Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cnXGrLzZjDp6-d1R5Lf38-e96tc.roa
File: cnXGrLzZjDp6-d1R5Lf38-e96tc.roa (raw, json)
Hash identifier: wg/XB/oQSAP4GGvFdcnnMd7dbumTAkH1NpjRjwIzXoo=
Subject key identifier: 72:75:C6:AC:BC:D9:8C:3A:7A:F9:DD:51:E4:B7:F7:F3:E7:BD:EA:D7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01944C8AE7303AF85090ABC9DED9872E6F9E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cnXGrLzZjDp6-d1R5Lf38-e96tc.roa
Signing time: Thu 09 Jan 2025 19:29:19 +0000
ROA not before: Thu 09 Jan 2025 19:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 16:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4c:8a:e7:30:3a:f8:50:90:ab:c9:de:d9:87:2e:6f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 9 19:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7275c6acbcd98c3a7af9dd51e4b7f7f3e7bdead7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:65:ac:9d:1e:69:40:1d:ed:ca:d9:ca:f9:6a:
0e:8f:c5:ed:43:94:1e:d0:fb:94:b0:93:c6:8d:28:
f2:7a:4a:ce:23:89:25:87:c6:8e:c1:97:43:e6:88:
ba:ba:f5:82:fb:d0:c9:ca:fd:e4:0f:a8:9c:8c:07:
29:ba:0d:f0:06:4a:60:7f:45:fc:61:c4:b8:64:14:
93:b4:4c:9f:ae:fd:5a:e2:e0:b6:80:cb:cc:2b:c3:
0e:46:5f:98:e2:a5:ec:0d:06:8d:83:73:dc:e5:da:
7b:60:b2:3e:4f:7f:7e:aa:7f:99:10:26:1f:c7:f0:
fd:86:06:c0:65:30:57:31:fb:0a:69:4a:d9:c8:77:
04:c5:27:d5:70:ac:f7:95:2e:7a:06:9d:04:0c:a4:
6a:a9:47:db:cd:40:6a:e5:70:b3:b8:f8:fa:5e:cc:
c8:f3:b9:16:54:73:53:8f:22:62:67:3a:a4:4c:1a:
93:4c:fc:31:d5:16:54:d4:f4:f0:93:14:c3:46:63:
c0:71:4d:68:37:a5:b9:aa:6a:8c:f7:74:12:c4:ca:
99:9b:09:3f:e8:74:0f:63:4f:2e:09:de:fa:c6:d4:
5c:fc:95:53:15:1c:be:ed:f4:33:b8:09:1d:4b:b4:
0b:d4:94:27:56:33:8c:d5:bf:15:67:03:3e:17:29:
8b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:75:C6:AC:BC:D9:8C:3A:7A:F9:DD:51:E4:B7:F7:F3:E7:BD:EA:D7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cnXGrLzZjDp6-d1R5Lf38-e96tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.118.248.0/24
45.131.215.0/24
45.137.81.0/24
45.141.177.0/24
85.209.128.0/24
103.114.43.0/24
185.122.171.0/24
185.126.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:2b:d1:ab:82:c0:e4:fc:93:4f:a4:98:61:5c:ae:0a:59:e2:
93:2e:6f:3d:7b:60:ea:8a:98:17:13:05:67:96:8e:f0:2a:23:
1d:3b:50:8c:db:ad:25:01:79:f8:ab:f1:f2:93:42:c7:cc:9c:
42:c1:2e:f2:22:d5:c7:46:21:57:28:03:a1:ce:5a:11:f9:44:
44:66:6d:9a:40:60:f5:bf:9b:d8:c3:dc:cf:6c:16:ee:60:40:
81:12:df:ce:5d:a8:40:24:93:8a:18:06:dc:64:ac:f3:9e:91:
d4:9e:38:08:a8:47:0e:60:a0:bb:9b:1a:35:83:bc:2e:69:8f:
95:11:87:60:70:a4:b1:96:5e:fd:21:d4:97:72:c6:a4:63:26:
bf:68:97:01:20:60:76:17:3e:90:41:57:d1:f8:dd:9a:4c:8d:
50:7e:74:ff:50:1a:79:77:1d:83:72:38:32:26:5b:fe:4f:dd:
6c:8b:c9:16:14:76:f9:9b:4d:84:aa:55:a7:cc:fc:ac:67:83:
78:c4:b6:29:e3:78:86:d8:fa:48:83:5c:c3:aa:f9:c9:88:e7:
9b:fe:84:6f:68:37:7f:c5:36:b5:4a:17:1a:21:1a:2e:91:5a:
ee:07:4d:01:7e:71:8e:34:08:7d:08:38:6b:cc:f7:41:63:48:
a2:30:26:6d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZRMiucwOvhQkKvJ3tmHLm+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTA5MTkyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc1YzZhY2JjZDk4YzNhN2FmOWRkNTFlNGI3ZjdmM2U3YmRlYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92WsnR5pQB3tytnK+WoOj8XtQ5Qe
0PuUsJPGjSjyekrOI4klh8aOwZdD5oi6uvWC+9DJyv3kD6icjAcpug3wBkpgf0X8
YcS4ZBSTtEyfrv1a4uC2gMvMK8MORl+Y4qXsDQaNg3Pc5dp7YLI+T39+qn+ZECYf
x/D9hgbAZTBXMfsKaUrZyHcExSfVcKz3lS56Bp0EDKRqqUfbzUBq5XCzuPj6XszI
87kWVHNTjyJiZzqkTBqTTPwx1RZU1PTwkxTDRmPAcU1oN6W5qmqM93QSxMqZmwk/
6HQPY08uCd76xtRc/JVTFRy+7fQzuAkdS7QL1JQnVjOM1b8VZwM+FymL4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHJ1xqy82Yw6evndUeS39/PnverXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvY25YR3JMelpqRHA2LWQxUjVMZjM4LWU5NnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQl1AwQA
LXb4AwQALYPXAwQALYlRAwQALY2xAwQAVdGAAwQAZ3IrAwQAuXqrAwQAuX5AMA0G
CSqGSIb3DQEBCwUAA4IBAQCfK9GrgsDk/JNPpJhhXK4KWeKTLm89e2DqipgXEwVn
lo7wKiMdO1CM260lAXn4q/Hyk0LHzJxCwS7yItXHRiFXKAOhzloR+UREZm2aQGD1
v5vYw9zPbBbuYECBEt/OXahAJJOKGAbcZKzznpHUnjgIqEcOYKC7mxo1g7wuaY+V
EYdgcKSxll79IdSXcsakYya/aJcBIGB2Fz6QQVfR+N2aTI1QfnT/UBp5dx2Dcjgy
Jlv+T91si8kWFHb5m02EqlWnzPysZ4N4xLYp43iG2PpIg1zDqvnJiOeb/oRvaDd/
xTa1ShcaIRoukVruB00BfnGONAh9CDhrzPdBY0iiMCZt
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:15:03 2025 by rpki-client