Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/TCHlGn1sQW2ctV5xQ2t469W_rJw.roa
File: TCHlGn1sQW2ctV5xQ2t469W_rJw.roa (raw, json)
Hash identifier: jUrIieE40cld/chW/WsP3AQsl1bhFgko4QruKYVr7y0=
Subject key identifier: 4C:21:E5:1A:7D:6C:41:6D:9C:B5:5E:71:43:6B:78:EB:D5:BF:AC:9C
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0196F3A4ECE5E51A6EA3B62000E9E0F52F1E
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/TCHlGn1sQW2ctV5xQ2t469W_rJw.roa
Signing time: Wed 21 May 2025 16:19:54 +0000
ROA not before: Wed 21 May 2025 16:19:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
185.175.143.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
192.54.58.0/24 maxlen: 24
193.37.57.0/24 maxlen: 24
194.124.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 19:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:a4:ec:e5:e5:1a:6e:a3:b6:20:00:e9:e0:f5:2f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 21 16:19:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c21e51a7d6c416d9cb55e71436b78ebd5bfac9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:68:68:05:36:29:a9:78:44:67:96:df:a7:
d8:3f:fc:c7:3d:90:96:f4:65:58:87:78:63:fd:45:
2c:39:54:df:1d:ef:16:12:cd:ae:34:bc:54:0d:54:
05:05:a2:80:95:30:37:ec:e0:c4:06:01:67:0a:be:
f2:4f:e4:b9:f5:c8:19:c1:c7:7a:f5:39:99:98:47:
62:ab:39:88:10:62:e8:8e:e9:d9:4b:6a:f4:e4:be:
4c:92:55:bc:c7:a2:32:0a:67:d1:87:45:7a:bb:3b:
c1:b5:a6:8c:9a:8d:b7:04:d8:8d:f8:89:a2:17:fd:
e5:a7:6e:46:60:6f:52:4d:01:69:4a:8f:ba:87:63:
dd:6e:d6:ca:9f:f5:e1:1a:ab:f4:b7:94:35:e9:33:
8b:d1:4d:cf:28:f5:2f:45:62:ea:2c:b4:05:b9:17:
15:ef:60:11:97:4d:e4:dd:7f:f4:7b:27:0e:af:14:
58:59:b6:f0:f0:2e:4f:7c:1d:77:2c:93:85:97:6c:
f4:aa:c6:59:b1:bd:56:d9:b3:8d:73:7b:1b:a5:17:
57:e0:7c:8c:96:aa:55:41:5b:ce:71:26:5e:d5:62:
56:ea:4a:f7:8a:5f:c6:7b:1a:bf:54:46:86:19:39:
2e:54:f2:4c:14:51:24:aa:d9:6a:7d:27:4e:ab:bc:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:21:E5:1A:7D:6C:41:6D:9C:B5:5E:71:43:6B:78:EB:D5:BF:AC:9C
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/TCHlGn1sQW2ctV5xQ2t469W_rJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.135.0/24
45.82.165.0/24
45.85.2.0/24
45.134.18.0/24
45.144.242.0/23
81.90.190.0/24
91.220.202.0/23
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.126.227.0/24
185.172.114.0/24
185.175.143.0/24
188.119.102.0/24
192.54.56.0/24
192.54.58.0/24
193.37.57.0/24
194.124.32.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:1f:17:6a:91:cb:bb:a8:e3:89:5e:cc:70:c3:97:78:59:f4:
76:c6:78:92:9f:a6:ef:cd:47:f7:23:dc:73:09:d6:6a:b1:43:
86:5e:b9:0a:74:97:a8:55:c5:bf:6f:31:6d:a2:7d:f8:d8:7c:
e0:62:6d:35:01:ba:ef:66:0d:66:32:01:12:46:6f:f2:48:f2:
fd:09:97:7e:02:79:b0:5b:87:5c:1f:c2:60:62:0e:d7:00:6d:
05:77:1a:dd:5e:16:8f:41:8b:39:26:4d:45:e5:c7:11:91:85:
6e:13:7f:28:43:90:d5:1c:f8:7b:39:24:e7:05:fe:fe:e8:8b:
be:68:63:00:45:04:c4:11:c7:b3:1b:4b:26:bd:bc:d2:be:e0:
39:8e:59:c2:93:b5:57:55:34:01:ef:f9:b5:5a:68:b2:2c:a4:
22:f2:53:9a:70:d8:72:60:8a:9a:4b:15:9e:2a:fd:14:90:e5:
a4:1d:ef:73:c2:a3:d1:c8:fb:12:1f:63:72:01:ab:7b:33:5c:
cd:20:cb:0d:2e:93:21:c0:f7:97:ee:b4:17:8a:ac:84:a3:39:
e0:68:83:ab:1e:aa:42:9b:62:c0:51:e6:bc:c4:36:20:08:db:
3b:32:85:cb:df:9e:b1:c7:0a:76:d9:71:28:26:e4:d4:a7:20:
b1:c8:7a:fa
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZbzpOzl5Rpuo7YgAOng9S8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTIxMTYxOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzIxZTUxYTdkNmM0MTZkOWNiNTVlNzE0MzZiNzhlYmQ1YmZhYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDdoaAU2Kal4RGeW36fYP/zHPZCW
9GVYh3hj/UUsOVTfHe8WEs2uNLxUDVQFBaKAlTA37ODEBgFnCr7yT+S59cgZwcd6
9TmZmEdiqzmIEGLojunZS2r05L5MklW8x6IyCmfRh0V6uzvBtaaMmo23BNiN+Imi
F/3lp25GYG9STQFpSo+6h2PdbtbKn/XhGqv0t5Q16TOL0U3PKPUvRWLqLLQFuRcV
72ARl03k3X/0eycOrxRYWbbw8C5PfB13LJOFl2z0qsZZsb1W2bONc3sbpRdX4HyM
lqpVQVvOcSZe1WJW6kr3il/Gexq/VEaGGTkuVPJMFFEkqtlqfSdOq7yKwQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFEwh5Rp9bEFtnLVecUNreOvVv6ycMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvVENIbEduMXNRVzJjdFY1eFEydDQ2OVdfckp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC1ChwME
AC1SpQMEAC1VAgMEAC2GEgMEAS2Q8gMEAFFavgMEAVvcygMEALl4EQMEALl+RAME
Abl+iAMEALl+4wMEALmscgMEALmvjwMEALx3ZgMEAMA2OAMEAMA2OgMEAMElOQME
AMJ8IDANBgkqhkiG9w0BAQsFAAOCAQEAzx8XapHLu6jjiV7McMOXeFn0dsZ4kp+m
781H9yPccwnWarFDhl65CnSXqFXFv28xbaJ9+Nh84GJtNQG672YNZjIBEkZv8kjy
/QmXfgJ5sFuHXB/CYGIO1wBtBXca3V4Wj0GLOSZNReXHEZGFbhN/KEOQ1Rz4ezkk
5wX+/uiLvmhjAEUExBHHsxtLJr280r7gOY5ZwpO1V1U0Ae/5tVposiykIvJTmnDY
cmCKmksVnir9FJDlpB3vc8Kj0cj7Eh9jcgGrezNczSDLDS6TIcD3l+60F4qshKM5
4GiDqx6qQptiwFHmvMQ2IAjbOzKFy9+esccKdtlxKCbk1Kcgsch6+g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:32:41 2025 by rpki-client