Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pdru0_A2_NXUhtrleDHxECjmwig.roa
File: pdru0_A2_NXUhtrleDHxECjmwig.roa (raw, json)
Hash identifier: dLQYz35RPKgg3XsD5yhDFeWbahsEfad2VKa6dXe2xbg=
Subject key identifier: A5:DA:EE:D3:F0:36:FC:D5:D4:86:DA:E5:78:31:F1:10:28:E6:C2:28
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197064157DDD43FFD98DFD659D284386D58
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pdru0_A2_NXUhtrleDHxECjmwig.roa
Signing time: Sun 25 May 2025 07:03:55 +0000
ROA not before: Sun 25 May 2025 07:03:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 45.9.116.0/24 maxlen: 24
45.9.122.0/24 maxlen: 24
45.128.76.0/24 maxlen: 24
45.154.58.0/24 maxlen: 24
2a04:9f40::/29 maxlen: 29
2a06:1184:101::/48 maxlen: 48
2a06:3bc0::/29 maxlen: 29
2a07:8a40::/29 maxlen: 29
2a0a:2d06:102::/48 maxlen: 48
2a0a:2d06:103::/48 maxlen: 48
2a0c:7886:99::/48 maxlen: 48
2a0c:7886:100::/48 maxlen: 48
2a0e:15c7:99::/48 maxlen: 48
2a0f:140::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:cc00::/29 maxlen: 29
2a0f:d200::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a0f:db40::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a0f:e4c0::/29 maxlen: 29
2a0f:fc00::/29 maxlen: 29
2a12:ecc0:158::/48 maxlen: 48
2a13:18c6:66::/48 maxlen: 48
2a13:7d80::/29 maxlen: 29
2a13:c900:130::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 May 2025 12:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:41:57:dd:d4:3f:fd:98:df:d6:59:d2:84:38:6d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 25 07:03:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5daeed3f036fcd5d486dae57831f11028e6c228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cb:17:66:bf:fa:bc:63:ed:ba:80:74:da:9d:
55:e8:74:08:ed:91:5e:6b:5e:58:cd:9e:f3:a9:2e:
41:11:d6:69:c0:ac:cd:65:a3:36:26:c9:27:ef:e5:
8d:6f:34:df:e8:fc:09:07:16:f0:24:cb:db:5f:e4:
28:2e:a5:7e:1c:e8:5d:e2:bd:61:4d:75:3c:50:ff:
12:c6:9e:59:35:86:d6:30:61:c5:d6:ee:c0:f0:3a:
64:fe:b3:81:8d:97:37:85:47:15:1d:10:24:00:35:
48:79:bb:8b:d0:ed:21:81:73:6c:bd:55:e8:4e:be:
ae:3b:85:74:91:de:d2:bc:7c:77:55:59:f5:f1:36:
15:e9:cc:92:d9:f6:1c:f9:f1:de:f8:cf:5e:f2:ce:
10:fe:9c:6f:44:01:93:3f:ac:ff:17:f2:29:3d:e8:
7e:01:36:99:44:6c:7b:7f:b6:f4:9b:c7:39:3d:47:
45:21:66:17:b1:b9:63:65:2e:ed:90:be:7d:fa:b2:
56:e4:55:45:b4:4a:6e:72:e4:5c:97:d3:e1:db:6b:
e8:e6:b7:9b:d3:a8:cd:7a:43:cb:c9:77:91:44:25:
be:3c:82:60:e0:f9:b8:4c:b5:a3:ff:8e:26:40:61:
1c:b4:d9:b9:a5:ba:0f:6c:10:95:b4:97:40:d8:90:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DA:EE:D3:F0:36:FC:D5:D4:86:DA:E5:78:31:F1:10:28:E6:C2:28
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pdru0_A2_NXUhtrleDHxECjmwig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.116.0/24
45.9.122.0/24
45.128.76.0/24
45.154.58.0/24
IPv6:
2a04:9f40::/29
