Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I9klhBFYKJA-nwvYFJvDX4ikRDQ.roa
File: I9klhBFYKJA-nwvYFJvDX4ikRDQ.roa (raw, json)
Hash identifier: PWeHlr1LW7TBCUTuhUIuBXra5HzfciqXd8UzlXpx2RI=
Subject key identifier: 23:D9:25:84:11:58:28:90:3E:9F:0B:D8:14:9B:C3:5F:88:A4:44:34
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01963D2A64D07ED6C127265DB297A37B8E41
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I9klhBFYKJA-nwvYFJvDX4ikRDQ.roa
Signing time: Wed 16 Apr 2025 05:55:10 +0000
ROA not before: Wed 16 Apr 2025 05:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:2a:64:d0:7e:d6:c1:27:26:5d:b2:97:a3:7b:8e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 16 05:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23d92584115828903e9f0bd8149bc35f88a44434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b4:e8:4e:9a:d5:a6:f3:1b:60:33:17:cf:af:
8a:38:02:c0:fc:0f:de:a8:1c:bf:92:d0:bd:35:66:
d4:e2:36:7b:66:a5:89:a0:0a:2f:35:68:c8:ff:af:
97:8c:ad:9b:07:ef:4d:94:18:77:ad:34:b8:ff:ee:
44:4d:39:b2:29:be:f9:47:1a:e2:ac:95:39:99:9b:
78:c5:03:74:7f:c2:42:62:f6:94:93:db:d9:6a:e9:
eb:5e:d0:e3:1a:48:2d:f6:b5:92:c2:3e:56:cf:5d:
17:4f:4b:ef:a2:8e:3b:b0:17:e7:71:49:32:d1:00:
43:f9:48:a4:a5:0a:50:0c:a7:f2:a2:5c:04:bf:88:
b1:2c:41:7e:fa:0e:7b:f7:a8:b9:2c:0c:ca:24:8b:
d9:3a:23:04:bb:d2:4d:aa:28:46:94:4f:c4:c9:d3:
b3:b7:ab:1c:64:26:8e:aa:e1:9f:16:7e:57:9f:50:
b3:0d:f0:ab:ab:21:5e:e4:9f:f3:40:62:33:d7:e2:
9e:9d:5a:2c:19:71:a7:e6:12:e5:26:ce:d4:40:25:
bb:fd:a1:33:c5:d8:e5:e3:59:34:fb:50:5c:84:06:
9f:97:6c:6e:d1:2b:0d:af:4a:6a:67:8b:36:b1:7e:
ff:ae:f5:e4:35:ec:92:a6:b4:d9:8f:88:20:7c:83:
6c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D9:25:84:11:58:28:90:3E:9F:0B:D8:14:9B:C3:5F:88:A4:44:34
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I9klhBFYKJA-nwvYFJvDX4ikRDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.213.0/24
45.131.215.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
51:26:eb:1d:bc:8a:d8:48:4b:fb:62:6b:63:2e:b8:9c:35:4d:
9a:bc:b1:23:8e:5a:d7:5d:f9:4f:e0:02:50:9e:52:80:c2:5b:
67:6b:c0:15:67:0a:b0:0b:86:aa:b9:6b:56:3a:df:a3:8e:75:
ed:d9:d0:6a:bd:46:23:ba:56:59:b5:c3:26:f3:35:db:74:35:
b0:e7:09:64:17:87:24:f2:5e:7f:06:06:e1:6e:52:7a:d6:8d:
7d:c7:7f:e5:c9:8b:4c:20:d8:75:eb:48:57:f3:19:62:b1:64:
65:e3:58:0a:8f:66:3a:26:87:b8:9a:8c:3a:33:27:3e:1a:54:
a2:06:ae:c0:e5:f2:25:c3:4d:17:1c:bf:15:b1:6b:38:36:3a:
15:e7:f1:92:70:d5:07:1d:fc:94:87:99:1b:7f:47:b8:08:e1:
88:5e:3e:24:e6:40:19:e5:e8:19:ef:96:54:bd:26:8f:63:81:
4b:26:e2:9a:3b:cf:58:aa:85:15:4a:f3:f0:ac:5b:f9:8d:73:
c7:f1:18:f3:06:c8:01:8e:82:ac:16:b7:29:84:a3:a0:18:45:
7f:93:1a:96:67:74:3f:6e:8d:23:db:4f:08:f4:4b:7c:8b:52:
e8:e9:30:6d:1d:3d:4b:cb:c7:10:81:48:ea:4d:cf:8e:4f:32:
1e:af:46:2f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZY9KmTQftbBJyZdspeje45BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDE2MDU1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q5MjU4NDExNTgyODkwM2U5ZjBiZDgxNDliYzM1Zjg4YTQ0NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrToTprVpvMbYDMXz6+KOALA/A/e
qBy/ktC9NWbU4jZ7ZqWJoAovNWjI/6+XjK2bB+9NlBh3rTS4/+5ETTmyKb75Rxri
rJU5mZt4xQN0f8JCYvaUk9vZaunrXtDjGkgt9rWSwj5Wz10XT0vvoo47sBfncUky
0QBD+UikpQpQDKfyolwEv4ixLEF++g5796i5LAzKJIvZOiMEu9JNqihGlE/EydOz
t6scZCaOquGfFn5Xn1CzDfCrqyFe5J/zQGIz1+KenVosGXGn5hLlJs7UQCW7/aEz
xdjl41k0+1BchAafl2xu0SsNr0pqZ4s2sX7/rvXkNeySprTZj4ggfINssQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFCPZJYQRWCiQPp8L2BSbw1+IpEQ0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSTlrbGhCRllLSkEtbnd2WUZKdkRYNGlrUkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBiwQCAAEwgYQDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAAtg9UDBAAtg9cDBAAtiVEDBAAtjA0DBAAt
jbEDBAAtkoMDBAAtmNADBABV0YADBABncisDBABxHpoDBAC5eqsDBAC5fkADBAC5
fkIDBADBCNcDBADBF/UDBADBGxMDBADCIR0DBADDnsAwGAQCAAIwEgMHACoMeIYB
BQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEAUSbrHbyK2EhL+2JrYy64nDVN
mryxI45a1135T+ACUJ5SgMJbZ2vAFWcKsAuGqrlrVjrfo4517dnQar1GI7pWWbXD
JvM123Q1sOcJZBeHJPJefwYG4W5SetaNfcd/5cmLTCDYdetIV/MZYrFkZeNYCo9m
OiaHuJqMOjMnPhpUogauwOXyJcNNFxy/FbFrODY6FefxknDVBx38lIeZG39HuAjh
iF4+JOZAGeXoGe+WVL0mj2OBSybimjvPWKqFFUrz8Kxb+Y1zx/EY8wbIAY6CrBa3
KYSjoBhFf5Malmd0P26NI9tPCPRLfItS6OkwbR09S8vHEIFI6k3Pjk8yHq9GLw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:58:57 2025 by rpki-client