Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OiN0_uRLsC6f4dGPAAidniBTzCc.roa
File: OiN0_uRLsC6f4dGPAAidniBTzCc.roa (raw, json)
Hash identifier: cstjmudK4cXGtZlpiSIdE9CH8FdEtN/uHUaegYMGdzs=
Subject key identifier: 3A:23:74:FE:E4:4B:B0:2E:9F:E1:D1:8F:00:08:9D:9E:20:53:CC:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191D1A0CFA4FC743875BF4592FDF61A05D3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OiN0_uRLsC6f4dGPAAidniBTzCc.roa
Signing time: Sun 08 Sep 2024 12:34:22 +0000
ROA not before: Sun 08 Sep 2024 12:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a0a:2d06:33::/48 maxlen: 48
2a0a:2d06:55::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:1a83:66::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0e:f600:6c::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d87::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:ecc4:2213::/48 maxlen: 48
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:e101:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 29 Sep 2024 16:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:a0:cf:a4:fc:74:38:75:bf:45:92:fd:f6:1a:05:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 8 12:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a2374fee44bb02e9fe1d18f00089d9e2053cc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:9a:9e:79:4c:6a:14:ea:9e:57:64:c2:21:
21:27:4a:2a:d1:68:1b:e6:05:ee:eb:0c:94:38:e8:
67:d5:89:b7:6b:a3:5a:06:54:7c:3a:16:36:1e:ee:
5d:b1:69:72:f3:a7:39:3b:4d:6d:b0:4d:3b:03:5f:
b1:75:2b:1b:ed:bd:8a:18:db:2f:68:6b:37:5a:17:
c5:0c:40:51:ac:c6:12:89:dc:88:5b:97:c5:6f:7e:
56:02:e2:50:4e:3a:b8:14:f0:24:a7:50:d3:60:58:
d0:35:50:7e:4a:e0:0a:f3:ec:5e:04:0c:79:4c:64:
1b:b3:1a:39:5d:4c:e0:ca:53:4d:9a:b0:39:63:de:
c8:a1:ba:c5:2a:85:bd:81:ac:22:6b:9d:74:47:35:
97:c0:15:67:8f:3b:76:2f:78:95:92:81:7f:6a:a1:
44:a7:cc:1a:a1:d1:8a:26:28:81:eb:bb:d3:ab:b7:
df:d6:d5:7a:b3:14:03:95:37:81:c9:f5:e1:ab:9b:
25:bf:f8:45:6b:72:54:fc:6b:91:46:7e:d0:1d:1f:
d6:28:e7:ad:f1:71:7b:27:5e:e1:be:94:38:a5:12:
20:d3:af:59:57:f8:09:a3:f5:91:25:35:67:d9:ef:
2f:db:3e:7e:8f:87:30:31:24:27:80:10:69:ce:45:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:23:74:FE:E4:4B:B0:2E:9F:E1:D1:8F:00:08:9D:9E:20:53:CC:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OiN0_uRLsC6f4dGPAAidniBTzCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a0a:2d06:33::/48
2a0a:2d06:55::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:1a83:66::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0e:f600:6c::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d87::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:ecc4:2213::/48
