Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CzH7N3WgpGaE8uDcZmfDuuleoj0.roa
File: CzH7N3WgpGaE8uDcZmfDuuleoj0.roa (raw, json)
Hash identifier: yi4I/CdBaJ4UM5k0LuEeII5ywHrtcvvwVbsLwcxr6U4=
Subject key identifier: 0B:31:FB:37:75:A0:A4:66:84:F2:E0:DC:66:67:C3:BA:E9:5E:A2:3D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019017066B042614E4AA9F8BE92C564AB39F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CzH7N3WgpGaE8uDcZmfDuuleoj0.roa
Signing time: Fri 14 Jun 2024 13:53:34 +0000
ROA not before: Fri 14 Jun 2024 13:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a0e:1a80::/32 maxlen: 32
2a0e:1a80:2541::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d83::/32 maxlen: 32
2a0f:3d87::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a0f:e1c7:1::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 18:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:06:6b:04:26:14:e4:aa:9f:8b:e9:2c:56:4a:b3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 14 13:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b31fb3775a0a46684f2e0dc6667c3bae95ea23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bb:72:0e:0a:31:ad:ce:b5:53:73:54:c7:ac:
99:5e:54:ba:a0:fd:50:f2:44:e8:a7:82:67:24:e7:
82:d2:6c:57:39:ef:3d:1a:80:6e:19:ee:fa:e0:a3:
fa:e6:c6:39:eb:06:28:3f:3b:46:a9:e4:3c:97:1e:
f0:be:83:ca:4f:7f:19:cc:db:a2:3e:e4:23:b8:2e:
fc:01:07:81:00:73:9b:ac:4f:dc:3a:c5:2d:e7:94:
0a:9a:48:67:50:77:b3:3f:4f:6a:3e:bc:e5:ac:64:
7a:e5:d8:aa:de:78:6a:37:44:2a:dd:8c:63:c3:03:
47:c3:c8:d0:0f:f2:f7:a9:71:d8:ef:bf:ae:1d:b7:
1a:36:ca:b3:fd:a6:73:ec:2a:f2:c2:bb:e4:97:dc:
18:99:fe:f5:8a:78:b8:6d:4d:f5:b8:80:fb:b7:66:
90:e7:17:38:58:c0:ce:17:9d:48:34:99:2a:d1:0a:
6f:27:0e:c9:05:cb:3a:b2:88:3c:3c:13:d8:fd:2c:
42:ab:fc:6b:c7:18:8d:0a:bd:37:80:fd:95:f3:83:
4d:25:ed:6e:30:43:38:d6:94:bd:17:8b:ed:b3:6e:
58:b2:af:20:0d:f3:9d:0b:96:c7:14:7f:91:23:ec:
60:9b:23:e0:3b:3d:37:c3:9c:e6:4d:75:8b:c2:6c:
ea:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:31:FB:37:75:A0:A4:66:84:F2:E0:DC:66:67:C3:BA:E9:5E:A2:3D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CzH7N3WgpGaE8uDcZmfDuuleoj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d83::/32
2a0f:3d87::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a0f:e1c7:1::/48
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:f540::/29
2a13:18c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4c:66:97:fd:73:f8:02:7e:46:97:1f:5d:3d:a8:c7:cc:50:1b:
b7:a6:c3:d9:a3:10:b1:23:5f:1a:0b:d7:d3:a7:31:92:d9:e8:
fd:9e:e4:f3:e2:99:f8:70:a2:25:85:9b:a1:08:b4:30:1f:73:
56:dd:ad:a2:3b:4e:7d:fe:3c:bb:17:6d:50:bd:72:37:e4:3e:
8a:00:cb:85:e2:26:da:88:86:34:3a:2c:47:a7:5e:32:12:1d:
29:cc:e7:85:36:1d:83:f6:66:7e:3e:8e:8d:5c:8a:b7:75:73:
5f:10:94:fa:50:2b:ba:47:ad:d0:84:f6:23:0f:eb:af:f7:d9:
8c:1e:23:a4:cc:29:af:6a:ad:4c:75:9a:6f:81:2e:27:7b:29:
d1:8f:20:00:19:45:8f:d2:24:5f:ba:84:89:fb:a1:0b:c4:5e:
bd:62:62:8c:e6:e4:76:1b:09:48:99:13:92:4d:ad:ee:a7:88:
4f:f5:51:2c:70:a4:d3:f9:13:cb:7c:66:67:3e:e8:22:a7:74:
38:c7:ce:a4:15:97:70:e2:60:1a:cc:1f:40:6f:20:cb:d2:f0:
79:f1:cd:f2:ca:1e:e0:78:a3:82:c9:9d:aa:21:d3:60:e8:e8:
32:80:93:43:03:65:88:40:77:e4:f4:2a:9f:fe:9f:28:4d:05:
ea:5c:e0:11
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZAXBmsEJhTkqp+L6SxWSrOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjE0MTM1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMxZmIzNzc1YTBhNDY2ODRmMmUwZGM2NjY3YzNiYWU5NWVhMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57tyDgoxrc61U3NUx6yZXlS6oP1Q
8kTop4JnJOeC0mxXOe89GoBuGe764KP65sY56wYoPztGqeQ8lx7wvoPKT38ZzNui
PuQjuC78AQeBAHObrE/cOsUt55QKmkhnUHezP09qPrzlrGR65diq3nhqN0Qq3Yxj
wwNHw8jQD/L3qXHY77+uHbcaNsqz/aZz7Crywrvkl9wYmf71ini4bU31uID7t2aQ
5xc4WMDOF51INJkq0QpvJw7JBcs6sog8PBPY/SxCq/xrxxiNCr03gP2V84NNJe1u
MEM41pS9F4vts25Ysq8gDfOdC5bHFH+RI+xgmyPgOz03w5zmTXWLwmzqmwIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFAsx+zd1oKRmhPLg3GZnw7rpXqI9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ3pIN04zV2dwR2FFOHVEY1ptZkR1dWxlb2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIHkBAIAAjCB3QMFACoOGoADBQAqDseAAwcAKg7yAQAB
AwcAKg8eAAEjAwcAKg8eAARWAwcAKg8eAAmHAwcAKg8eAAq8AwcAKg8eAN75AwcA
Kg8eAQABAwcAKg8egQACAwcAKg8egRKTAwcAKg8egUMZAwcAKg8egZLoAwcAKg8e
gaPQAwcAKg8egc2uAwUDKg8ugAMFACoPPYMDBQAqDz2HAwcAKg99AgABAwUAKg/h
xgMHACoP4ccAAQMFAyoP6UADBQMqEG1AAwUDKhH9gAMFASoSrEADBQMqEvVAAwcA
KhMYwAABMA0GCSqGSIb3DQEBCwUAA4IBAQBMZpf9c/gCfkaXH109qMfMUBu3psPZ
oxCxI18aC9fTpzGS2ej9nuTz4pn4cKIlhZuhCLQwH3NW3a2iO059/jy7F21QvXI3
5D6KAMuF4ibaiIY0OixHp14yEh0pzOeFNh2D9mZ+Po6NXIq3dXNfEJT6UCu6R63Q
hPYjD+uv99mMHiOkzCmvaq1MdZpvgS4neynRjyAAGUWP0iRfuoSJ+6ELxF69YmKM
5uR2GwlImROSTa3up4hP9VEscKTT+RPLfGZnPugip3Q4x86kFZdw4mAazB9AbyDL
0vB58c3yyh7geKOCyZ2qIdNg6OgygJNDA2WIQHfk9Cqf/p8oTQXqXOAR
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:57:48 2025 by rpki-client