Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XC3XYWX71qzTBgenZouPdEsFwjc.roa
File: XC3XYWX71qzTBgenZouPdEsFwjc.roa (raw, json)
Hash identifier: 1B+rcdcONFBg28Pl7cj2MSQmCGlYR0yHN/6E4HSlXWk=
Subject key identifier: 5C:2D:D7:61:65:FB:D6:AC:D3:06:07:A7:66:8B:8F:74:4B:05:C2:37
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019594DB87BC6C61FEC577DD360719860980
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XC3XYWX71qzTBgenZouPdEsFwjc.roa
Signing time: Fri 14 Mar 2025 13:32:49 +0000
ROA not before: Fri 14 Mar 2025 13:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 16:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:db:87:bc:6c:61:fe:c5:77:dd:36:07:19:86:09:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 14 13:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c2dd76165fbd6acd30607a7668b8f744b05c237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bb:fa:ab:bb:ba:f7:e4:0e:ba:ce:d3:ac:25:
26:2c:79:05:2c:a5:1a:50:b1:98:47:e2:a9:1e:b0:
89:90:8f:a2:ad:94:e0:fc:8b:15:70:28:48:46:5e:
19:d5:3a:1c:f6:7c:62:13:3f:a9:50:7c:b6:a2:e9:
8f:d0:19:11:39:8f:ba:ab:5a:02:be:af:6a:c5:43:
2d:22:66:9d:2c:9b:f1:ba:50:5e:2e:4a:01:1f:03:
61:98:44:fe:cf:a4:09:96:b5:28:ce:c8:09:e3:ea:
bf:95:54:d8:e4:69:73:ae:5a:30:84:f9:ac:8b:5a:
f4:a5:ab:3b:a0:6a:b9:c9:70:27:be:3c:4f:bc:70:
bb:28:2a:bf:ff:1c:3a:6f:f2:2b:cd:44:22:1f:ae:
a1:ed:82:a4:fc:e9:e9:96:f1:10:3b:40:d5:1f:6d:
c6:fc:07:34:ce:6a:6f:3e:98:52:f5:78:48:d7:34:
24:d6:81:f5:95:61:d7:91:3b:b2:e4:69:e2:9c:ab:
a9:e6:28:70:dc:14:33:79:a8:ee:fb:46:47:ae:db:
43:2d:83:cf:36:9e:10:e7:72:15:54:20:bf:b3:cd:
50:eb:7d:1d:40:63:ea:23:69:b4:ab:3c:84:c2:05:
93:b9:de:44:9f:c5:40:e0:6f:d2:3d:75:99:df:72:
c0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2D:D7:61:65:FB:D6:AC:D3:06:07:A7:66:8B:8F:74:4B:05:C2:37
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XC3XYWX71qzTBgenZouPdEsFwjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.215.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
194.33.29.0/24
195.158.192.0/24
Signature Algorithm: sha256WithRSAEncryption
81:e6:a9:55:d5:8b:30:5a:6c:8e:03:a9:2a:ec:e3:2c:95:e7:
e7:e9:7d:4e:51:8d:0c:14:8d:6e:a8:83:96:7c:ef:43:8d:bf:
3f:a0:3c:0e:67:77:e7:34:ad:fb:62:52:28:d7:dd:54:45:ae:
b7:cb:d0:77:93:5c:a6:33:6d:e6:d4:01:21:29:f4:66:65:f5:
2e:87:97:34:c7:78:96:21:53:be:a8:9c:19:19:05:8e:b2:dc:
19:39:d2:31:a4:53:2f:ec:24:19:f0:75:f9:0c:60:af:6f:4f:
54:e6:c1:b3:f5:d0:1f:3a:6f:2d:5f:cf:4e:2f:af:61:5f:08:
10:aa:7f:58:e2:68:e5:50:7d:fd:b3:c2:6c:d1:f6:16:e9:18:
2a:29:70:da:ea:55:be:a5:67:f0:70:e9:0e:4d:77:e8:17:04:
ad:75:43:6c:ef:6b:32:9d:25:b0:18:ec:03:db:10:5b:aa:e5:
76:1f:0c:89:0c:a6:19:be:8e:1a:da:14:3f:7d:66:29:86:5c:
ea:be:52:bd:59:26:7c:00:27:14:47:dd:93:93:12:63:4f:4f:
97:36:f7:52:70:22:3e:03:b1:a6:42:56:00:90:76:f8:2d:68:
64:23:52:ee:4f:6e:f7:02:5f:35:a1:2e:12:73:5c:d1:e3:50:
9e:ae:f4:6a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZWU24e8bGH+xXfdNgcZhgmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzE0MTMzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJkZDc2MTY1ZmJkNmFjZDMwNjA3YTc2NjhiOGY3NDRiMDVjMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrv6q7u69+QOus7TrCUmLHkFLKUa
ULGYR+KpHrCJkI+irZTg/IsVcChIRl4Z1Toc9nxiEz+pUHy2oumP0BkROY+6q1oC
vq9qxUMtImadLJvxulBeLkoBHwNhmET+z6QJlrUozsgJ4+q/lVTY5GlzrlowhPms
i1r0pas7oGq5yXAnvjxPvHC7KCq//xw6b/IrzUQiH66h7YKk/OnplvEQO0DVH23G
/Ac0zmpvPphS9XhI1zQk1oH1lWHXkTuy5GninKup5ihw3BQzeaju+0ZHrttDLYPP
Np4Q53IVVCC/s81Q630dQGPqI2m0qzyEwgWTud5En8VA4G/SPXWZ33LA9wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFwt12Fl+9as0wYHp2aLj3RLBcI3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWEMzWFlXWDcxcXpUQmdlblpvdVBkRXNGd2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0JdQME
AC1fYAMEAC12+AMEAC2CPAMEAC2D1wMEAC2JUQMEAC2MDQMEAC2NsQMEAC2Y0AME
AFXRgAMEAGdyKwMEALl6qwMEALl+QAMEALl+QgMEAMEI1wMEAMEX9QMEAMIhHQME
AMOewDANBgkqhkiG9w0BAQsFAAOCAQEAgeapVdWLMFpsjgOpKuzjLJXn5+l9TlGN
DBSNbqiDlnzvQ42/P6A8Dmd35zSt+2JSKNfdVEWut8vQd5NcpjNt5tQBISn0ZmX1
LoeXNMd4liFTvqicGRkFjrLcGTnSMaRTL+wkGfB1+Qxgr29PVObBs/XQHzpvLV/P
Ti+vYV8IEKp/WOJo5VB9/bPCbNH2FukYKilw2upVvqVn8HDpDk136BcErXVDbO9r
Mp0lsBjsA9sQW6rldh8MiQymGb6OGtoUP31mKYZc6r5SvVkmfAAnFEfdk5MSY09P
lzb3UnAiPgOxpkJWAJB2+C1oZCNS7k9u9wJfNaEuEnNc0eNQnq70ag==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:03 2025 by rpki-client