Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hbrRTTxWdfgzJRIpxQC175yND68.roa
File: hbrRTTxWdfgzJRIpxQC175yND68.roa (raw, json)
Hash identifier: AMEWmIhEvD2femL6P8RhY2kfS2lCBHfFYnuNbxMRGJ0=
Subject key identifier: 85:BA:D1:4D:3C:56:75:F8:33:25:12:29:C5:00:B5:EF:9C:8D:0F:AF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195D8D32119263CD0A39AF2304A06045AB9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hbrRTTxWdfgzJRIpxQC175yND68.roa
Signing time: Thu 27 Mar 2025 18:17:49 +0000
ROA not before: Thu 27 Mar 2025 18:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 14:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:d3:21:19:26:3c:d0:a3:9a:f2:30:4a:06:04:5a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 27 18:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85bad14d3c5675f833251229c500b5ef9c8d0faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ac:7c:5e:fa:53:bc:5a:7e:74:75:d8:85:5d:
ed:df:1b:2a:fb:c0:65:af:97:6f:43:eb:99:d1:95:
ea:a8:49:26:48:49:3e:0a:0e:14:0d:51:07:0b:14:
57:bd:9b:aa:c3:51:71:4e:c5:b3:90:3b:66:c6:05:
c5:48:c4:ba:25:7e:6d:81:90:16:d6:4f:00:19:3e:
bc:ae:0d:a2:c3:10:99:63:b9:53:94:db:90:b4:1e:
6b:6a:95:0e:8f:01:33:b2:0e:f2:4f:01:86:24:db:
d5:ad:7d:72:e2:fe:51:91:39:2f:68:39:ed:c2:1f:
c7:6a:82:11:55:65:aa:d7:8e:5c:5d:79:17:22:69:
00:c5:c7:c0:ea:3b:b1:b3:a1:b7:73:e9:31:48:66:
bc:68:90:e8:01:99:92:b4:32:39:0b:ed:22:22:89:
aa:6e:66:eb:20:86:c3:d4:11:58:17:2d:72:af:14:
ba:e1:58:01:cf:af:f9:a2:7f:98:4b:b3:ba:d9:92:
2c:97:4d:1e:5c:48:fa:00:29:4a:43:49:91:c5:aa:
bb:b3:43:b5:1b:ab:d1:a8:8a:c1:a4:24:f0:96:77:
3d:0b:95:09:aa:9e:42:01:e2:e4:e6:86:c1:44:5e:
6c:8b:96:47:32:ec:d9:e5:b0:ae:81:96:a3:d2:1d:
4f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BA:D1:4D:3C:56:75:F8:33:25:12:29:C5:00:B5:EF:9C:8D:0F:AF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hbrRTTxWdfgzJRIpxQC175yND68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.215.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
Signature Algorithm: sha256WithRSAEncryption
57:94:1e:ed:05:1f:03:31:d1:f5:8e:b3:ea:2f:b2:04:8f:d9:
6a:50:af:f3:d5:f3:a1:44:c5:cf:01:6a:da:31:11:c5:4f:81:
7c:50:66:2a:9c:55:b4:f9:ab:0d:b0:f5:33:39:0b:1c:55:a0:
fa:e5:3d:9b:a8:a1:0b:9d:59:7d:c6:1b:1e:53:d7:93:a1:5e:
91:69:22:7a:53:20:dc:85:0d:56:6b:85:e4:10:78:75:07:7f:
48:30:30:20:27:dd:d8:e5:29:e2:e1:c9:c5:d4:c6:49:83:45:
14:82:78:77:96:4e:a6:9a:2e:6a:22:d3:bc:b2:41:4d:c0:7d:
fd:e4:30:c6:30:ee:83:4f:58:a7:90:2c:b0:69:bd:df:a6:c3:
6f:22:fd:60:b6:39:cd:1b:23:b5:a5:98:c1:a5:fd:b0:c9:f9:
19:b8:ac:c9:82:fb:d8:40:e1:8b:e6:1e:9b:29:90:2e:dd:c9:
32:eb:c7:6e:32:4f:10:15:78:87:95:98:4e:d8:dd:7e:bb:79:
07:6e:f3:5b:4b:bc:d8:6a:f0:05:42:c8:56:0d:47:cc:ff:f6:
3d:ca:58:b5:4b:63:08:34:01:e9:d5:af:db:87:be:0e:4f:05:
5f:4e:7e:de:bc:fd:d2:e5:2c:73:9a:86:d7:63:aa:ae:4e:92:
a8:b1:32:1d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZXY0yEZJjzQo5ryMEoGBFq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzI3MTgxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJhZDE0ZDNjNTY3NWY4MzMyNTEyMjljNTAwYjVlZjljOGQwZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKx8XvpTvFp+dHXYhV3t3xsq+8Bl
r5dvQ+uZ0ZXqqEkmSEk+Cg4UDVEHCxRXvZuqw1FxTsWzkDtmxgXFSMS6JX5tgZAW
1k8AGT68rg2iwxCZY7lTlNuQtB5rapUOjwEzsg7yTwGGJNvVrX1y4v5RkTkvaDnt
wh/HaoIRVWWq145cXXkXImkAxcfA6juxs6G3c+kxSGa8aJDoAZmStDI5C+0iIomq
bmbrIIbD1BFYFy1yrxS64VgBz6/5on+YS7O62ZIsl00eXEj6AClKQ0mRxaq7s0O1
G6vRqIrBpCTwlnc9C5UJqp5CAeLk5obBRF5si5ZHMuzZ5bCugZaj0h1PmwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFIW60U08VnX4MyUSKcUAte+cjQ+vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaGJyUlRUeFdkZmd6SlJJcHhRQzE3NXlORDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALQl1
AwQALV9gAwQALXb4AwQALYI8AwQALYPXAwQALYlRAwQALYwNAwQALY2xAwQALZKD
AwQALZjQAwQAVdGAAwQAZ3IrAwQAuXqrAwQAuX5AAwQAuX5CAwQAwQjXAwQAwRf1
AwQAwRsTAwQAwiEdAwQAw57AMA0GCSqGSIb3DQEBCwUAA4IBAQBXlB7tBR8DMdH1
jrPqL7IEj9lqUK/z1fOhRMXPAWraMRHFT4F8UGYqnFW0+asNsPUzOQscVaD65T2b
qKELnVl9xhseU9eToV6RaSJ6UyDchQ1Wa4XkEHh1B39IMDAgJ93Y5Sni4cnF1MZJ
g0UUgnh3lk6mmi5qItO8skFNwH395DDGMO6DT1inkCywab3fpsNvIv1gtjnNGyO1
pZjBpf2wyfkZuKzJgvvYQOGL5h6bKZAu3cky68duMk8QFXiHlZhO2N1+u3kHbvNb
S7zYavAFQshWDUfM//Y9yli1S2MINAHp1a/bh74OTwVfTn7evP3S5SxzmobXY6qu
TpKosTId
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:30 2025 by rpki-client