Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZiMOpS2h37i8OATsMv_MlF1rJMc.roa
File: ZiMOpS2h37i8OATsMv_MlF1rJMc.roa (raw, json)
Hash identifier: wl9DMkahY0vV/ypk6cGSCYpgZPEaQoRKt8UR8rEyIrE=
Subject key identifier: 66:23:0E:A5:2D:A1:DF:B8:BC:38:04:EC:32:FF:CC:94:5D:6B:24:C7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427481E84DFCC38F12179373B1EDA7539
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZiMOpS2h37i8OATsMv_MlF1rJMc.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a0a:2d06:33::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:1a83:66::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:ecc4:2213::/48 maxlen: 48
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:9280::/32 maxlen: 32
2a13:e101:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1e:84:df:cc:38:f1:21:79:37:3b:1e:da:75:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66230ea52da1dfb8bc3804ec32ffcc945d6b24c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:93:8c:0b:e8:ac:c5:0d:64:1e:34:d7:88:03:
ec:1f:2d:e0:47:66:8b:cf:bb:c9:ac:ad:4f:cd:7d:
98:13:c9:b3:70:6d:e4:3d:2f:2a:a0:77:08:c2:a3:
e2:01:9a:52:ed:b0:f1:e6:df:b5:de:96:51:be:0b:
7c:ea:b2:34:68:fa:86:d4:6b:fd:bd:65:5d:f3:33:
4e:56:1c:4e:5f:c1:e2:55:bb:09:8a:6c:89:62:b1:
03:40:a4:8b:db:cd:e3:bb:25:d3:fe:71:9b:ce:3c:
55:2b:24:e8:3b:d8:ef:94:e7:d9:66:5b:88:f2:30:
bc:ca:57:31:bb:2f:ee:fe:45:a7:00:91:5a:af:2c:
c4:17:24:98:a6:8e:e6:e8:51:50:91:fe:10:c2:69:
67:20:83:9c:5c:cf:b1:4f:78:95:b8:2b:7b:9c:cd:
10:0f:e1:9f:21:8f:0a:20:06:36:15:d2:5a:2e:66:
55:ce:87:be:46:86:26:6d:39:94:dc:43:2d:c1:95:
9d:0e:a4:c5:c2:ce:97:93:bb:f9:26:43:32:36:80:
3f:5d:d5:e3:e4:68:2b:b2:f2:d9:9e:cb:5b:4e:f6:
6a:a3:79:1c:23:0e:81:d5:06:7d:c5:38:8d:a2:92:
b4:7d:be:0b:5b:6d:68:ff:29:fa:1d:41:24:39:59:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:23:0E:A5:2D:A1:DF:B8:BC:38:04:EC:32:FF:CC:94:5D:6B:24:C7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZiMOpS2h37i8OATsMv_MlF1rJMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a0a:2d06:33::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:1a83:66::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d84::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:ecc4:2213::/48
2a12:f540::/29
2a13:18c0:1::/48
2a13:9280::/32
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
76:3e:7e:14:94:e8:e0:cb:d2:da:c6:74:70:f5:64:4d:92:91:
06:32:d2:84:d6:37:6a:64:6f:b9:0f:b5:8e:da:a2:bb:f8:30:
6f:77:e3:bf:3e:61:c1:db:4d:a3:a4:db:25:1d:6a:3d:89:9b:
71:a7:05:e2:8a:46:b4:32:de:61:31:76:4e:e8:ce:cc:1a:3d:
cc:59:19:99:53:7c:6d:47:37:09:b7:11:0b:3f:2c:42:7d:24:
1e:64:05:75:34:dd:f8:2f:80:c8:c2:b7:00:c1:59:cb:e5:5c:
58:b7:88:bd:b3:f0:13:ea:93:60:31:f1:4a:c4:d3:a2:6b:b4:
33:93:a7:15:df:2c:53:d6:06:9f:be:2a:a7:40:16:72:e2:70:
31:66:eb:78:af:67:2a:61:94:04:f1:10:d8:68:d9:5b:41:87:
bf:99:06:48:44:ec:18:78:86:55:9a:98:d5:e9:11:3d:02:3b:
d2:0f:4c:30:5c:1c:1f:40:c0:5a:bd:3b:fc:27:ae:77:6c:24:
04:70:f8:58:13:b9:90:3e:f5:86:e1:0b:b2:a1:2b:2d:9c:7e:
92:2e:7f:1f:08:99:84:23:9a:8e:0d:02:18:3f:4b:bb:7f:f0:
53:84:6c:29:20:3f:d1:d1:6e:5f:e3:15:04:db:7d:8b:26:5f:
c6:e3:9f:b2
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISAZQnSB6E38w48SF5Nzse2nU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjIzMGVhNTJkYTFkZmI4YmMzODA0ZWMzMmZmY2M5NDVkNmIyNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspOMC+isxQ1kHjTXiAPsHy3gR2aL
z7vJrK1PzX2YE8mzcG3kPS8qoHcIwqPiAZpS7bDx5t+13pZRvgt86rI0aPqG1Gv9
vWVd8zNOVhxOX8HiVbsJimyJYrEDQKSL283juyXT/nGbzjxVKyToO9jvlOfZZluI
8jC8ylcxuy/u/kWnAJFaryzEFySYpo7m6FFQkf4QwmlnIIOcXM+xT3iVuCt7nM0Q
D+GfIY8KIAY2FdJaLmZVzoe+RoYmbTmU3EMtwZWdDqTFws6Xk7v5JkMyNoA/XdXj
5GgrsvLZnstbTvZqo3kcIw6B1QZ9xTiNopK0fb4LW21o/yn6HUEkOVmC1wIDAQAB
o4IDMjCCAy4wHQYDVR0OBBYEFGYjDqUtod+4vDgE7DL/zJRdayTHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWmlNT3BTMmgzN2k4T0FUc012X01sRjFySk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRgYIKwYBBQUHAQcBAf8EggE1MIIBMTAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIIBDQQCAAIwggEFAwcAKgYRhAAzAwcAKgot
BgAzAwcAKgx4hgAzAwcAKg4agCVBAwcAKg4agwBmAwUAKg7HgAMHACoO8gEAAQMH
ACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoP
HgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoPHoGj
0AMHACoPHoHNrgMFAyoPLoADBQAqDz2EAwcAKg99AgABAwUAKg/hxgMFAyoQbUAD
BQMqEf2AAwUBKhKsQAMHACoS7MQiEwMFAyoS9UADBwAqExjAAAEDBQAqE5KAAwcA
KhPhAQACMA0GCSqGSIb3DQEBCwUAA4IBAQB2Pn4UlOjgy9LaxnRw9WRNkpEGMtKE
1jdqZG+5D7WO2qK7+DBvd+O/PmHB202jpNslHWo9iZtxpwXiika0Mt5hMXZO6M7M
Gj3MWRmZU3xtRzcJtxELPyxCfSQeZAV1NN34L4DIwrcAwVnL5VxYt4i9s/AT6pNg
MfFKxNOia7Qzk6cV3yxT1gafviqnQBZy4nAxZut4r2cqYZQE8RDYaNlbQYe/mQZI
ROwYeIZVmpjV6RE9AjvSD0wwXBwfQMBavTv8J653bCQEcPhYE7mQPvWG4QuyoSst
nH6SLn8fCJmEI5qODQIYP0u7f/BThGwpID/R0W5f4xUE232LJl/G45+y
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:33:19 2025 by rpki-client