Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/_hUSVwhR2AzTAQ2XfzdiOZjBm8w.roa
File: _hUSVwhR2AzTAQ2XfzdiOZjBm8w.roa (raw, json)
Hash identifier: QKR3oa2M9EI3ncjck89yXzV0N57ZeZLJb3UZ6dMHc2c=
Subject key identifier: FE:15:12:57:08:51:D8:0C:D3:01:0D:97:7F:37:62:39:98:C1:9B:CC
Certificate issuer: /CN=43e0a364131841056d48b2d788ea00ca4b91db56
Certificate serial: 0194228D80CB09FA83BB71ED160CE5C8FEE7
Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/_hUSVwhR2AzTAQ2XfzdiOZjBm8w.roa
Signing time: Wed 01 Jan 2025 15:48:06 +0000
ROA not before: Wed 01 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48254
IP address blocks: 45.8.224.0/24 maxlen: 24
45.8.225.0/24 maxlen: 24
45.8.226.0/24 maxlen: 24
45.8.227.0/24 maxlen: 24
185.146.164.0/24 maxlen: 24
185.146.165.0/24 maxlen: 24
185.146.166.0/24 maxlen: 24
185.151.28.0/24 maxlen: 24
185.151.29.0/24 maxlen: 24
185.151.30.0/24 maxlen: 24
185.151.31.0/24 maxlen: 24
194.38.52.0/24 maxlen: 24
2a07:7800::/29 maxlen: 48
2a07:7800::/48 maxlen: 48
2a07:7800:1::/48 maxlen: 48
2a07:7800:2::/48 maxlen: 48
2a07:7800:3::/48 maxlen: 48
2a07:7800:4::/48 maxlen: 48
2a07:7800:5::/48 maxlen: 48
2a07:7800:6::/48 maxlen: 48
2a07:7800:7::/48 maxlen: 48
2a07:7800:8::/48 maxlen: 48
2a07:7800:9::/48 maxlen: 48
2a07:7800:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Feb 2025 10:39:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:80:cb:09:fa:83:bb:71:ed:16:0c:e5:c8:fe:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56
Validity
Not Before: Jan 1 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe1512570851d80cd3010d977f37623998c19bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b9:35:a3:25:3f:b9:b6:69:05:7a:18:94:cc:
e9:ab:78:e5:63:47:52:7f:61:45:b8:d6:88:81:5d:
2e:a6:37:fe:1b:49:be:a5:cf:40:ba:95:8a:4c:20:
e7:77:2d:39:64:86:a5:39:6c:f1:b6:0e:8b:3c:03:
92:6d:39:e6:7c:4d:fc:6a:f5:ba:3d:bb:4a:44:40:
32:4a:3c:cd:76:17:73:64:90:48:8b:e2:8b:1a:ce:
e3:da:5a:c7:d4:24:20:ef:a3:0f:e8:23:9f:71:89:
08:b8:4d:30:b3:ba:ae:fa:32:bf:76:4e:15:dd:e4:
46:b2:d3:c1:79:26:46:8c:ef:a8:2d:24:69:76:50:
22:08:08:2d:fc:d2:ed:fc:5f:14:4f:09:f5:d9:0c:
bb:3b:e5:8c:52:a8:44:5e:fc:db:a4:de:a3:da:c9:
03:29:25:dc:54:5f:ac:21:66:ce:fc:6d:cc:e3:cc:
5d:e9:99:c4:fb:f3:6e:a0:76:e2:42:1c:66:02:94:
d6:f6:ef:0e:86:1e:6e:fc:d0:fc:c5:5c:4b:ea:b6:
c3:67:fa:71:e3:fd:c3:68:d5:53:bc:f0:43:b6:93:
59:49:8d:a0:c8:4e:81:a4:36:a2:14:7a:d6:7d:33:
01:ae:59:cd:71:54:e7:e6:61:9d:ea:c3:13:09:13:
13:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:15:12:57:08:51:D8:0C:D3:01:0D:97:7F:37:62:39:98:C1:9B:CC
X509v3 Authority Key Identifier:
keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/_hUSVwhR2AzTAQ2XfzdiOZjBm8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.224.0/22
185.146.164.0-185.146.166.255
185.151.28.0/22
194.38.52.0/24
IPv6:
2a07:7800::/29
Signature Algorithm: sha256WithRSAEncryption
20:d8:d6:58:9f:a0:16:e4:79:c6:09:7e:ea:ef:95:f6:6d:6d:
89:96:e7:ed:a8:3e:98:aa:0f:70:b7:40:3a:cb:ef:62:22:03:
1c:af:0f:87:82:ca:7b:0c:88:63:61:b8:c9:14:3e:a6:6d:5a:
45:f1:22:94:05:74:a4:b3:99:6d:0c:ea:6d:22:d9:0e:3d:20:
ae:a9:5b:f9:21:f4:c4:ae:70:f4:bc:15:af:a2:bc:c8:8b:05:
a4:83:03:06:c2:88:4a:b6:a5:3b:17:9d:47:bf:0f:6b:05:f9:
b9:34:5b:bd:59:ac:51:a5:fe:c4:57:b1:cf:07:2d:f2:87:80:
4d:7b:ac:70:ec:97:77:4f:0a:cb:12:bc:bb:5e:87:e1:65:0d:
37:95:45:31:22:b9:62:63:24:a8:a7:d2:37:11:aa:1a:ec:68:
a9:dd:1f:e9:e2:59:50:94:42:aa:14:55:41:4c:97:e8:b2:8c:
56:c7:15:d7:ad:d6:1f:6a:b5:ae:4c:0a:84:87:7c:ec:e3:31:
f4:f6:bb:ed:99:5c:e7:8b:b5:79:76:9b:33:10:50:43:d7:b2:
7a:45:55:1e:43:bc:48:3d:17:a5:a5:07:63:81:bb:78:85:c1:
79:5f:81:ad:78:5f:3d:70:29:cd:03:39:8a:44:81:98:87:1e:
b8:9b:d6:ba
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQijYDLCfqDu3HtFgzlyP7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTBhMzY0MTMxODQxMDU2ZDQ4YjJkNzg4ZWEwMGNhNGI5
MWRiNTYwHhcNMjUwMTAxMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTE1MTI1NzA4NTFkODBjZDMwMTBkOTc3ZjM3NjIzOTk4YzE5YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rk1oyU/ubZpBXoYlMzpq3jlY0dS
f2FFuNaIgV0upjf+G0m+pc9AupWKTCDndy05ZIalOWzxtg6LPAOSbTnmfE38avW6
PbtKREAySjzNdhdzZJBIi+KLGs7j2lrH1CQg76MP6COfcYkIuE0ws7qu+jK/dk4V
3eRGstPBeSZGjO+oLSRpdlAiCAgt/NLt/F8UTwn12Qy7O+WMUqhEXvzbpN6j2skD
KSXcVF+sIWbO/G3M48xd6ZnE+/NuoHbiQhxmApTW9u8Ohh5u/ND8xVxL6rbDZ/px
4/3DaNVTvPBDtpNZSY2gyE6BpDaiFHrWfTMBrlnNcVTn5mGd6sMTCRMTOQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFP4VElcIUdgM0wENl383YjmYwZvMMB8GA1UdIwQY
MBaAFEPgo2QTGEEFbUiy14jqAMpLkdtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgt
NGIwODFjYzJiMzlhLzEvX2hVU1Z3aFIyQXpUQVEyWGZ6ZGlPWmpCbTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgtNGIwODFjYzJiMzlh
LzEvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCLQjgMAwD
BAK5kqQDBAC5kqYDBAK5lxwDBADCJjQwDQQCAAIwBwMFAyoHeAAwDQYJKoZIhvcN
AQELBQADggEBACDY1lifoBbkecYJfurvlfZtbYmW5+2oPpiqD3C3QDrL72IiAxyv
D4eCynsMiGNhuMkUPqZtWkXxIpQFdKSzmW0M6m0i2Q49IK6pW/kh9MSucPS8Fa+i
vMiLBaSDAwbCiEq2pTsXnUe/D2sF+bk0W71ZrFGl/sRXsc8HLfKHgE17rHDsl3dP
CssSvLteh+FlDTeVRTEiuWJjJKin0jcRqhrsaKndH+niWVCUQqoUVUFMl+iyjFbH
Fdet1h9qta5MCoSHfOzjMfT2u+2ZXOeLtXl2mzMQUEPXsnpFVR5DvEg9F6WlB2OB
u3iFwXlfga14Xz1wKc0DOYpEgZiHHrib1ro=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:29 2025 by rpki-client