Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/myTLt2YlSP5wQSLdn5_F0DZEnC4.roa
File: myTLt2YlSP5wQSLdn5_F0DZEnC4.roa (raw, json)
Hash identifier: EB6pfAuulJA6HBct05P5bc4ITe+Tnn1arwp/7J16EYM=
Subject key identifier: 9B:24:CB:B7:66:25:48:FE:70:41:22:DD:9F:9F:C5:D0:36:44:9C:2E
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 0194023953F361697021DB7C600219BF9BA0
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/myTLt2YlSP5wQSLdn5_F0DZEnC4.roa
Signing time: Thu 26 Dec 2024 09:08:18 +0000
ROA not before: Thu 26 Dec 2024 09:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
45.12.44.0/22 maxlen: 24
45.15.52.0/22 maxlen: 22
45.67.44.0/22 maxlen: 22
45.86.192.0/22 maxlen: 22
45.95.140.0/22 maxlen: 24
45.130.204.0/22 maxlen: 24
45.136.60.0/22 maxlen: 24
45.145.192.0/22 maxlen: 24
45.151.204.0/22 maxlen: 24
91.225.0.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
91.239.37.0/24 maxlen: 24
94.142.164.0/22 maxlen: 22
185.39.11.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
185.232.89.0/24 maxlen: 24
193.3.158.0/24 maxlen: 24
194.99.66.0/23 maxlen: 23
195.244.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:39:53:f3:61:69:70:21:db:7c:60:02:19:bf:9b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Dec 26 09:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b24cbb7662548fe704122dd9f9fc5d036449c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:23:3d:08:de:9a:07:e7:1d:92:14:0c:70:2b:
1e:ec:45:c6:4f:18:ab:1f:4d:28:85:8d:b3:fc:e9:
c2:33:91:86:ac:a7:36:97:dc:78:28:53:48:55:88:
ce:c8:e6:a6:66:3a:93:6e:8f:28:db:6f:a0:2a:f5:
b4:b3:f6:4e:af:54:4a:ef:51:43:99:25:52:ad:ec:
ce:8b:66:da:a3:0f:48:ce:4c:3f:b0:f4:c1:ab:ea:
bc:4c:8e:fd:ed:6c:70:0d:8b:c0:40:2a:ad:c9:99:
d3:23:0c:61:c3:fd:84:0f:4e:c4:57:59:0f:9d:c9:
88:54:95:c0:3d:7a:87:43:a4:d4:55:d8:d0:8e:c2:
3e:a3:fd:2a:a1:70:0e:fa:bf:9a:ef:e3:e2:0c:64:
e2:c3:fd:f2:6d:60:10:3d:73:87:ff:f4:cf:99:3a:
8e:a1:e3:6f:6b:91:36:23:e9:87:5f:02:b2:3e:35:
77:da:96:bd:f4:b8:38:48:af:8e:d4:d9:e2:9d:c9:
ed:dc:25:72:00:21:7f:74:0f:b1:b1:28:59:f4:e4:
b5:97:aa:4a:06:52:dc:3d:c1:02:9b:75:a0:62:80:
e3:7a:84:55:5a:7f:18:e6:7f:b8:ae:81:6f:1c:67:
30:49:f3:1d:13:62:67:78:c6:24:ce:02:c8:1b:f3:
7d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:24:CB:B7:66:25:48:FE:70:41:22:DD:9F:9F:C5:D0:36:44:9C:2E
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/myTLt2YlSP5wQSLdn5_F0DZEnC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
91.225.0.0/24
