Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/3gPylfGiMCNfc-aeYFr2kak_zWw.roa
File: 3gPylfGiMCNfc-aeYFr2kak_zWw.roa (raw, json)
Hash identifier: bA6jRLyP1W7MKqmAQ9cOjGHLomjVqKX82ebhXTqJjY4=
Subject key identifier: DE:03:F2:95:F1:A2:30:23:5F:73:E6:9E:60:5A:F6:91:A9:3F:CD:6C
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 01922917592AB3395BA2F72E71E1F108B3C2
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/3gPylfGiMCNfc-aeYFr2kak_zWw.roa
Signing time: Wed 25 Sep 2024 12:10:48 +0000
ROA not before: Wed 25 Sep 2024 12:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.142.0/23 maxlen: 23
83.172.149.0/24 maxlen: 24
83.172.152.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.158.0/24 maxlen: 24
83.172.166.0/23 maxlen: 23
83.172.168.0/24 maxlen: 24
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.190.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 17
130.93.0.0/24 maxlen: 24
130.93.128.0/18 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Sep 2024 12:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:17:59:2a:b3:39:5b:a2:f7:2e:71:e1:f1:08:b3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Sep 25 12:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de03f295f1a230235f73e69e605af691a93fcd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:2d:11:82:31:a6:e4:42:eb:fd:01:05:55:
db:a3:f3:26:af:56:ad:e5:23:09:6a:cd:d4:1b:1e:
36:89:92:88:02:29:d9:0a:27:91:f4:ea:f7:a3:9e:
22:cf:e3:fb:b3:1f:c2:53:f0:08:66:e7:0b:18:cd:
f4:df:c8:ce:aa:ef:2c:4c:fb:6b:80:54:e0:f8:66:
bc:f6:7a:02:e9:1c:40:d6:9b:11:50:73:82:19:7c:
0e:f5:3d:a8:38:b9:fb:94:33:62:c6:ac:9a:1e:68:
52:04:2e:a3:6e:7b:dd:e0:f1:a6:20:e3:0b:b6:3f:
b8:eb:1d:94:03:ac:fc:8c:a4:71:a2:29:85:e5:75:
b7:f9:3d:5c:59:2a:ae:07:bc:66:2d:20:70:5b:e8:
fc:bb:15:2b:eb:36:7d:f2:59:d1:5a:4c:92:ba:2b:
c8:df:b0:0c:f8:4f:35:82:9f:ec:6a:0e:14:6d:16:
92:09:54:76:6f:ed:5b:35:7e:36:a6:8d:9f:7b:d2:
d9:c0:8d:c7:1c:52:3c:f8:2f:8a:23:4a:37:ce:9c:
16:9b:64:e3:fd:f3:7f:29:fe:be:06:ce:22:ae:1d:
13:fa:97:9c:8e:0a:7c:92:20:84:ec:06:5c:16:e3:
cd:53:bd:d9:0c:33:b3:00:96:93:fd:07:ba:dc:5a:
f9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:03:F2:95:F1:A2:30:23:5F:73:E6:9E:60:5A:F6:91:A9:3F:CD:6C
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/3gPylfGiMCNfc-aeYFr2kak_zWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.142.0/23
83.172.149.0/24
83.172.152.0/24
83.172.154.0-83.172.158.255
83.172.166.0-83.172.168.255
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.190.0/23
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
0f:d3:ee:81:19:5e:01:15:93:37:74:96:91:7b:2f:f7:3f:59:
92:60:66:69:fc:9d:a0:20:4a:87:90:15:a4:6e:a5:d4:51:22:
23:16:b5:b3:d6:ed:e2:e0:34:52:30:14:4e:7a:cb:41:bb:31:
00:58:1c:ff:cd:86:42:40:86:f2:4d:22:8e:f3:3f:0e:ff:27:
43:ff:34:6f:0d:25:e3:f2:46:e5:03:f3:f8:20:e9:46:99:d0:
aa:1c:32:2a:10:09:37:40:d3:a1:02:eb:ff:2d:50:dc:e1:60:
f4:e6:1c:12:78:e8:9d:75:15:77:8d:19:bc:65:ff:06:49:f2:
d8:fb:57:0c:5b:91:4a:ec:1d:5b:69:d7:f5:32:71:1f:40:20:
f5:28:77:50:c0:38:74:2f:39:c3:12:0f:d2:8e:d2:a2:ae:f4:
b3:8d:a1:5d:0c:90:2c:ba:0e:bb:eb:e9:60:9a:dc:fe:08:11:
f5:85:e6:03:9c:95:d9:e9:40:ad:db:c9:ae:28:a4:c9:99:49:
c0:e8:97:4f:96:14:5a:1a:6d:a0:68:dd:52:eb:6f:ce:ea:67:
52:0f:bc:b4:e1:f1:45:94:75:9c:fe:a2:bf:6f:9f:23:6d:c3:
00:e6:e3:99:d3:2d:4c:41:b7:e8:98:7e:dd:28:e5:06:a1:10:
ed:ae:13:5a
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZIpF1kqszlbovcuceHxCLPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjQwOTI1MTIxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAzZjI5NWYxYTIzMDIzNWY3M2U2OWU2MDVhZjY5MWE5M2ZjZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj8tEYIxpuRC6/0BBVXbo/Mmr1at
5SMJas3UGx42iZKIAinZCieR9Or3o54iz+P7sx/CU/AIZucLGM3038jOqu8sTPtr
gFTg+Ga89noC6RxA1psRUHOCGXwO9T2oOLn7lDNixqyaHmhSBC6jbnvd4PGmIOML
tj+46x2UA6z8jKRxoimF5XW3+T1cWSquB7xmLSBwW+j8uxUr6zZ98lnRWkySuivI
37AM+E81gp/sag4UbRaSCVR2b+1bNX42po2fe9LZwI3HHFI8+C+KI0o3zpwWm2Tj
/fN/Kf6+Bs4irh0T+pecjgp8kiCE7AZcFuPNU73ZDDOzAJaT/Qe63Fr5bQIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFN4D8pXxojAjX3PmnmBa9pGpP81sMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvM2dQeWxmR2lNQ05mYy1hZVlGcjJrYWtfeld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBugQCAAEwgbMDBAIt
UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM
AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw
AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArl4sAMEArl6
oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4DAUBAIAAjAOAwUDKgLsAAMF
AyoOQYAwDQYJKoZIhvcNAQELBQADggEBAA/T7oEZXgEVkzd0lpF7L/c/WZJgZmn8
naAgSoeQFaRupdRRIiMWtbPW7eLgNFIwFE56y0G7MQBYHP/NhkJAhvJNIo7zPw7/
J0P/NG8NJePyRuUD8/gg6UaZ0KocMioQCTdA06EC6/8tUNzhYPTmHBJ46J11FXeN
Gbxl/wZJ8tj7VwxbkUrsHVtp1/UycR9AIPUod1DAOHQvOcMSD9KO0qKu9LONoV0M
kCy6Drvr6WCa3P4IEfWF5gOcldnpQK3bya4opMmZScDol0+WFFoabaBo3VLrb87q
Z1IPvLTh8UWUdZz+or9vnyNtwwDm45nTLUxBt+iYft0o5QahEO2uE1o=
-----END CERTIFICATE-----
Generated at Tue May 13 01:48:27 2025 by rpki-client