Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/DnjPKPJO_KUUkEVaVSn6L90rjuM.roa
File: DnjPKPJO_KUUkEVaVSn6L90rjuM.roa (raw, json)
Hash identifier: 2yAxw7XL3C40Q4SXu0HrMSHT1FqheCR1Ii2ogzDHM0s=
Subject key identifier: 0E:78:CF:28:F2:4E:FC:A5:14:90:45:5A:55:29:FA:2F:DD:2B:8E:E3
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01942067BC51B606CC2DDA50C55928910306
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/DnjPKPJO_KUUkEVaVSn6L90rjuM.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.131.179.0/24 maxlen: 24
45.132.238.0/24 maxlen: 24
45.132.239.0/24 maxlen: 24
45.133.238.0/24 maxlen: 24
45.133.239.0/24 maxlen: 24
45.134.82.0/24 maxlen: 24
45.134.83.0/24 maxlen: 24
45.135.118.0/24 maxlen: 24
45.135.119.0/24 maxlen: 24
45.137.10.0/24 maxlen: 24
45.137.11.0/24 maxlen: 24
45.140.90.0/24 maxlen: 24
45.140.91.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
185.106.177.0/24 maxlen: 24
185.106.178.0/24 maxlen: 24
185.106.179.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
2a06:5040:21::/48 maxlen: 48
2a06:5040:22::/48 maxlen: 48
2a06:5040:23::/48 maxlen: 48
2a06:5040:24::/48 maxlen: 48
2a06:5040:25::/48 maxlen: 48
2a06:5040:30::/45 maxlen: 45
Validation: Failed, certificate revoked on Thu 23 Jan 2025 16:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:bc:51:b6:06:cc:2d:da:50:c5:59:28:91:03:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e78cf28f24efca51490455a5529fa2fdd2b8ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:de:50:86:e1:04:4a:17:77:bd:52:56:80:9e:
c7:b7:51:53:1a:1c:da:3e:2e:86:fb:db:7d:0a:fb:
82:87:11:66:e8:58:92:09:8a:d1:f5:db:65:b1:d5:
3f:e4:43:38:1c:e0:d8:65:c3:0a:4e:41:79:e2:3a:
1b:3b:4e:03:b4:e9:86:94:66:53:de:fa:8f:72:39:
03:39:08:ce:0d:69:a8:5e:91:de:9f:c5:aa:cb:c7:
8d:ee:a8:7a:ee:b0:b8:de:64:d2:94:aa:a6:03:6f:
2e:4e:e1:9b:33:79:bb:42:cb:b6:df:67:92:53:32:
ae:15:a2:21:85:c8:ae:02:cb:35:a4:0d:a2:4d:08:
aa:01:cc:54:79:84:5f:eb:c2:86:eb:4d:63:f3:aa:
54:d8:60:55:88:bd:ab:9d:f6:fb:8a:10:20:b6:3b:
ea:47:e8:60:5c:f5:78:58:fb:fe:50:29:0f:77:90:
e2:88:c8:aa:36:dc:60:fc:81:d3:f9:59:bc:45:e0:
fb:35:69:7f:56:78:9b:b5:94:38:50:31:f0:5d:12:
dc:f1:22:81:5a:b9:0a:d9:d2:ee:f4:1e:51:ff:59:
fa:c3:f9:17:08:aa:9a:69:a6:2d:5e:5a:86:86:87:
4c:b3:ad:28:b4:7c:16:ea:69:58:0f:b8:3b:b5:37:
30:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:78:CF:28:F2:4E:FC:A5:14:90:45:5A:55:29:FA:2F:DD:2B:8E:E3
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/DnjPKPJO_KUUkEVaVSn6L90rjuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.133.238.0/23
