Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loc5zRMDa7H-cZm_nSuFeogJq60.roa
File: loc5zRMDa7H-cZm_nSuFeogJq60.roa (raw, json)
Hash identifier: ZcfZRR8ooxHOfN+GHutAH6MaeS5JYdDbpjoAhFY/BZE=
Subject key identifier: 96:87:39:CD:13:03:6B:B1:FE:71:99:BF:9D:2B:85:7A:88:09:AB:AD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196AEAE255DAF0D5B8D2F448DA777C002D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loc5zRMDa7H-cZm_nSuFeogJq60.roa
Signing time: Thu 08 May 2025 06:56:10 +0000
ROA not before: Thu 08 May 2025 06:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 May 2025 15:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:ae:25:5d:af:0d:5b:8d:2f:44:8d:a7:77:c0:02:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 8 06:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=968739cd13036bb1fe7199bf9d2b857a8809abad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:34:fb:4c:ef:56:bc:ef:a6:8f:01:c2:15:
b7:e2:1b:c9:06:1b:e3:f1:fa:c5:b5:84:d6:ec:bb:
73:82:3c:1d:58:b5:c0:a0:c8:6d:8c:9a:0f:09:95:
79:28:0e:a8:9e:a7:f8:c8:bb:e7:2f:cb:73:4f:63:
1d:3f:86:74:1a:26:bc:26:16:a3:7b:e8:67:69:b7:
1b:e1:40:c6:cb:0e:f9:da:0e:91:ad:ac:32:6f:b2:
b1:a9:a1:48:40:c6:c1:76:1e:2a:44:40:ce:a0:8d:
3d:3b:08:4d:8d:ff:7e:d0:85:89:42:9b:e5:12:28:
9b:07:b3:86:d7:57:fe:4b:07:28:4b:fd:1b:3c:40:
ef:2f:4d:a3:29:bd:31:da:31:88:7a:ee:cc:6e:2d:
97:f1:bc:53:7b:76:f5:a0:07:a9:d1:e8:db:4c:53:
0d:63:ba:22:6c:c2:08:dd:b9:d3:48:f8:7e:ce:d7:
f5:79:d5:b4:23:eb:7a:18:a7:58:f8:45:27:94:89:
da:ab:18:b6:2a:b9:65:c4:1e:5d:d9:d3:33:cf:bf:
5c:10:f4:9c:7e:3c:aa:4e:74:8a:a7:c8:e3:a4:07:
41:43:60:38:e4:2b:08:c0:a8:41:1a:67:66:cd:38:
88:9e:5e:21:c8:3f:50:8d:70:4d:a7:10:1b:dc:2a:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:87:39:CD:13:03:6B:B1:FE:71:99:BF:9D:2B:85:7A:88:09:AB:AD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loc5zRMDa7H-cZm_nSuFeogJq60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
0f:68:83:25:ab:e5:c3:0f:48:77:46:4f:e1:a7:ee:3b:ee:3d:
a7:cc:2e:a7:d2:bd:61:4b:45:3d:62:4f:19:44:12:f2:e8:55:
ef:4f:f1:3c:81:36:58:3c:0e:8e:5e:a7:00:bd:7b:d4:2c:75:
f7:23:a2:a7:26:1f:af:d2:e1:65:4d:08:8b:c8:c1:48:b1:a0:
aa:e1:40:7a:fd:e2:3b:a8:56:62:cc:46:ba:03:bc:6d:8f:11:
59:1f:1f:d1:e0:37:c4:20:0a:5e:a5:39:00:2b:4e:e3:99:52:
bc:0f:ed:98:fe:ec:bc:0e:ce:05:c3:9d:20:1c:27:ca:08:07:
41:ac:df:54:be:f4:9a:da:2a:d8:dd:06:3f:43:c0:a1:1c:15:
af:bf:49:19:d3:ee:7d:a4:9e:63:49:b1:67:83:25:57:75:19:
43:be:0a:04:21:35:ec:6c:52:65:6e:ee:c3:a0:ac:fb:73:37:
43:ea:de:96:45:3c:a9:e4:b7:ab:b6:9b:e6:13:26:b8:ff:9e:
9f:54:bd:69:05:17:48:68:85:a9:b3:5a:c6:5e:e7:f2:eb:4c:
d6:8e:a2:b0:df:e5:92:92:79:85:ba:d4:9d:a5:77:71:bd:08:
bb:ce:c9:a3:b8:7e:29:2e:78:1c:dc:e2:ad:7e:a3:c7:de:70:
cd:5a:3a:ab
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZauriVdrw1bjS9Ejad3wALUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTA4MDY1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg3MzljZDEzMDM2YmIxZmU3MTk5YmY5ZDJiODU3YTg4MDlhYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+Q0+0zvVrzvpo8BwhW34hvJBhvj
8frFtYTW7LtzgjwdWLXAoMhtjJoPCZV5KA6onqf4yLvnL8tzT2MdP4Z0Gia8Jhaj
e+hnabcb4UDGyw752g6Rrawyb7KxqaFIQMbBdh4qREDOoI09OwhNjf9+0IWJQpvl
EiibB7OG11f+SwcoS/0bPEDvL02jKb0x2jGIeu7Mbi2X8bxTe3b1oAep0ejbTFMN
Y7oibMII3bnTSPh+ztf1edW0I+t6GKdY+EUnlInaqxi2KrllxB5d2dMzz79cEPSc
fjyqTnSKp8jjpAdBQ2A45CsIwKhBGmdmzTiInl4hyD9QjXBNpxAb3CrBEQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFJaHOc0TA2ux/nGZv50rhXqICautMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbG9jNXpSTURhN0gtY1ptX25TdUZlb2dKcTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBrwQCAAEwgagDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAtnrkDBABV0YADBABn
cisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBAG58vQDBADBCNcDBADB
F/UDBADBGxMDBADCIR0DBADDnsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADAN
BgkqhkiG9w0BAQsFAAOCAQEAD2iDJavlww9Id0ZP4afuO+49p8wup9K9YUtFPWJP
GUQS8uhV70/xPIE2WDwOjl6nAL171Cx19yOipyYfr9LhZU0Ii8jBSLGgquFAev3i
O6hWYsxGugO8bY8RWR8f0eA3xCAKXqU5ACtO45lSvA/tmP7svA7OBcOdIBwnyggH
QazfVL70mtoq2N0GP0PAoRwVr79JGdPufaSeY0mxZ4MlV3UZQ74KBCE17GxSZW7u
w6Cs+3M3Q+relkU8qeS3q7ab5hMmuP+en1S9aQUXSGiFqbNaxl7n8utM1o6isN/l
kpJ5hbrUnaV3cb0Iu87Jo7h+KS54HNzirX6jx95wzVo6qw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:55:02 2025 by rpki-client