2a12:f540::/29
2a13:18c0:1::/48
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
2a:00:50:cc:a6:3f:6a:62:e8:58:22:96:01:81:a0:23:ef:e8:
00:55:8e:04:c7:14:ab:0b:32:d0:60:6c:dc:48:87:91:00:d5:
ee:7c:b9:4c:6e:82:42:9b:e9:2f:18:e6:f9:c1:a7:cf:81:c4:
a1:1c:2a:e8:0e:a0:3a:1d:a6:7a:07:68:07:3d:d4:60:d6:7e:
70:22:2c:c3:e2:19:6a:12:7d:9b:8a:c0:fe:db:2c:62:53:19:
0a:e0:f8:ba:e4:28:92:da:5d:60:75:d8:8b:0d:c8:cf:ee:6d:
eb:44:c6:6f:41:0d:be:7f:ac:6f:03:37:57:93:3f:03:3b:89:
d4:5d:0d:ec:e6:99:d0:f5:dd:10:8c:a6:3b:fb:e5:72:78:30:
4e:ea:66:93:3d:a3:6a:4a:1f:41:a2:40:bf:4f:27:b0:c1:0a:
72:78:d0:cb:88:6a:a7:ce:ca:49:d5:40:06:f3:89:bd:95:36:
d5:70:34:ec:2c:90:b7:87:df:fe:a1:72:4c:51:bd:7d:e1:b1:
7e:82:b9:72:bc:f5:13:0c:53:42:42:8f:b1:37:8d:36:22:13:
f2:8a:26:ef:17:89:e7:83:e8:19:f4:08:28:83:e1:cd:60:57:
fc:4f:6a:e6:f3:ac:13:28:54:4e:8c:87:23:b6:8c:11:58:2a:
c8:27:e7:48
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAZHRoM+k/HQ4db9Fkv32GgXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTA4MTIzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTIzNzRmZWU0NGJiMDJlOWZlMWQxOGYwMDA4OWQ5ZTIwNTNjYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscmannlMahTqnldkwiEhJ0oq0Wgb
5gXu6wyUOOhn1Ym3a6NaBlR8OhY2Hu5dsWly86c5O01tsE07A1+xdSsb7b2KGNsv
aGs3WhfFDEBRrMYSidyIW5fFb35WAuJQTjq4FPAkp1DTYFjQNVB+SuAK8+xeBAx5
TGQbsxo5XUzgylNNmrA5Y97IobrFKoW9gawia510RzWXwBVnjzt2L3iVkoF/aqFE
p8waodGKJiiB67vTq7ff1tV6sxQDlTeByfXhq5slv/hFa3JU/GuRRn7QHR/WKOet
8XF7J17hvpQ4pRIg069ZV/gJo/WRJTVn2e8v2z5+j4cwMSQngBBpzkWnvwIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFDojdP7kS7Aun+HRjwAInZ4gU8wnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT2lOMF91UkxzQzZmNGRHUEFBaWRuaUJUekNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIIBGAQCAAIwggEQAwcAKgYRhAAzAwcAKgot
BgAzAwcAKgotBgBVAwcAKgx4hgAzAwcAKg4agCVBAwcAKg4agwBmAwUAKg7HgAMH
ACoO8gEAAQMHACoO9gAAbAMHACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoP
HgAKvAMHACoPHgDe+QMHACoPHgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFD
GQMHACoPHoGS6AMHACoPHoGj0AMHACoPHoHNrgMFAyoPLoADBQAqDz2HAwcAKg99
AgABAwUAKg/hxgMFAyoQbUADBQMqEf2AAwUBKhKsQAMHACoS7MQiEwMFAyoS9UAD
BwAqExjAAAEDBwAqE+EBAAIwDQYJKoZIhvcNAQELBQADggEBACoAUMymP2pi6Fgi
lgGBoCPv6ABVjgTHFKsLMtBgbNxIh5EA1e58uUxugkKb6S8Y5vnBp8+BxKEcKugO
oDodpnoHaAc91GDWfnAiLMPiGWoSfZuKwP7bLGJTGQrg+LrkKJLaXWB12IsNyM/u
betExm9BDb5/rG8DN1eTPwM7idRdDezmmdD13RCMpjv75XJ4ME7qZpM9o2pKH0Gi
QL9PJ7DBCnJ40MuIaqfOyknVQAbzib2VNtVwNOwskLeH3/6hckxRvX3hsX6CuXK8
9RMMU0JCj7E3jTYiE/KKJu8XieeD6Bn0CCiD4c1gV/xPaubzrBMoVE6MhyO2jBFY
Ksgn50g=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:41 2025 by rpki-client