Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cpGxCG_pTEaAqdCczgh4Q-_U428.roa
File: cpGxCG_pTEaAqdCczgh4Q-_U428.roa (raw, json)
Hash identifier: 1gcP/zD06JYT+m/Yz7UI+Vixh8jpTassfo7uppP8ZsA=
Subject key identifier: 72:91:B1:08:6F:E9:4C:46:80:A9:D0:9C:CE:08:78:43:EF:D4:E3:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193CEA4BBE5DDD43E5ED8FCD0DAFADACFEE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cpGxCG_pTEaAqdCczgh4Q-_U428.roa
Signing time: Mon 16 Dec 2024 08:45:22 +0000
ROA not before: Mon 16 Dec 2024 08:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a0a:2d06:33::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:1a83:66::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:67c0::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:ecc4:2213::/48 maxlen: 48
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:9280::/32 maxlen: 32
2a13:e101:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Dec 2024 09:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:a4:bb:e5:dd:d4:3e:5e:d8:fc:d0:da:fa:da:cf:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 16 08:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7291b1086fe94c4680a9d09cce087843efd4e36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:eb:b0:0c:81:96:ba:ae:36:4e:d7:75:cb:47:
d3:9f:ff:de:b7:0f:9e:d8:db:58:7f:13:a7:42:25:
9c:27:23:91:c3:a2:9d:6c:3c:91:6f:1f:9f:51:e2:
03:6d:73:b4:6f:9f:55:69:c0:90:0b:e0:ea:32:39:
66:a7:19:14:ac:51:5e:8f:37:4c:a6:63:a1:3e:74:
9e:74:f2:89:73:12:75:43:72:a5:e6:c9:68:e7:9b:
41:83:dc:b5:24:77:bd:92:f8:25:a9:ed:19:45:cf:
49:63:48:00:61:9b:6b:59:4e:7d:cb:03:23:26:5f:
16:11:79:50:d1:f5:bc:93:17:09:4c:22:b3:05:78:
62:26:5b:cc:39:37:79:70:b2:f0:ea:0b:81:cb:16:
01:ac:45:e1:78:56:b3:6e:31:48:55:2f:b2:c3:fa:
27:89:a4:64:29:3b:6c:f7:31:51:60:da:d4:d0:30:
8b:c2:24:88:51:49:cb:81:e4:cb:de:69:a7:dd:74:
8b:1f:6b:e3:d3:09:4b:b6:ba:c9:c7:61:8f:e8:11:
4f:25:4b:df:52:70:0e:07:3a:b8:49:b4:8a:f3:d8:
87:3d:f5:48:b6:a8:da:4b:db:45:83:c5:65:5e:32:
d2:22:a9:6a:c8:4b:e9:15:ed:65:73:d1:78:69:39:
c4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:91:B1:08:6F:E9:4C:46:80:A9:D0:9C:CE:08:78:43:EF:D4:E3:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cpGxCG_pTEaAqdCczgh4Q-_U428.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a0a:2d06:33::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:1a83:66::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d84::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:67c0::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:ecc4:2213::/48
2a12:f540::/29
2a13:18c0:1::/48
2a13:9280::/32
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
71:e4:12:29:a2:ab:5e:67:60:1e:3f:9e:c8:b1:57:10:7a:fb:
94:c4:18:d8:47:1c:4f:cd:a6:15:de:97:fa:59:32:94:43:38:
4d:90:9e:83:7f:3d:3e:94:54:36:57:91:ea:3b:f4:f9:fc:70:
a1:29:d9:fe:ec:16:4a:fd:e4:2b:02:b7:e5:22:70:0f:a3:ab:
8e:ee:5f:3a:10:14:ea:ad:61:3b:b8:e5:19:40:d1:be:3f:27:
cf:96:5a:c9:3b:8d:d3:04:76:d4:98:b3:49:f2:30:f1:09:3f:
df:1e:7b:e6:51:a8:cb:cd:33:e9:59:c7:0e:f3:c2:5a:79:ce:
9d:6f:67:cc:6d:fe:45:56:f9:f0:e9:7c:38:48:43:a1:59:44:
55:da:52:28:84:8d:fe:3b:df:c3:e9:7d:24:a4:bb:dc:d0:f7:
8b:77:ba:a0:76:95:8a:21:1a:b2:1f:44:ef:96:76:04:4c:43:
66:ee:5a:dd:b0:35:9c:a4:a4:80:50:48:1a:45:60:cf:a1:a7:
dd:37:1f:95:e8:94:4f:62:10:ef:ba:ea:d3:fd:02:5e:59:df:
3a:24:06:2a:a9:38:9e:57:72:b9:8c:79:91:00:84:7b:e6:3d:
2e:2d:a1:1f:82:e4:af:82:42:d5:e6:d0:63:ac:42:3c:6a:3f:
69:0c:57:3d
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAZPOpLvl3dQ+Xtj80Nr62s/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjE2MDg0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjkxYjEwODZmZTk0YzQ2ODBhOWQwOWNjZTA4Nzg0M2VmZDRlMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+uwDIGWuq42Ttd1y0fTn//etw+e
2NtYfxOnQiWcJyORw6KdbDyRbx+fUeIDbXO0b59VacCQC+DqMjlmpxkUrFFejzdM
pmOhPnSedPKJcxJ1Q3Kl5slo55tBg9y1JHe9kvglqe0ZRc9JY0gAYZtrWU59ywMj
Jl8WEXlQ0fW8kxcJTCKzBXhiJlvMOTd5cLLw6guByxYBrEXheFazbjFIVS+yw/on
iaRkKTts9zFRYNrU0DCLwiSIUUnLgeTL3mmn3XSLH2vj0wlLtrrJx2GP6BFPJUvf
UnAOBzq4SbSK89iHPfVItqjaS9tFg8VlXjLSIqlqyEvpFe1lc9F4aTnEIQIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFHKRsQhv6UxGgKnQnM4IeEPv1ONvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvY3BHeENHX3BURWFBcWRDY3pnaDRRLV9VNDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIIBFAQCAAIwggEMAwcAKgYRhAAzAwcAKgot
BgAzAwcAKgx4hgAzAwcAKg4agCVBAwcAKg4agwBmAwUAKg7HgAMHACoO8gEAAQMH
ACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoP
HgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoPHoGj
0AMHACoPHoHNrgMFAyoPLoADBQAqDz2EAwcAKg99AgABAwUAKg/hxgMFAyoQZ8AD
BQMqEG1AAwUDKhH9gAMFASoSrEADBwAqEuzEIhMDBQMqEvVAAwcAKhMYwAABAwUA
KhOSgAMHACoT4QEAAjANBgkqhkiG9w0BAQsFAAOCAQEAceQSKaKrXmdgHj+eyLFX
EHr7lMQY2EccT82mFd6X+lkylEM4TZCeg389PpRUNleR6jv0+fxwoSnZ/uwWSv3k
KwK35SJwD6Orju5fOhAU6q1hO7jlGUDRvj8nz5ZayTuN0wR21JizSfIw8Qk/3x57
5lGoy80z6VnHDvPCWnnOnW9nzG3+RVb58Ol8OEhDoVlEVdpSKISN/jvfw+l9JKS7
3ND3i3e6oHaViiEash9E75Z2BExDZu5a3bA1nKSkgFBIGkVgz6Gn3TcfleiUT2IQ
77rq0/0CXlnfOiQGKqk4nldyuYx5kQCEe+Y9Li2hH4Lkr4JC1ebQY6xCPGo/aQxX
PQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:46 2025 by rpki-client