Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/pC4RQbbpCat5G9MbdvJkK7qxV34.roa
File: pC4RQbbpCat5G9MbdvJkK7qxV34.roa (raw, json)
Hash identifier: cWP262rL6QMo1z80UPQxIKtGMF8tbuJA2dD/1jaP1/A=
Subject key identifier: A4:2E:11:41:B6:E9:09:AB:79:1B:D3:1B:76:F2:64:2B:BA:B1:57:7E
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 019273199F87A475D444058C9EB927CD5784
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/pC4RQbbpCat5G9MbdvJkK7qxV34.roa
Signing time: Wed 09 Oct 2024 21:05:11 +0000
ROA not before: Wed 09 Oct 2024 21:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.142.0/23 maxlen: 23
83.172.149.0/24 maxlen: 24
83.172.152.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.158.0/24 maxlen: 24
83.172.166.0/23 maxlen: 23
83.172.168.0/24 maxlen: 24
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.190.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 17
130.93.0.0/24 maxlen: 24
130.93.128.0/18 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 09 Oct 2024 21:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:73:19:9f:87:a4:75:d4:44:05:8c:9e:b9:27:cd:57:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Oct 9 21:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a42e1141b6e909ab791bd31b76f2642bbab1577e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fb:d4:52:77:fc:9b:75:8f:7a:78:67:b3:c5:
47:8d:22:0c:ef:94:97:5f:df:7e:b0:bd:16:e5:3c:
b1:3a:9d:56:05:fe:f9:c0:a0:66:f8:4b:1c:ab:4b:
23:51:fc:08:1c:ee:6f:ec:1d:aa:38:42:8f:a3:e4:
7a:00:56:8a:fa:3e:2d:c0:e7:9a:76:b9:74:c4:f2:
06:61:b2:3b:7c:6c:cb:86:2d:20:89:f7:4a:cf:84:
c6:99:4f:e8:bc:61:6d:fb:d6:a9:13:bb:37:1e:ad:
76:1d:06:bb:9b:b3:98:40:ec:e9:12:1e:55:9c:61:
2e:99:39:60:bf:eb:05:a9:38:58:e4:26:8a:05:2b:
4f:da:89:d8:8c:90:82:84:50:3b:09:68:28:f5:33:
75:24:6f:9a:f4:5b:38:66:ab:fb:30:b5:99:90:ee:
7b:f3:e7:d8:74:64:40:ff:4c:d3:d5:9c:ff:6e:d1:
2b:c4:3e:71:bd:4a:f9:77:58:e6:87:35:0c:16:12:
ec:ee:f8:cc:01:94:61:d8:b8:c0:90:5b:6d:d7:48:
3b:44:19:b4:bd:c7:35:72:16:6e:51:01:b8:af:5e:
5b:3c:8d:31:55:71:7f:82:ae:9c:b0:07:e5:65:1c:
8b:93:5e:24:b9:81:d0:f2:3e:7f:ee:1a:a9:44:79:
dc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2E:11:41:B6:E9:09:AB:79:1B:D3:1B:76:F2:64:2B:BA:B1:57:7E
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/pC4RQbbpCat5G9MbdvJkK7qxV34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.142.0/23
83.172.149.0/24
83.172.152.0/24
83.172.154.0-83.172.158.255
83.172.166.0-83.172.168.255
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.190.0/23
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
0e:17:13:a3:b5:63:56:40:87:72:f6:68:f4:3d:b3:1a:35:b5:
26:9c:1d:b9:c1:e4:a2:db:8d:74:5d:7f:6e:62:bf:44:36:d7:
24:57:48:35:4f:85:38:06:87:53:90:88:64:be:08:9c:e6:ba:
fc:b9:4e:c3:64:03:cb:7f:d3:c0:ec:c0:9f:79:99:aa:3f:ad:
a9:a9:f3:fe:14:70:54:4e:31:91:f9:61:a8:66:04:43:88:d2:
7a:b8:f3:46:a9:ee:9b:7d:77:73:07:9d:10:0d:0a:57:e6:c5:
66:d6:5f:06:80:44:22:4f:93:cd:59:e4:66:f1:de:60:4c:72:
52:0e:02:fd:60:99:d9:2a:39:aa:da:8e:64:9a:ef:bd:8b:85:
73:75:14:80:d5:43:2e:8b:b4:89:12:e6:d2:51:ec:4f:b4:93:
e0:47:0c:1f:78:34:c2:65:dc:93:11:bb:05:18:4b:c5:da:49:
6c:2d:ef:65:c9:a3:8c:de:21:24:a7:4e:ac:e3:65:fa:8b:64:
56:d5:84:aa:57:69:08:5c:d2:14:c6:ec:99:48:bb:a6:50:3e:
fa:c0:32:37:36:da:61:53:ad:0d:e0:1a:fd:96:53:7c:6e:5b:
dc:6a:85:a2:e3:5c:f8:9c:0c:e1:b7:25:29:e8:93:c2:7b:62:
41:78:b9:d0
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZJzGZ+HpHXURAWMnrknzVeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjQxMDA5MjEwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJlMTE0MWI2ZTkwOWFiNzkxYmQzMWI3NmYyNjQyYmJhYjE1NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPvUUnf8m3WPenhns8VHjSIM75SX
X99+sL0W5TyxOp1WBf75wKBm+Escq0sjUfwIHO5v7B2qOEKPo+R6AFaK+j4twOea
drl0xPIGYbI7fGzLhi0gifdKz4TGmU/ovGFt+9apE7s3Hq12HQa7m7OYQOzpEh5V
nGEumTlgv+sFqThY5CaKBStP2onYjJCChFA7CWgo9TN1JG+a9Fs4Zqv7MLWZkO57
8+fYdGRA/0zT1Zz/btErxD5xvUr5d1jmhzUMFhLs7vjMAZRh2LjAkFtt10g7RBm0
vcc1chZuUQG4r15bPI0xVXF/gq6csAflZRyLk14kuYHQ8j5/7hqpRHncaQIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFKQuEUG26QmreRvTG3byZCu6sVd+MB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvcEM0UlFiYnBDYXQ1RzlNYmR2SmtLN3F4VjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBugQCAAEwgbMDBAIt
UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM
AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw
AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArl4sAMEArl6
oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4DAUBAIAAjAOAwUDKgLsAAMF
AyoOQYAwDQYJKoZIhvcNAQELBQADggEBAA4XE6O1Y1ZAh3L2aPQ9sxo1tSacHbnB
5KLbjXRdf25iv0Q21yRXSDVPhTgGh1OQiGS+CJzmuvy5TsNkA8t/08DswJ95mao/
ramp8/4UcFROMZH5YahmBEOI0nq480ap7pt9d3MHnRANClfmxWbWXwaARCJPk81Z
5Gbx3mBMclIOAv1gmdkqOarajmSa772LhXN1FIDVQy6LtIkS5tJR7E+0k+BHDB94
NMJl3JMRuwUYS8XaSWwt72XJo4zeISSnTqzjZfqLZFbVhKpXaQhc0hTG7JlIu6ZQ
PvrAMjc22mFTrQ3gGv2WU3xuW9xqhaLjXPicDOG3JSnok8J7YkF4udA=
-----END CERTIFICATE-----
Generated at Tue May 13 01:58:17 2025 by rpki-client