2a06:1184:101::/48
2a06:3bc0::/29
2a07:8a40::/29
2a0a:2d06:102::/47
2a0c:7886:99::/48
2a0c:7886:100::/48
2a0e:15c7:99::/48
2a0f:140::/29
2a0f:2500::/29
2a0f:cc00::/29
2a0f:d200::/29
2a0f:da40::/29
2a0f:db40::/29
2a0f:dfc0::/29
2a0f:e040::/29
2a0f:e4c0::/29
2a0f:fc00::/29
2a12:ecc0:158::/48
2a13:18c6:66::/48
2a13:7d80::/29
2a13:c900:130::/48
Signature Algorithm: sha256WithRSAEncryption
4d:4c:0c:f5:66:68:d4:da:6b:93:0c:72:a0:8a:c7:70:23:e8:
de:1b:50:9d:87:86:cf:db:f7:62:ab:4e:50:cd:aa:ba:f9:6c:
66:f3:70:4e:27:c3:0d:12:0c:57:80:f9:e4:5b:29:30:5f:21:
9e:2d:66:ce:80:7e:ea:6e:ed:b8:0f:39:8e:f3:64:23:ea:3b:
e9:02:f0:bf:83:07:6d:6e:48:18:44:91:00:08:7b:71:31:cd:
58:24:e1:53:85:af:23:de:55:12:44:a4:3a:10:03:07:36:d9:
05:b4:fe:b2:96:77:ad:ce:4a:8f:5e:6f:48:6d:b5:3c:bd:90:
4e:ab:a5:16:84:50:24:19:79:30:bc:ef:fb:bc:55:bd:4e:12:
81:51:1d:a9:c7:70:51:42:52:44:3c:a5:ad:74:17:70:81:89:
40:81:79:a7:e0:df:97:40:f2:0c:8e:b4:bb:92:d3:de:ec:b0:
1f:47:17:b6:a0:7a:03:46:f7:5e:3b:11:4f:53:39:df:f0:82:
fa:39:96:61:e8:3c:62:6b:24:a9:68:5f:64:92:f6:dd:ee:e9:
aa:be:46:75:a8:3c:4c:83:04:09:27:ae:92:db:71:06:06:03:
78:7d:20:3e:b3:00:46:fd:67:41:7b:66:38:51:b1:d9:4d:88:
bc:52:82:ed
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZcGQVfd1D/9mN/WWdKEOG1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI1MDcwMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRhZWVkM2YwMzZmY2Q1ZDQ4NmRhZTU3ODMxZjExMDI4ZTZjMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkssXZr/6vGPtuoB02p1V6HQI7ZFe
a15YzZ7zqS5BEdZpwKzNZaM2Jskn7+WNbzTf6PwJBxbwJMvbX+QoLqV+HOhd4r1h
TXU8UP8Sxp5ZNYbWMGHF1u7A8Dpk/rOBjZc3hUcVHRAkADVIebuL0O0hgXNsvVXo
Tr6uO4V0kd7SvHx3VVn18TYV6cyS2fYc+fHe+M9e8s4Q/pxvRAGTP6z/F/IpPeh+
ATaZRGx7f7b0m8c5PUdFIWYXsbljZS7tkL59+rJW5FVFtEpucuRcl9Ph22vo5reb
06jNekPLyXeRRCW+PIJg4Pm4TLWj/44mQGEctNm5pboPbBCVtJdA2JA6xwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFKXa7tPwNvzV1Iba5Xgx8RAo5sIoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcGRydTBfQTJfTlhVaHRybGVESHhFQ2ptd2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DAeBAIAATAYAwQALQl0
AwQALQl6AwQALYBMAwQALZo6MIGxBAIAAjCBqgMFAyoEn0ADBwAqBhGEAQEDBQMq
BjvAAwUDKgeKQAMHASoKLQYBAgMHACoMeIYAmQMHACoMeIYBAAMHACoOFccAmQMF
AyoPAUADBQMqDyUAAwUDKg/MAAMFAyoP0gADBQMqD9pAAwUDKg/bQAMFAyoP38AD
BQMqD+BAAwUDKg/kwAMFAyoP/AADBwAqEuzAAVgDBwAqExjGAGYDBQMqE32AAwcA
KhPJAAEwMA0GCSqGSIb3DQEBCwUAA4IBAQBNTAz1ZmjU2muTDHKgisdwI+jeG1Cd
h4bP2/diq05Qzaq6+Wxm83BOJ8MNEgxXgPnkWykwXyGeLWbOgH7qbu24DzmO82Qj
6jvpAvC/gwdtbkgYRJEACHtxMc1YJOFTha8j3lUSRKQ6EAMHNtkFtP6ylnetzkqP
Xm9IbbU8vZBOq6UWhFAkGXkwvO/7vFW9ThKBUR2px3BRQlJEPKWtdBdwgYlAgXmn
4N+XQPIMjrS7ktPe7LAfRxe2oHoDRvdeOxFPUznf8IL6OZZh6DxiaySpaF9kkvbd
7umqvkZ1qDxMgwQJJ66S23EGBgN4fSA+swBG/WdBe2Y4UbHZTYi8UoLt
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:46 2025 by rpki-client