Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y9fuDs7NNxwDFv3l-qKvKq3NHRg.roa
File: Y9fuDs7NNxwDFv3l-qKvKq3NHRg.roa (raw, json)
Hash identifier: +IZI6R2vV1PBiApidkE5l7C9+utwdBFIZXyTMWsCMzE=
Subject key identifier: 63:D7:EE:0E:CE:CD:37:1C:03:16:FD:E5:FA:A2:AF:2A:AD:CD:1D:18
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D409B3C82C4603B1A491F15B8EE1614B6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y9fuDs7NNxwDFv3l-qKvKq3NHRg.roa
Signing time: Thu 25 Jan 2024 12:32:11 +0000
ROA not before: Thu 25 Jan 2024 12:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a05:b900::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a0f:3d84::/32 maxlen: 32
2a0f:3d87::/32 maxlen: 32
2a0f:7d01::/32 maxlen: 32
2a0f:e841::/32 maxlen: 32
2a0f:e940::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a12:ac41::/32 maxlen: 32
2a13:18c0:1::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:18c6::/32 maxlen: 32
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jan 2024 15:11:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:9b:3c:82:c4:60:3b:1a:49:1f:15:b8:ee:16:14:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 25 12:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d7ee0ececd371c0316fde5faa2af2aadcd1d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:61:26:c0:7e:64:c0:a7:00:ff:14:d0:2c:1a:
2b:50:d4:6f:b0:f0:da:9a:69:ef:75:a7:38:70:ef:
ff:26:5c:9d:a8:7e:84:15:cb:de:25:d0:2b:d7:b6:
57:dd:84:93:04:c2:d6:38:29:d3:ac:a6:71:b8:4c:
68:3e:34:fe:22:60:db:07:e2:27:1b:88:77:60:9b:
07:b2:25:03:b7:54:4d:28:4c:c6:04:33:73:58:ba:
91:ad:af:5d:48:40:77:f1:63:08:69:bc:7e:cc:8c:
66:26:36:fd:17:66:e1:1e:1c:b2:ac:56:07:e2:ff:
fc:a9:5d:ac:84:a6:f3:9d:e5:29:b3:27:ae:88:36:
11:a7:ed:59:06:72:55:e3:78:f5:29:cc:6f:f7:b0:
c4:7f:a2:7a:72:02:63:ba:ff:a2:fa:f5:18:8f:54:
06:4d:f6:ca:2c:a8:e4:a0:b9:e1:8f:01:a7:4a:19:
af:5c:7f:23:1c:6e:1b:eb:c3:ff:99:57:3a:51:b3:
31:61:d7:1e:dc:61:09:bb:7b:9c:e5:5a:52:84:d9:
97:ed:a5:dc:75:64:6e:5d:e9:fb:7d:42:8e:b4:31:
de:62:e1:2b:00:19:3a:28:25:38:0e:9b:31:af:7d:
b2:eb:06:68:0b:5f:f8:01:b0:82:d8:ce:8f:f5:dc:
e9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D7:EE:0E:CE:CD:37:1C:03:16:FD:E5:FA:A2:AF:2A:AD:CD:1D:18
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y9fuDs7NNxwDFv3l-qKvKq3NHRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a05:b900::/29
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:7d01::/32
2a0f:e841::/32
2a0f:e940::/29
2a10:6d40::/29
2a12:ac41::/32
2a13:18c0:1::/48
2a13:18c3::/32
2a13:18c6::/32
