Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQx8Es7_ViJKpIgDMuqOYkiT4i8.roa
File: OQx8Es7_ViJKpIgDMuqOYkiT4i8.roa (raw, json)
Hash identifier: QTGHRtxexWnvLrnpNbDtWtFI5Me43Kudx+h3FNuc0qk=
Subject key identifier: 39:0C:7C:12:CE:FF:56:22:4A:A4:88:03:32:EA:8E:62:48:93:E2:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D8D0CB13DD8E524C0FBC9A6CBE5686D75
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQx8Es7_ViJKpIgDMuqOYkiT4i8.roa
Signing time: Fri 09 Feb 2024 08:47:15 +0000
ROA not before: Fri 09 Feb 2024 08:47:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a0e:1a80::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0f:2e80::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a0f:3d84::/32 maxlen: 32
2a0f:3d87::/32 maxlen: 32
2a0f:e841::/32 maxlen: 32
2a0f:e940::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a13:18c0:1::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:18c6::/32 maxlen: 32
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Feb 2024 07:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:0c:b1:3d:d8:e5:24:c0:fb:c9:a6:cb:e5:68:6d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 9 08:47:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=390c7c12ceff56224aa4880332ea8e624893e22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7f:4f:8d:c3:5d:2b:bd:39:2d:8d:99:e4:27:
6e:40:14:40:de:22:a8:1e:d2:f4:47:d8:54:4d:69:
bf:9f:6d:eb:43:74:be:da:ee:d6:dc:69:7a:76:59:
1e:6c:a0:b3:ca:67:43:48:87:9c:c5:6d:e9:1b:54:
ba:8a:4c:0d:0e:06:f0:9d:10:67:ee:6e:7d:bb:ca:
e9:1c:b2:ad:41:dd:e4:59:20:73:44:d0:7a:95:0d:
b4:62:c4:5a:50:a5:3c:9b:86:a5:8c:00:7e:3a:8a:
1b:c1:37:c1:c2:54:44:2e:36:35:47:f1:99:4e:38:
d1:d5:60:16:45:02:d6:01:b7:5b:65:00:df:08:5b:
27:60:ff:f0:39:9f:4f:f5:0d:60:83:8a:3a:81:ca:
26:c7:fb:21:e6:cd:45:89:67:d7:79:bc:f5:21:d4:
4e:57:59:d2:72:c2:f1:57:0f:bc:07:58:e6:c4:77:
70:aa:65:7a:7d:88:35:a0:0a:e0:54:73:0e:b9:9f:
7f:9a:9b:9f:05:35:8f:69:7d:39:9b:71:41:3f:63:
e3:83:cd:e3:72:4e:cf:17:f0:e7:c0:eb:06:aa:04:
55:23:be:12:80:49:b0:24:78:be:59:7a:cf:0a:d0:
56:9e:55:45:7f:59:75:95:0d:ee:e6:14:09:25:09:
7b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0C:7C:12:CE:FF:56:22:4A:A4:88:03:32:EA:8E:62:48:93:E2:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQx8Es7_ViJKpIgDMuqOYkiT4i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:2e80::/29
2a0f:2f80::/29
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:e841::/32
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a13:18c0:1::/48
2a13:18c3::/32
2a13:18c6::/32
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
b3:64:bc:e0:21:cc:c2:bb:44:5a:7d:f1:07:b1:ad:1e:af:3d:
ea:bb:6f:50:af:0e:3b:99:82:a6:94:f9:96:d8:32:9f:32:13:
0c:20:5c:70:18:52:e1:bd:fd:d9:c4:79:4e:b2:f4:43:89:1d:
29:ac:e2:ca:50:14:ea:96:8d:51:2a:47:f9:59:77:f0:a1:06:
ad:04:55:43:fd:40:65:dc:34:d5:09:1c:f0:bd:74:26:22:a5:
b1:c7:77:04:16:8f:40:44:74:7f:40:ca:b8:d3:3f:45:f7:c2:
68:c5:e5:5f:a8:d6:8a:c6:c7:b4:ff:0e:94:39:d4:28:94:7d:
a8:5e:91:2b:a0:90:2b:07:fd:2e:43:7d:2b:c6:57:ee:d4:2f:
a2:83:b4:ea:98:6f:82:85:81:c8:02:fc:95:14:9e:db:50:b3:
82:e5:7c:41:5c:e0:44:9c:18:83:dd:42:fb:05:68:39:6c:94:
b1:62:48:82:61:76:f9:5a:f0:ed:c3:49:da:8f:d6:f3:df:54:
d2:18:69:46:6c:7f:ea:d1:c9:df:10:37:28:ad:fa:9a:00:60:
44:b5:3c:2a:89:50:57:d5:ee:b6:74:61:e7:8d:65:3e:b9:b4:
3c:01:3a:cf:5f:e7:e6:10:56:a8:2e:00:bc:57:52:99:c5:cf:
cd:e3:81:0c
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAY2NDLE92OUkwPvJpsvlaG11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjA5MDg0NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBjN2MxMmNlZmY1NjIyNGFhNDg4MDMzMmVhOGU2MjQ4OTNlMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX9PjcNdK705LY2Z5CduQBRA3iKo
HtL0R9hUTWm/n23rQ3S+2u7W3Gl6dlkebKCzymdDSIecxW3pG1S6ikwNDgbwnRBn
7m59u8rpHLKtQd3kWSBzRNB6lQ20YsRaUKU8m4aljAB+OoobwTfBwlRELjY1R/GZ
TjjR1WAWRQLWAbdbZQDfCFsnYP/wOZ9P9Q1gg4o6gcomx/sh5s1FiWfXebz1IdRO
V1nScsLxVw+8B1jmxHdwqmV6fYg1oArgVHMOuZ9/mpufBTWPaX05m3FBP2Pjg83j
ck7PF/DnwOsGqgRVI74SgEmwJHi+WXrPCtBWnlVFf1l1lQ3u5hQJJQl78QIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFDkMfBLO/1YiSqSIAzLqjmJIk+IvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT1F4OEVzN19WaUpLcElnRE11cU9Za2lUNGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBAAQCAAIwgfkDBQAqDhqAAwUAKg7HgAMHACoO8gEA
AQMHACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMH
ACoPHgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoP
HoGj0AMHACoPHoHNrgMFAyoPIQADBQMqDy6AAwUDKg8vgAMHACoPPYABIzAOAwUB
Kg89ggMFACoPPYQDBQAqDz2HAwUAKg/oQQMFAyoP6UADBQMqEG1AAwUDKhH9gAMF
ASoSrEADBwAqExjAAAEDBQAqExjDAwUAKhMYxgMFAyoTSQAwDQYJKoZIhvcNAQEL
BQADggEBALNkvOAhzMK7RFp98QexrR6vPeq7b1CvDjuZgqaU+ZbYMp8yEwwgXHAY
UuG9/dnEeU6y9EOJHSms4spQFOqWjVEqR/lZd/ChBq0EVUP9QGXcNNUJHPC9dCYi
pbHHdwQWj0BEdH9AyrjTP0X3wmjF5V+o1orGx7T/DpQ51CiUfahekSugkCsH/S5D
fSvGV+7UL6KDtOqYb4KFgcgC/JUUnttQs4LlfEFc4EScGIPdQvsFaDlslLFiSIJh
dvla8O3DSdqP1vPfVNIYaUZsf+rRyd8QNyit+poAYES1PCqJUFfV7rZ0YeeNZT65
tDwBOs9f5+YQVqguALxXUpnFz83jgQw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:18:51 2025 by rpki-client