxJhBPEEGP54vbamnA2uvoLneeMa3AoRU5N2UheCoX1k
2lmL8ZHubgoW+OhZbhEQi/6hWaKFnw78C+Qfban7GfvLsSnhAB7m+H5ufuFp8F25
oeocxIo3kceRrLg6jXlg+d9UGQMSwKzgOpQlDcqPnsAVRWTgUJoltnQd+bwDLiaA
Swig/ksenHzKmFCy96wQvnOr8T1d4cXuCOxpGb+CguEdxGBms/2nrPGxOwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNTh3qXXeXTnWeN95GeO/QU7DIvNMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvMU9IZXBkZDVkT2RaNDMza1o0NzlCVHNNaTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI5
tAMEAAI7dAMEAi0MLAMEAi0PNAMEAi1DLAMEAi1WwAMEAi1fjAMEAi2CzAMEAi2I
PAMEAi2RwAMEAi2XzAMEAFvhAAMEAVvj8AMEAFvvJQMEAl6OpAMEALknCwMEArk5
sAMEALnoWQMEAMEDngMEAcJjQgMEAcP0DjANBgkqhkiG9w0BAQsFAAOCAQEAcWP0
CM4FclOnEuE+6u3zJwdFzDlf3ajs1hE09tOqRywPo+0Tck4kIa3sQDvTbcMt3Wy2
9ta7p7cyfMehUDmQpnJj0gM15WIlnsifhSeETtYjwoRddMrTLVzn4DXbxJ2LFENI
BKaIXA1WxmWWfU3Vni2P6x6boXlrO9Hd6tyH9bYO0U11scQ1OZPtQVppv9gPpaZD
dUcsnnTrt9OqlRAo9QKyiZ//WBctcT20byCjGq0C1sRS3GiAdweKHb7yElllpJrF
BpiN/XKmTEv1llFJL5a0Dzc08ow77RSefYm06Y2R/NcifS0Lkm4UktWTzVlJFmY7
oP+EH4XvWfI+Cr9Ohg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:00:52 2025 by rpki-client