Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/cK9bggzFyaBBxFA-yzbifJVoph8.roa
File: cK9bggzFyaBBxFA-yzbifJVoph8.roa (raw, json)
Hash identifier: i+TgR34n6w9vzxmcByNNlIE5Rmpo3mB7K9qDRUBmT5M=
Subject key identifier: 70:AF:5B:82:0C:C5:C9:A0:41:C4:50:3E:CB:36:E2:7C:95:68:A6:1F
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0196C510DDD5BE56BE1BA1A98C826D5C4ADB
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/cK9bggzFyaBBxFA-yzbifJVoph8.roa
Signing time: Mon 12 May 2025 15:15:38 +0000
ROA not before: Mon 12 May 2025 15:15:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 16:19:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:10:dd:d5:be:56:be:1b:a1:a9:8c:82:6d:5c:4a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 12 15:15:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70af5b820cc5c9a041c4503ecb36e27c9568a61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b9:64:be:f0:74:62:b1:32:be:9c:1e:70:80:
e6:fe:f0:31:88:df:15:5d:08:53:cd:6d:ec:43:2e:
89:bf:3f:16:0a:71:0f:2c:e6:c2:46:58:49:0f:2b:
7e:d7:aa:a7:44:eb:75:57:64:cb:7a:65:58:d9:d0:
18:60:d1:6b:2b:c3:41:4e:f8:4a:2e:4f:cb:6b:ed:
41:a3:bd:8f:b8:24:29:95:fa:3f:77:e2:d2:26:15:
f9:56:88:3a:ac:4a:28:91:83:f0:4b:1e:34:20:05:
30:fd:0f:ad:05:cf:e2:53:ee:e4:9b:ec:16:4c:47:
7c:90:2c:10:57:ab:ff:75:35:14:ce:26:62:c8:7c:
94:5c:0a:4c:8a:09:97:f4:70:ff:83:7a:5e:78:6a:
f3:f5:4f:e0:2c:d3:a5:35:a4:69:f0:9e:82:d2:57:
63:f8:c9:f2:0f:ab:e5:d1:4b:b4:fe:da:73:a8:5e:
f9:16:c2:f8:b4:eb:4d:f9:77:23:86:a8:3d:e8:4a:
71:1e:fd:42:c8:41:5e:43:9b:6b:83:8b:f8:bd:3d:
c4:33:7e:c0:18:d0:c1:33:6c:92:09:ed:95:80:7d:
b5:23:6e:35:82:9a:50:e0:29:1c:07:cd:d3:92:6c:
46:0f:df:f9:8a:22:d2:7f:ee:76:7e:27:b2:fd:64:
2b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AF:5B:82:0C:C5:C9:A0:41:C4:50:3E:CB:36:E2:7C:95:68:A6:1F
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/cK9bggzFyaBBxFA-yzbifJVoph8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.135.0/24
45.82.165.0/24
45.85.2.0/24
45.134.18.0/24
45.144.242.0/23
81.90.190.0/24
91.220.202.0/23
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.126.227.0/24
185.172.114.0/24
188.119.102.0/24
192.54.56.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:63:f7:2f:20:1a:69:b1:38:0c:4e:7f:c2:2a:79:0a:42:49:
e6:e2:bb:62:2a:c9:2d:3c:68:65:27:ef:6e:bb:14:37:9c:ff:
b6:2b:16:d0:5a:ec:ef:56:a7:2f:81:76:cc:43:71:43:0b:79:
0e:71:16:d9:8d:62:7e:c2:4a:ea:ea:5b:f2:06:d0:50:1f:8e:
6f:73:73:7c:2c:b4:42:1c:f1:2f:cd:ab:60:3d:93:b8:42:80:
ff:66:d9:88:95:8b:6a:19:37:01:2b:c3:e7:00:cf:a0:de:e7:
34:ad:4a:6e:c4:e2:5a:90:3f:70:ec:d8:3b:28:66:32:df:e7:
14:35:fc:92:bd:8b:63:dc:7f:f3:15:0a:2c:f4:63:9a:01:e3:
e3:e3:da:b5:1b:48:a3:38:6b:f9:41:00:3d:55:8f:8d:53:b1:
6c:e4:eb:21:0e:22:f8:72:54:93:4d:bc:6a:2d:9d:a3:79:63:
f5:59:38:a6:7d:e7:86:60:63:0c:d6:4b:6d:c6:99:df:a1:d2:
7a:24:07:1d:80:53:6a:b6:5a:61:d0:9c:ff:4f:e4:1f:95:3d:
6a:f1:cc:2b:f7:ae:d2:4e:dd:95:a0:f1:be:f5:16:c7:dc:74:
fc:b7:c7:58:be:30:ab:b7:8c:9c:ad:a0:85:63:a0:14:c6:f3:
5f:61:f9:51
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZbFEN3Vvla+G6GpjIJtXErbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTEyMTUxNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGFmNWI4MjBjYzVjOWEwNDFjNDUwM2VjYjM2ZTI3Yzk1NjhhNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87lkvvB0YrEyvpwecIDm/vAxiN8V
XQhTzW3sQy6Jvz8WCnEPLObCRlhJDyt+16qnROt1V2TLemVY2dAYYNFrK8NBTvhK
Lk/La+1Bo72PuCQplfo/d+LSJhX5Vog6rEookYPwSx40IAUw/Q+tBc/iU+7km+wW
TEd8kCwQV6v/dTUUziZiyHyUXApMigmX9HD/g3peeGrz9U/gLNOlNaRp8J6C0ldj
+MnyD6vl0Uu0/tpzqF75FsL4tOtN+Xcjhqg96EpxHv1CyEFeQ5trg4v4vT3EM37A
GNDBM2ySCe2VgH21I241gppQ4CkcB83TkmxGD9/5iiLSf+52fiey/WQrawIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHCvW4IMxcmgQcRQPss24nyVaKYfMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvY0s5YmdnekZ5YUJCeEZBLXl6YmlmSlZvcGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALUKHAwQA
LVKlAwQALVUCAwQALYYSAwQBLZDyAwQAUVq+AwQBW9zKAwQAuXgRAwQAuX5EAwQB
uX6IAwQAuX7jAwQAuaxyAwQAvHdmAwQAwDY4MA0GCSqGSIb3DQEBCwUAA4IBAQCO
Y/cvIBppsTgMTn/CKnkKQknm4rtiKsktPGhlJ+9uuxQ3nP+2KxbQWuzvVqcvgXbM
Q3FDC3kOcRbZjWJ+wkrq6lvyBtBQH45vc3N8LLRCHPEvzatgPZO4QoD/ZtmIlYtq
GTcBK8PnAM+g3uc0rUpuxOJakD9w7Ng7KGYy3+cUNfySvYtj3H/zFQos9GOaAePj
49q1G0ijOGv5QQA9VY+NU7Fs5OshDiL4clSTTbxqLZ2jeWP1WTimfeeGYGMM1ktt
xpnfodJ6JAcdgFNqtlph0Jz/T+QflT1q8cwr967STt2VoPG+9RbH3HT8t8dYvjCr
t4ycraCFY6AUxvNfYflR
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:26:51 2025 by rpki-client