Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-koSsswXCa0gQ2pVuaHInvHKvbM.roa
File: 1-koSsswXCa0gQ2pVuaHInvHKvbM.roa (raw, json)
Hash identifier: /1GF1qtcKp/9esRGxm+r/TCTE+0GvjainsdDma1xUkQ=
Subject key identifier: FA:4A:12:B2:CC:17:09:AD:20:43:6A:55:B9:A1:C8:9E:F1:CA:BD:B3
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0196F3A4EC16A2516A152D21191116D04E06
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-koSsswXCa0gQ2pVuaHInvHKvbM.roa
Signing time: Wed 21 May 2025 16:19:53 +0000
ROA not before: Wed 21 May 2025 16:19:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.132.0/24 maxlen: 24
45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
185.175.143.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.58.0/24 maxlen: 24
193.37.57.0/24 maxlen: 24
194.124.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 19:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:a4:ec:16:a2:51:6a:15:2d:21:19:11:16:d0:4e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 21 16:19:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa4a12b2cc1709ad20436a55b9a1c89ef1cabdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:04:f0:13:ad:4d:b3:9f:28:62:7a:36:f8:
a5:24:2c:57:d4:fc:22:b4:1f:81:c2:35:61:81:00:
f8:1d:95:59:51:f5:4a:73:30:ef:c0:bc:9b:bd:27:
bb:6d:88:ee:25:1e:2e:35:22:33:7d:19:84:3f:70:
fd:be:c4:c1:46:97:ca:9e:1f:8d:9c:4b:8e:13:08:
fc:b9:83:80:ca:cc:f0:11:50:29:78:8c:f5:19:53:
07:fb:7d:50:6a:43:c1:24:aa:21:ec:d7:4a:f4:39:
db:d5:40:de:3a:ce:69:dd:7c:91:d8:b5:ce:7f:b4:
e5:5d:89:fb:fc:56:41:b9:56:12:3e:05:27:74:f3:
76:fb:d1:0a:dd:4c:bb:f9:40:ba:8e:1c:e3:ec:27:
d1:a9:78:fd:03:50:2e:9b:81:45:e5:c2:a8:ea:37:
e9:b1:d1:13:51:54:8c:bf:a7:fa:4b:42:16:54:19:
80:7d:29:e7:a5:e3:fd:9a:3b:2c:8c:a4:cb:84:97:
0b:5f:c8:55:ec:85:e0:46:2c:88:0f:7a:93:1f:84:
df:d5:65:d5:46:4d:5e:a9:5c:6c:64:94:46:db:2f:
0a:2c:6e:0e:f2:bb:c3:e1:d4:eb:38:25:ba:aa:0d:
ec:f3:fc:13:a1:63:8c:30:90:1a:82:40:10:0b:e1:
de:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4A:12:B2:CC:17:09:AD:20:43:6A:55:B9:A1:C8:9E:F1:CA:BD:B3
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-koSsswXCa0gQ2pVuaHInvHKvbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.132.0/24
45.66.135.0/24
45.82.165.0/24
45.85.2.0/24
45.134.18.0/24
45.144.242.0/23
91.220.202.0/23
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.172.114.0/24
185.175.143.0/24
188.119.102.0/24
192.54.58.0/24
193.37.57.0/24
194.124.32.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e3:ae:50:44:3b:71:dc:f7:4d:2f:23:06:8c:17:58:51:a8:
2c:9a:85:30:26:26:2d:c3:32:ad:4e:aa:52:1f:73:3d:6a:84:
55:1b:1c:ff:5e:70:a0:cd:64:af:ed:32:bb:dc:f3:22:71:3e:
3d:0d:62:62:e6:94:03:37:b9:58:f3:3d:a7:18:64:dd:2d:ba:
2f:11:0e:fa:b1:87:46:6f:86:cc:68:5a:89:e6:5b:2b:15:58:
74:d7:20:b2:74:3e:4c:95:b6:9a:1f:f3:ea:f0:92:85:f6:24:
84:db:05:82:3a:94:c8:97:4a:c6:b7:fb:10:0c:af:53:ee:e8:
1a:ad:01:7f:ac:70:32:20:bd:e0:b3:ee:b5:1d:95:c1:61:55:
27:2b:a5:67:18:29:75:20:59:54:c1:e5:3a:d3:91:ac:24:b2:
8b:9a:a7:d5:67:a4:91:4a:33:ff:ca:9c:7b:32:bb:d8:31:b0:
f2:30:d1:1b:55:3b:1c:83:cc:09:d9:65:9a:e3:43:9d:b5:25:
1a:07:3b:35:a9:85:bf:5f:84:83:d0:71:00:6e:76:f0:a9:e4:
b0:bb:81:f8:84:58:4e:dd:29:cc:11:5b:f4:62:b0:f6:7a:2e:
20:32:9e:e9:50:a8:93:05:30:a1:f3:e7:01:ad:82:2f:7f:4a:
67:ed:c5:87
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZbzpOwWolFqFS0hGREW0E4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTIxMTYxOTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRhMTJiMmNjMTcwOWFkMjA0MzZhNTViOWExYzg5ZWYxY2FiZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmesE8BOtTbOfKGJ6NvilJCxX1Pwi
tB+BwjVhgQD4HZVZUfVKczDvwLybvSe7bYjuJR4uNSIzfRmEP3D9vsTBRpfKnh+N
nEuOEwj8uYOAyszwEVApeIz1GVMH+31QakPBJKoh7NdK9Dnb1UDeOs5p3XyR2LXO
f7TlXYn7/FZBuVYSPgUndPN2+9EK3Uy7+UC6jhzj7CfRqXj9A1Aum4FF5cKo6jfp
sdETUVSMv6f6S0IWVBmAfSnnpeP9mjssjKTLhJcLX8hV7IXgRiyID3qTH4Tf1WXV
Rk1eqVxsZJRG2y8KLG4O8rvD4dTrOCW6qg3s8/wToWOMMJAagkAQC+He1wIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFPpKErLMFwmtIENqVbmhyJ7xyr2zMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvMS1rb1Nzc3dYQ2EwZ1EycFZ1YUhJbnZIS3ZiTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvYjNmZDQwLWIxMjUtNDI4Mi1iODgzLTczNjc4OWVlNmZk
MC8xL0N5Ui1jemtleWRhaXBHOHNzTEF2eVpRb2p4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEAC1ChAME
AC1ChwMEAC1SpQMEAC1VAgMEAC2GEgMEAS2Q8gMEAVvcygMEALl4EQMEALl+RAME
Abl+iAMEALmscgMEALmvjwMEALx3ZgMEAMA2OgMEAMElOQMEAMJ8IDANBgkqhkiG
9w0BAQsFAAOCAQEAXeOuUEQ7cdz3TS8jBowXWFGoLJqFMCYmLcMyrU6qUh9zPWqE
VRsc/15woM1kr+0yu9zzInE+PQ1iYuaUAze5WPM9pxhk3S26LxEO+rGHRm+GzGha
ieZbKxVYdNcgsnQ+TJW2mh/z6vCShfYkhNsFgjqUyJdKxrf7EAyvU+7oGq0Bf6xw
MiC94LPutR2VwWFVJyulZxgpdSBZVMHlOtORrCSyi5qn1WekkUoz/8qcezK72DGw
8jDRG1U7HIPMCdllmuNDnbUlGgc7NamFv1+Eg9BxAG528KnksLuB+IRYTt0pzBFb
9GKw9nouIDKe6VCokwUwofPnAa2CL39KZ+3Fhw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:49:49 2025 by rpki-client