45.134.82.0/23
45.135.118.0/23
45.137.10.0/23
45.140.90.0/23
91.238.207.0/24
185.106.177.0-185.106.179.255
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a06:5040:21::-2a06:5040:25:ffff:ffff:ffff:ffff:ffff
2a06:5040:30::/45
Signature Algorithm: sha256WithRSAEncryption
35:75:3f:67:25:ba:c0:80:9e:2d:11:35:bd:dd:15:99:3f:55:
a8:eb:a5:e1:5b:1c:2b:7a:a7:57:70:4a:3e:9e:f4:6c:6d:f5:
4f:07:4b:fd:0a:f0:5f:70:a8:c1:60:a5:e9:0a:ad:60:62:1a:
f9:dd:09:f2:69:3a:43:bf:48:1a:a8:c6:05:8a:52:65:e0:ba:
a2:15:42:7c:7e:96:23:9a:c5:d7:d9:1c:e9:13:97:7f:6c:32:
7f:aa:c3:81:d5:1e:32:bf:46:a1:9b:41:57:ad:1e:b3:a1:f8:
4f:97:43:a0:64:25:0c:7a:2c:ea:43:27:c9:76:1b:2d:d7:a9:
cb:e3:c8:3c:f9:32:10:a4:02:68:aa:8a:47:24:92:45:13:13:
02:f1:63:16:95:81:e7:b5:08:72:d0:06:0f:0f:2a:c0:f8:5a:
38:85:35:fe:53:c4:6b:de:73:ac:73:61:ac:43:cf:01:a6:6f:
34:62:e1:1b:8e:9c:1d:0d:24:47:be:2d:26:1e:c7:93:54:5f:
ee:c3:f7:49:0a:ab:77:65:64:5f:8f:8f:23:57:c8:ce:35:3c:
2b:a0:d9:8f:22:d8:b2:99:99:88:2a:64:3a:b0:25:f4:72:cb:
0e:a2:8f:10:1c:d6:a5:45:13:7c:9a:21:8b:fe:55:dc:59:b8:
14:d8:4a:fc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZQgZ7xRtgbMLdpQxVkokQMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc4Y2YyOGYyNGVmY2E1MTQ5MDQ1NWE1NTI5ZmEyZmRkMmI4ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN5QhuEEShd3vVJWgJ7Ht1FTGhza
Pi6G+9t9CvuChxFm6FiSCYrR9dtlsdU/5EM4HODYZcMKTkF54jobO04DtOmGlGZT
3vqPcjkDOQjODWmoXpHen8Wqy8eN7qh67rC43mTSlKqmA28uTuGbM3m7Qsu232eS
UzKuFaIhhciuAss1pA2iTQiqAcxUeYRf68KG601j86pU2GBViL2rnfb7ihAgtjvq
R+hgXPV4WPv+UCkPd5DiiMiqNtxg/IHT+Vm8ReD7NWl/VnibtZQ4UDHwXRLc8SKB
WrkK2dLu9B5R/1n6w/kXCKqaaaYtXlqGhodMs60otHwW6mlYD7g7tTcwWQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFA54zyjyTvylFJBFWlUp+i/dK47jMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvRG5qUEtQSk9fS1VVa0VWYVZTbjZMOTByanVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBoBAIAATBiAwQBLYCS
AwQALYOzAwQBLYTuAwQBLYXuAwQBLYZSAwQBLYd2AwQBLYkKAwQBLYxaAwQAW+7P
MAwDBAC5arEDBAK5arADBADByJUDBADByJgDBADB42cDBADB420DBADB43IwIwQC
AAIwHTASAwcAKgZQQAAhAwcBKgZQQAAkAwcDKgZQQAAwMA0GCSqGSIb3DQEBCwUA
A4IBAQA1dT9nJbrAgJ4tETW93RWZP1Wo66XhWxwreqdXcEo+nvRsbfVPB0v9CvBf
cKjBYKXpCq1gYhr53QnyaTpDv0gaqMYFilJl4LqiFUJ8fpYjmsXX2RzpE5d/bDJ/
qsOB1R4yv0ahm0FXrR6zofhPl0OgZCUMeizqQyfJdhst16nL48g8+TIQpAJoqopH
JJJFExMC8WMWlYHntQhy0AYPDyrA+Fo4hTX+U8Rr3nOsc2GsQ88Bpm80YuEbjpwd
DSRHvi0mHseTVF/uw/dJCqt3ZWRfj48jV8jONTwroNmPItiymZmIKmQ6sCX0cssO
oo8QHNalRRN8miGL/lXcWbgU2Er8
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:06:03 2025 by rpki-client