Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QheDsWEMmExvxEyS5btdbeKnmcw.roa
File: QheDsWEMmExvxEyS5btdbeKnmcw.roa (raw, json)
Hash identifier: KWMpxO8yFafLIRQi3hXWoYnYHLUwIsV5MVWZYMvqCZ8=
Subject key identifier: 42:17:83:B1:61:0C:98:4C:6F:C4:4C:92:E5:BB:5D:6D:E2:A7:99:CC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC229362FFE5A242D4F300AE12151B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QheDsWEMmExvxEyS5btdbeKnmcw.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a11:fd80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a13:fc00::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a06:5280::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a13:2b40::/29 maxlen: 29
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a12:ac40::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a13:18c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Jan 2024 09:04:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:22:93:62:ff:e5:a2:42:d4:f3:00:ae:12:15:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=421783b1610c984c6fc44c92e5bb5d6de2a799cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a5:85:51:31:ee:d8:53:75:fa:fb:3d:c2:b0:
2a:6b:af:2e:e6:01:9c:b4:c5:b1:3c:b3:07:09:f9:
03:08:fc:a5:7b:0c:66:74:89:0f:3c:55:ca:17:b1:
0f:ea:44:e6:38:ee:dc:56:92:54:2d:c0:4c:e2:4e:
12:3f:3b:43:fc:98:eb:99:6a:05:04:4e:4a:b4:63:
9a:e1:0a:cd:26:2e:f4:67:eb:89:d5:5e:9b:88:ce:
1d:3b:d7:1b:8d:f3:d2:a6:dc:28:81:d2:0c:88:93:
b8:01:db:af:98:94:1a:c2:30:7a:0e:25:fb:50:66:
f3:d5:a2:76:52:a8:58:0f:4d:39:e7:ed:b3:8b:43:
02:5d:8b:b4:0e:22:c5:58:a2:70:28:14:57:16:89:
ec:fc:8b:2a:a4:bb:55:d8:1f:45:08:19:f6:b7:dc:
fb:ee:a0:54:d0:0c:3b:f6:2b:e9:23:92:ec:c2:cd:
74:8e:f3:49:d2:8d:4b:e3:bf:7d:13:16:8f:6a:16:
f0:49:ca:d3:0b:6a:70:66:98:1d:16:00:4f:f2:2a:
df:66:a7:63:56:af:d1:90:b8:b7:97:3b:13:67:7f:
05:fe:69:f5:af:ac:5b:2b:3e:41:62:68:d0:04:10:
ba:c4:da:97:a5:d1:88:bc:95:e4:74:36:a8:8f:e8:
fa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:17:83:B1:61:0C:98:4C:6F:C4:4C:92:E5:BB:5D:6D:E2:A7:99:CC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QheDsWEMmExvxEyS5btdbeKnmcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a06:5280::/29
2a07:f300::/29
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a01::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:7d01::/32
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a13:18c0:1::/48
2a13:18c3::/32
2a13:2b40::/29
2a13:4900::/29
2a13:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:67:ab:ec:9f:05:fa:6b:70:74:15:e5:bc:59:d6:86:11:b2:
66:2a:cb:ec:fb:9f:96:29:a2:3a:a6:ed:1d:eb:86:e1:bb:61:
70:f1:5d:39:b5:cd:4a:75:35:ff:6f:e2:2c:9f:40:0b:df:e2:
69:9a:ad:64:e8:c5:e8:a4:13:7f:01:65:83:36:27:e8:04:1d:
23:63:e7:26:82:87:ed:6e:f9:f8:74:7c:ce:84:58:17:cb:4f:
95:12:9c:71:51:8d:4a:38:7d:69:83:46:87:a3:ef:d2:91:80:
f0:4e:a4:30:24:da:4d:0c:e2:05:67:e4:96:f3:43:7f:c7:77:
14:f4:7a:fc:3f:89:fa:96:6d:62:8f:ce:87:1a:7e:bf:93:82:
11:aa:27:d4:73:be:12:5f:cb:7d:dd:2b:e1:19:82:0d:f5:db:
61:fd:ac:8f:0f:96:3c:78:3f:4e:0b:58:32:aa:d1:ce:12:58:
03:c4:f4:28:22:92:82:d3:ba:f5:be:cb:7e:4d:0a:eb:7a:30:
d1:53:fd:b2:48:55:d8:95:14:79:7a:10:3c:ea:3d:bb:34:7f:
57:9e:6f:36:b1:d7:cc:b7:e7:8d:0a:79:b9:5b:59:ec:90:08:
e5:b1:7c:f3:eb:4f:64:60:e9:9c:2f:f2:26:6a:a6:16:f0:3b:
3d:47:03:6c
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAYzJvCKTYv/lokLU8wCuEhUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE3ODNiMTYxMGM5ODRjNmZjNDRjOTJlNWJiNWQ2ZGUyYTc5OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKWFUTHu2FN1+vs9wrAqa68u5gGc
tMWxPLMHCfkDCPylewxmdIkPPFXKF7EP6kTmOO7cVpJULcBM4k4SPztD/JjrmWoF
BE5KtGOa4QrNJi70Z+uJ1V6biM4dO9cbjfPSptwogdIMiJO4AduvmJQawjB6DiX7
UGbz1aJ2UqhYD0055+2zi0MCXYu0DiLFWKJwKBRXFons/IsqpLtV2B9FCBn2t9z7
7qBU0Aw79ivpI5Lsws10jvNJ0o1L4799ExaPahbwScrTC2pwZpgdFgBP8irfZqdj
Vq/RkLi3lzsTZ38F/mn1r6xbKz5BYmjQBBC6xNqXpdGIvJXkdDaoj+j6uwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFEIXg7FhDJhMb8RMkuW7XW3ip5nMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUWhlRHNXRU1tRXh2eEV5UzVidGRiZUtubWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBDwQCAAIwggEHAwUDKgZSgAMFAyoH8wADBQAqDhqA
AwUAKg7HgAMHACoO8gEAAQMFACoPCgEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4A
CYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMD
BwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQMqDyEAAwcAKg89
gAEjMA4DBQEqDz2CAwUAKg89hAMFACoPPYcDBQAqD30BAwUDKg/pQAMFAyoQbUAD
BQMqEf2AAwUBKhKsQAMHACoTGMAAAQMFACoTGMMDBQMqEytAAwUDKhNJAAMFAyoT
/AAwDQYJKoZIhvcNAQELBQADggEBAGtnq+yfBfprcHQV5bxZ1oYRsmYqy+z7n5Yp
ojqm7R3rhuG7YXDxXTm1zUp1Nf9v4iyfQAvf4mmarWToxeikE38BZYM2J+gEHSNj
5yaCh+1u+fh0fM6EWBfLT5USnHFRjUo4fWmDRoej79KRgPBOpDAk2k0M4gVn5Jbz
Q3/HdxT0evw/ifqWbWKPzocafr+TghGqJ9RzvhJfy33dK+EZgg3122H9rI8Pljx4
P04LWDKq0c4SWAPE9CgikoLTuvW+y35NCut6MNFT/bJIVdiVFHl6EDzqPbs0f1ee
bzax18y3540KeblbWeyQCOWxfPPrT2Rg6Zwv8iZqphbwOz1HA2w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:38 2025 by rpki-client