Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9UZLgpkgAr1MTKOZEBBwhwYrudo.roa
File: 9UZLgpkgAr1MTKOZEBBwhwYrudo.roa (raw, json)
Hash identifier: Lx1COlqL+iv0ETwwNdBubrqTQqD8Bo/lyXfi0kq86Lc=
Subject key identifier: F5:46:4B:82:99:20:02:BD:4C:4C:A3:99:10:10:70:87:06:2B:B9:DA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194F923D62DB4A042DD4A89114B439BEF16
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9UZLgpkgAr1MTKOZEBBwhwYrudo.roa
Signing time: Wed 12 Feb 2025 07:51:02 +0000
ROA not before: Wed 12 Feb 2025 07:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.12.61.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
193.27.23.0/24 maxlen: 24
2a0f:7d03::/32 maxlen: 32
2a0f:e940::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 18 Feb 2025 08:34:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:23:d6:2d:b4:a0:42:dd:4a:89:11:4b:43:9b:ef:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 12 07:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5464b82992002bd4c4ca39910107087062bb9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ac:63:d5:b4:fa:e2:0d:bc:ae:ac:35:48:69:
2f:4f:6d:ed:01:ee:a5:fd:bc:8c:06:55:a7:84:23:
23:53:df:bc:47:29:b6:32:2b:f7:80:58:67:b2:0f:
10:ee:b0:00:6a:ea:fa:67:85:f5:e9:51:fc:f8:b6:
81:e4:01:df:7b:f7:4f:f1:bb:d2:36:0e:10:74:13:
53:a7:ac:ac:6b:76:29:92:e5:d9:f1:d9:45:f0:aa:
6d:2c:ab:93:97:88:5b:cb:db:0f:3a:d5:b3:a8:2e:
f7:a4:48:d7:b0:4c:26:75:b0:90:a7:a7:68:97:bc:
4f:31:e7:12:42:d6:9e:4d:00:8f:2c:2e:7a:28:9e:
24:3c:8d:36:07:53:00:94:8d:a2:1e:78:38:9c:8e:
2a:e6:3a:53:07:ae:52:60:1f:81:2e:92:55:a4:b3:
50:81:df:bb:2c:59:c1:80:41:6d:15:f5:73:01:3d:
52:d5:16:59:15:16:2b:06:96:60:ad:73:47:af:b1:
32:e3:ee:15:37:fe:13:37:4c:56:f9:ce:e1:27:b9:
44:d8:67:82:5a:e3:77:f4:d3:c5:b6:20:de:c0:8f:
8b:00:10:df:9f:b3:9f:ea:a0:86:16:52:99:39:3e:
f6:57:74:ae:cb:4b:9e:57:f1:e1:e8:b1:95:62:66:
f8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:46:4B:82:99:20:02:BD:4C:4C:A3:99:10:10:70:87:06:2B:B9:DA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9UZLgpkgAr1MTKOZEBBwhwYrudo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.61.0/24
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
193.23.253.0/24
193.27.19.0/24
193.27.21.0/24
193.27.23.0/24
IPv6:
2a0f:7d03::/32
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
5c:d4:cd:ad:b1:68:c3:2e:60:1b:57:f1:12:c5:d7:c2:ec:d9:
6f:c5:b8:9d:03:f6:0a:6a:cb:bf:02:3e:99:b8:4d:21:c6:6b:
7d:58:50:96:80:18:54:23:77:46:42:5c:dd:42:70:b8:90:50:
aa:be:38:44:40:a8:fb:ab:c8:79:13:dd:bb:39:56:68:6d:5e:
4c:40:8f:ad:1d:91:e0:c5:fb:5d:34:76:d8:a8:5f:5c:d0:64:
a7:b1:a6:e4:05:64:28:d0:30:7e:b6:ec:e5:d4:7b:fb:d5:48:
65:a9:f0:dd:91:e5:77:91:33:2f:40:61:86:db:46:3b:90:bb:
01:e1:55:89:9b:b7:41:04:7c:85:8b:af:15:20:d3:6a:9f:fb:
09:f3:e4:35:da:98:af:46:b9:01:56:83:8d:07:28:02:6c:6a:
e8:99:6f:04:72:9e:e6:6e:42:5e:bd:b4:ec:57:62:d1:d0:9b:
bf:cb:aa:19:db:07:9d:73:04:e8:c7:ec:2d:55:91:4e:61:0c:
37:fb:a2:0e:a5:7e:68:78:7b:d6:c7:34:20:67:20:a9:f1:d5:
43:de:eb:77:e7:19:aa:6e:d3:15:ef:90:24:55:b3:32:98:d8:
42:4e:d6:56:95:28:4e:8f:d8:a3:6c:a4:0c:58:85:43:fb:ea:
da:b0:68:28
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZT5I9YttKBC3UqJEUtDm+8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjEyMDc1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ2NGI4Mjk5MjAwMmJkNGM0Y2EzOTkxMDEwNzA4NzA2MmJiOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qxj1bT64g28rqw1SGkvT23tAe6l
/byMBlWnhCMjU9+8Rym2Miv3gFhnsg8Q7rAAaur6Z4X16VH8+LaB5AHfe/dP8bvS
Ng4QdBNTp6ysa3YpkuXZ8dlF8KptLKuTl4hby9sPOtWzqC73pEjXsEwmdbCQp6do
l7xPMecSQtaeTQCPLC56KJ4kPI02B1MAlI2iHng4nI4q5jpTB65SYB+BLpJVpLNQ
gd+7LFnBgEFtFfVzAT1S1RZZFRYrBpZgrXNHr7Ey4+4VN/4TN0xW+c7hJ7lE2GeC
WuN39NPFtiDewI+LABDfn7Of6qCGFlKZOT72V3Suy0ueV/Hh6LGVYmb4GwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPVGS4KZIAK9TEyjmRAQcIcGK7naMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOVVaTGdwa2dBcjFNVEtPWkVCQndod1lydWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQALQw9AwQA
LYBPAwQALY2yAwQAXb72AwQAwRf9AwQAwRsTAwQAwRsVAwQAwRsXMBQEAgACMA4D
BQAqD30DAwUDKg/pQDANBgkqhkiG9w0BAQsFAAOCAQEAXNTNrbFowy5gG1fxEsXX
wuzZb8W4nQP2CmrLvwI+mbhNIcZrfVhQloAYVCN3RkJc3UJwuJBQqr44RECo+6vI
eRPduzlWaG1eTECPrR2R4MX7XTR22KhfXNBkp7Gm5AVkKNAwfrbs5dR7+9VIZanw
3ZHld5EzL0BhhttGO5C7AeFViZu3QQR8hYuvFSDTap/7CfPkNdqYr0a5AVaDjQco
Amxq6JlvBHKe5m5CXr207Fdi0dCbv8uqGdsHnXME6MfsLVWRTmEMN/uiDqV+aHh7
1sc0IGcgqfHVQ97rd+cZqm7TFe+QJFWzMpjYQk7WVpUoTo/Yo2ykDFiFQ/vq2rBo
KA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:11:36 2025 by rpki-client