Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/frCfWTUgdM7yYIpShKYCsPgAVMU.roa
File: frCfWTUgdM7yYIpShKYCsPgAVMU.roa (raw, json)
Hash identifier: m8V27I9A6qoSaDFeDxbcmQzLQrRczVWVvLE4g2qvZmM=
Subject key identifier: 7E:B0:9F:59:35:20:74:CE:F2:60:8A:52:84:A6:02:B0:F8:00:54:C5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196EC6AE639F9A9CBE5BF3A39CBE9DF536A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/frCfWTUgdM7yYIpShKYCsPgAVMU.roa
Signing time: Tue 20 May 2025 06:39:10 +0000
ROA not before: Tue 20 May 2025 06:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.145.56.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 10:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:6a:e6:39:f9:a9:cb:e5:bf:3a:39:cb:e9:df:53:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 20 06:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7eb09f59352074cef2608a5284a602b0f80054c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:d6:42:0d:22:54:8b:9c:ac:a9:40:8b:7a:
01:fb:c5:2b:51:7a:34:c1:a3:96:ad:8e:32:d1:f8:
21:c6:57:d3:d3:fa:6b:d7:85:74:c9:1c:ab:bb:21:
27:e0:44:c1:6e:f0:fc:ef:a0:57:d9:20:98:61:b1:
39:34:3b:3e:34:5d:96:69:1b:6e:96:58:b9:17:bb:
7f:b6:21:2a:cf:d1:aa:de:5a:de:69:cd:c7:49:87:
84:10:f0:83:2f:e2:b0:de:5f:62:d9:09:06:00:62:
64:d2:f2:a2:6f:fe:7b:a5:42:08:be:69:e5:6e:3d:
79:dd:54:d9:13:99:ce:e8:a5:7f:22:d0:67:a5:9e:
cf:fb:0d:4b:f8:ca:2d:3d:d1:67:0b:7f:59:85:f0:
59:89:ad:54:77:74:6d:9a:7c:9d:01:19:69:7b:61:
97:da:21:1d:6a:91:69:47:f1:1b:51:26:63:89:3a:
bc:7c:58:2b:a0:9c:ec:50:74:6a:7b:0d:88:54:08:
c1:f5:fa:90:e3:70:b5:3c:c3:fb:47:f2:18:3e:84:
ed:f8:d8:e0:ee:61:cc:48:25:d5:e0:de:2d:23:1b:
7a:91:50:70:ae:c5:ae:8e:17:21:7c:e5:70:ad:8f:
fc:b2:3d:44:55:d4:33:80:81:e3:67:00:8c:03:a7:
59:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B0:9F:59:35:20:74:CE:F2:60:8A:52:84:A6:02:B0:F8:00:54:C5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/frCfWTUgdM7yYIpShKYCsPgAVMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.145.56.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
192.153.171.0/24
193.8.215.0/24
193.23.245.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
193.27.21.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
79:a4:21:66:ca:bc:36:17:47:af:90:30:25:aa:63:73:20:4d:
6e:63:62:fd:3a:ce:80:0c:f0:dd:e1:d3:73:ef:dd:b1:c5:32:
e0:15:12:e6:04:e9:0f:81:47:fd:8e:c3:8b:dd:e9:2f:11:1c:
40:e1:b9:68:fa:e2:aa:64:12:a0:d3:e2:7b:ae:a8:84:dd:03:
32:e6:70:64:ff:da:d8:6e:0f:ff:64:85:37:6a:fd:16:3b:eb:
46:bb:ed:73:bb:18:71:02:06:5d:20:33:dc:c6:a7:23:8e:c5:
82:2f:46:e8:30:25:d1:25:53:65:78:db:92:e4:40:a1:a0:d1:
76:9c:5f:ad:0c:31:48:8b:f3:63:8e:8e:fd:0e:38:76:77:09:
08:3f:97:8a:cd:83:be:a5:04:11:35:f0:f6:60:9f:1e:c8:72:
8f:35:66:d9:1d:10:ee:24:dc:53:53:0e:4f:56:3c:19:73:9a:
61:91:c2:9c:d0:27:c3:e4:b6:dd:a5:10:aa:97:3f:08:6e:a4:
7d:18:ab:d7:66:8f:ba:35:53:fc:7d:56:0c:0b:b3:21:65:c5:
51:b8:04:4a:2a:91:e2:12:88:12:ce:54:20:29:91:cb:1c:8f:
2c:10:ae:25:32:5b:54:0b:95:b3:e4:0d:64:da:da:4d:fe:74:
ac:9a:ba:92
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZbsauY5+anL5b86Ocvp31NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTIwMDYzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWIwOWY1OTM1MjA3NGNlZjI2MDhhNTI4NGE2MDJiMGY4MDA1NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1PWQg0iVIucrKlAi3oB+8UrUXo0
waOWrY4y0fghxlfT0/pr14V0yRyruyEn4ETBbvD876BX2SCYYbE5NDs+NF2WaRtu
lli5F7t/tiEqz9Gq3lreac3HSYeEEPCDL+Kw3l9i2QkGAGJk0vKib/57pUIIvmnl
bj153VTZE5nO6KV/ItBnpZ7P+w1L+MotPdFnC39ZhfBZia1Ud3RtmnydARlpe2GX
2iEdapFpR/EbUSZjiTq8fFgroJzsUHRqew2IVAjB9fqQ43C1PMP7R/IYPoTt+Njg
7mHMSCXV4N4tIxt6kVBwrsWujhchfOVwrY/8sj1EVdQzgIHjZwCMA6dZ5QIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFH6wn1k1IHTO8mCKUoSmArD4AFTFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZnJDZldUVWdkTTd5WUlwU2hLWUNzUGdBVk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCBzQQCAAEwgcYDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkTgDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAtnrkDBABV
0YADBABncisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBAG58vQDBADA
masDBADBCNcDBADBF/UDBADBF/0DBADBGwoDBADBGxMDBADBGxUDBADCIR0DBADD
nsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEA
eaQhZsq8NhdHr5AwJapjcyBNbmNi/TrOgAzw3eHTc+/dscUy4BUS5gTpD4FH/Y7D
i93pLxEcQOG5aPriqmQSoNPie66ohN0DMuZwZP/a2G4P/2SFN2r9FjvrRrvtc7sY
cQIGXSAz3ManI47Fgi9G6DAl0SVTZXjbkuRAoaDRdpxfrQwxSIvzY46O/Q44dncJ
CD+Xis2DvqUEETXw9mCfHshyjzVm2R0Q7iTcU1MOT1Y8GXOaYZHCnNAnw+S23aUQ
qpc/CG6kfRir12aPujVT/H1WDAuzIWXFUbgESiqR4hKIEs5UICmRyxyPLBCuJTJb
VAuVs+QNZNraTf50rJq6kg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:32:27 2025 by rpki-client