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
c2:c0:65:fa:70:3d:59:1c:7b:b6:d2:33:76:3c:49:a7:db:48:
9e:a3:a0:76:c4:83:ba:66:b6:5a:9e:f4:fe:12:cf:6b:3c:9f:
e1:06:d7:40:e2:54:ce:a2:0b:be:ad:67:e4:c9:4a:f6:8e:18:
fb:3d:bc:d7:e7:43:66:f0:1f:0e:57:f0:66:4b:c5:e4:94:96:
ce:dd:aa:67:22:44:54:89:e3:36:98:4c:fe:f6:37:64:1f:12:
f3:ec:14:2c:05:45:1b:c3:0b:dd:5d:db:9d:a5:a3:5e:32:98:
63:ce:d0:86:63:bb:79:f9:f1:4c:46:bd:8d:35:b0:bf:9e:fa:
b7:4b:b6:1e:58:0e:b0:de:d2:9c:9a:c4:e0:ad:7d:76:f4:09:
e4:d8:9d:87:1b:d2:3d:45:36:27:1d:9d:ed:7a:82:76:0a:d5:
f2:79:24:0f:10:33:17:88:a2:70:10:a0:b7:ff:8b:3c:57:00:
84:ca:4f:45:0c:d0:c6:c9:48:cf:c6:9d:c1:a3:c8:7f:be:68:
e7:11:37:3a:ca:52:0a:2a:5d:97:e2:2b:49:42:dd:57:a9:83:
25:ce:51:c2:ec:e3:a5:84:c5:79:4e:92:05:58:8e:c5:76:77:
0d:40:ae:ee:3f:72:c8:81:94:f1:2a:01:7e:6e:62:5f:fd:87:
60:a3:3a:91
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAY1AmzyCxGA7GkkfFbjuFhS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTI1MTIzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q3ZWUwZWNlY2QzNzFjMDMxNmZkZTVmYWEyYWYyYWFkY2QxZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GEmwH5kwKcA/xTQLBorUNRvsPDa
mmnvdac4cO//JlydqH6EFcveJdAr17ZX3YSTBMLWOCnTrKZxuExoPjT+ImDbB+In
G4h3YJsHsiUDt1RNKEzGBDNzWLqRra9dSEB38WMIabx+zIxmJjb9F2bhHhyyrFYH
4v/8qV2shKbzneUpsyeuiDYRp+1ZBnJV43j1Kcxv97DEf6J6cgJjuv+i+vUYj1QG
TfbKLKjkoLnhjwGnShmvXH8jHG4b68P/mVc6UbMxYdce3GEJu3uc5VpShNmX7aXc
dWRuXen7fUKOtDHeYuErABk6KCU4Dpsxr32y6wZoC1/4AbCC2M6P9dzp3wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFGPX7g7OzTccAxb95fqiryqtzR0YMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWTlmdURzN05OeHdERnYzbC1xS3ZLcTNOSFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIH5BAIAAjCB8gMFAyoFuQADBQAqDhqAAwUAKg7HgAMH
ACoO8gEAAQMHACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoP
HgDe+QMHACoPHgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS
6AMHACoPHoGj0AMHACoPHoHNrgMFAyoPIQADBwAqDz2AASMwDgMFASoPPYIDBQAq
Dz2EAwUAKg89hwMFACoPfQEDBQAqD+hBAwUDKg/pQAMFAyoQbUADBQAqEqxBAwcA
KhMYwAABAwUAKhMYwwMFACoTGMYDBQMqE0kAMA0GCSqGSIb3DQEBCwUAA4IBAQDC
wGX6cD1ZHHu20jN2PEmn20ieo6B2xIO6ZrZanvT+Es9rPJ/hBtdA4lTOogu+rWfk
yUr2jhj7PbzX50Nm8B8OV/BmS8XklJbO3apnIkRUieM2mEz+9jdkHxLz7BQsBUUb
wwvdXdudpaNeMphjztCGY7t5+fFMRr2NNbC/nvq3S7YeWA6w3tKcmsTgrX129Ank
2J2HG9I9RTYnHZ3teoJ2CtXyeSQPEDMXiKJwEKC3/4s8VwCEyk9FDNDGyUjPxp3B
o8h/vmjnETc6ylIKKl2X4itJQt1XqYMlzlHC7OOlhMV5TpIFWI7FdncNQK7uP3LI
gZTxKgF+bmJf/YdgozqR
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:16 2025 by rpki-client