91.227.240.0/23
91.239.37.0/24
94.142.164.0/22
185.39.11.0/24
185.57.176.0/22
185.232.89.0/24
193.3.158.0/24
194.99.66.0/23
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
70:a6:3e:56:31:36:a1:fd:81:47:18:4e:aa:5c:86:1b:e5:6a:
0a:8c:87:c5:ee:8c:ce:40:2c:ee:e5:b4:d5:ad:89:18:88:fa:
fd:b5:df:35:a4:43:35:0d:ec:d2:5b:e5:87:e3:51:50:7c:21:
ed:b8:64:f1:34:08:a8:fa:2d:d9:5d:85:6b:be:7d:d2:5d:ad:
23:80:ec:e5:e5:cb:00:a3:02:6d:f6:b5:6f:29:e4:44:0a:cf:
1c:38:27:b5:4b:01:e0:da:96:08:00:dd:80:07:45:e6:2b:b5:
8d:8f:2c:7d:f6:f5:9a:9e:b6:4a:d9:27:73:0e:b4:9d:4e:ab:
2c:81:cb:0a:e7:07:bb:ea:f0:51:ce:10:ee:12:30:3c:da:70:
0d:90:d3:07:a0:97:78:26:df:a0:cc:b5:b9:3d:d3:23:82:de:
e0:d8:9e:fe:2f:16:d6:8a:1c:4c:66:95:c3:2d:c0:1b:42:b6:
e0:63:0a:e4:4a:15:f2:23:db:d1:8e:cc:a6:c0:5e:c7:58:ae:
a5:a0:09:ca:2e:68:3a:65:46:36:f8:25:14:49:8f:82:2e:23:
03:3a:ab:bc:9d:f7:fa:60:6a:33:52:6c:dd:f5:62:44:aa:3c:
61:ac:0b:af:41:cf:c8:d5:a6:ba:ce:7d:48:5b:dc:84:e4:d4:
ea:45:6e:20
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQCOVPzYWlwIdt8YAIZv5ugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjQxMjI2MDkwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI0Y2JiNzY2MjU0OGZlNzA0MTIyZGQ5ZjlmYzVkMDM2NDQ5YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSM9CN6aB+cdkhQMcCse7EXGTxir
H00ohY2z/OnCM5GGrKc2l9x4KFNIVYjOyOamZjqTbo8o22+gKvW0s/ZOr1RK71FD
mSVSrezOi2baow9Izkw/sPTBq+q8TI797WxwDYvAQCqtyZnTIwxhw/2ED07EV1kP
ncmIVJXAPXqHQ6TUVdjQjsI+o/0qoXAO+r+a7+PiDGTiw/3ybWAQPXOH//TPmTqO
oeNva5E2I+mHXwKyPjV32pa99Lg4SK+O1Nnincnt3CVyACF/dA+xsShZ9OS1l6pK
BlLcPcECm3WgYoDjeoRVWn8Y5n+4roFvHGcwSfMdE2JneMYkzgLIG/N9hwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJsky7dmJUj+cEEi3Z+fxdA2RJwuMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvbXlUTHQyWWxTUDV3UVNMZG41X0YwRFpFbkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI5
tAMEAAI7dAMEAi0MLAMEAi0PNAMEAi1DLAMEAi1WwAMEAi1fjAMEAi2CzAMEAi2I
PAMEAi2RwAMEAi2XzAMEAFvhAAMEAVvj8AMEAFvvJQMEAl6OpAMEALknCwMEArk5
sAMEALnoWQMEAMEDngMEAcJjQgMEAcP0DjANBgkqhkiG9w0BAQsFAAOCAQEAcKY+
VjE2of2BRxhOqlyGG+VqCoyHxe6MzkAs7uW01a2JGIj6/bXfNaRDNQ3s0lvlh+NR
UHwh7bhk8TQIqPot2V2Fa7590l2tI4Ds5eXLAKMCbfa1bynkRArPHDgntUsB4NqW
CADdgAdF5iu1jY8sffb1mp62Stkncw60nU6rLIHLCucHu+rwUc4Q7hIwPNpwDZDT
B6CXeCbfoMy1uT3TI4Le4Nie/i8W1oocTGaVwy3AG0K24GMK5EoV8iPb0Y7MpsBe
x1iupaAJyi5oOmVGNvglFEmPgi4jAzqrvJ33+mBqM1Js3fViRKo8YawLr0HPyNWm
us59SFvchOTU6kVuIA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:11:48 2025 by rpki-client