Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/v2aD0wXu8ellLTaJ1NKTODiAFDg.roa
File: v2aD0wXu8ellLTaJ1NKTODiAFDg.roa (raw, json)
Hash identifier: EnGfeOwm8JKaVHVOtCBufDvb4elwshbKeDuT8BGR6oc=
Subject key identifier: BF:66:83:D3:05:EE:F1:E9:65:2D:36:89:D4:D2:93:38:38:80:14:38
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192B8C42C0FA3D62F0C539E8AF3D965304A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/v2aD0wXu8ellLTaJ1NKTODiAFDg.roa
Signing time: Wed 23 Oct 2024 09:45:16 +0000
ROA not before: Wed 23 Oct 2024 09:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a0a:2d06:33::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:1a83:66::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0e:f600:6c::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:67c0::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:ecc4:2213::/48 maxlen: 48
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:9280::/32 maxlen: 32
2a13:e101:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 17:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:c4:2c:0f:a3:d6:2f:0c:53:9e:8a:f3:d9:65:30:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 23 09:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf6683d305eef1e9652d3689d4d2933838801438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:71:16:d9:33:3b:71:8b:a3:b8:b1:0f:4c:
30:34:18:cb:36:07:83:be:e7:8a:7d:34:bd:9f:95:
18:2d:86:4a:c0:17:93:d4:0e:18:a5:e7:2f:e8:56:
ff:10:e9:2b:c0:06:69:c9:23:4d:ec:29:fc:e8:30:
98:d9:08:58:cf:37:a4:5c:47:ec:b1:d1:86:41:c5:
d1:4c:89:2c:95:2f:1f:9a:0b:d8:e7:27:64:0a:c4:
3d:93:3b:04:28:61:8b:6c:06:a8:3f:7a:33:44:4e:
ff:f5:b8:c3:b8:3f:69:9c:29:fe:1a:0d:b6:78:6a:
94:98:a2:22:ba:3e:4f:b7:1c:94:d8:94:9c:6a:42:
08:5f:5f:86:e9:ac:4e:fe:86:04:ff:4e:27:45:09:
95:7a:29:2d:cc:56:a2:b1:3c:43:0d:ea:ea:a7:df:
49:3b:19:a4:1e:63:fa:06:3b:46:e9:bd:d3:d4:88:
ec:1a:29:ba:78:f1:f3:f6:be:ff:1b:5e:d6:e5:e3:
26:0b:4a:92:87:c0:1d:e8:9e:3b:8e:11:9f:e9:ef:
f8:0a:18:fc:a9:8c:b6:76:04:fb:2b:23:af:f5:74:
ff:e9:c7:4a:63:62:26:8a:ec:f5:de:d8:10:83:85:
e2:2b:a3:2c:d7:86:60:91:98:3b:d7:b7:c9:11:74:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:66:83:D3:05:EE:F1:E9:65:2D:36:89:D4:D2:93:38:38:80:14:38
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/v2aD0wXu8ellLTaJ1NKTODiAFDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a0a:2d06:33::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:1a83:66::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0e:f600:6c::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:67c0::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:ecc4:2213::/48
2a12:f540::/29
2a13:18c0:1::/48
2a13:9280::/32
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
c5:e1:4c:36:87:c7:05:0f:d6:9e:06:2d:89:e3:55:4c:9b:10:
4f:b4:b0:28:56:02:47:58:29:62:93:7d:72:86:45:6a:04:a9:
74:c8:05:15:92:11:f6:7e:77:dd:e6:16:89:1f:5e:d4:3c:fe:
97:d4:ed:af:5c:64:98:42:13:8e:35:7f:20:ff:c5:6f:28:f6:
70:c1:e1:c9:f1:04:8a:00:87:fe:c3:ef:92:26:66:8e:43:68:
5d:2b:52:1e:e9:b3:96:90:57:c5:10:c1:b6:94:22:15:57:6c:
98:c8:cd:3d:d5:e8:3e:1e:0e:fb:fe:ff:0d:4f:26:71:55:c7:
91:06:81:03:c1:b5:99:71:da:bc:e3:49:34:ad:7f:c0:37:b7:
94:d3:d9:0b:22:d4:47:a5:52:45:78:8f:19:ed:4b:64:06:c2:
dc:1f:eb:a3:4b:25:4d:04:d9:35:16:b2:11:a1:2f:7b:2b:21:
27:b5:70:27:8e:0d:fa:bc:a9:3f:5c:4b:b3:38:9b:04:68:af:
8c:1a:38:a7:a3:93:19:91:e5:11:12:2f:61:e5:23:f0:a8:f2:
6b:2a:2c:fa:93:f1:09:44:e9:fa:57:d7:05:51:20:83:e6:0a:
8c:6a:0d:4f:09:43:6d:a9:ee:02:0a:ba:cd:fb:b8:d1:d8:45:
e6:4c:b5:77
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAZK4xCwPo9YvDFOeivPZZTBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDIzMDk0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY2ODNkMzA1ZWVmMWU5NjUyZDM2ODlkNGQyOTMzODM4ODAxNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9VxFtkzO3GLo7ixD0wwNBjLNgeD
vueKfTS9n5UYLYZKwBeT1A4Ypecv6Fb/EOkrwAZpySNN7Cn86DCY2QhYzzekXEfs
sdGGQcXRTIkslS8fmgvY5ydkCsQ9kzsEKGGLbAaoP3ozRE7/9bjDuD9pnCn+Gg22
eGqUmKIiuj5PtxyU2JScakIIX1+G6axO/oYE/04nRQmVeiktzFaisTxDDerqp99J
OxmkHmP6BjtG6b3T1IjsGim6ePHz9r7/G17W5eMmC0qSh8Ad6J47jhGf6e/4Chj8
qYy2dgT7KyOv9XT/6cdKY2Imiuz13tgQg4XiK6Ms14ZgkZg717fJEXSCDwIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFL9mg9MF7vHpZS02idTSkzg4gBQ4MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdjJhRDB3WHU4ZWxsTFRhSjFOS1RPRGlBRkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIIBFgQCAAIwggEOAwcAKgYRhAAzAwcAKgot
BgAzAwcAKgx4hgAzAwcAKg4agCVBAwcAKg4agwBmAwUAKg7HgAMHACoO8gEAAQMH
ACoO9gAAbAMHACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoP
HgDe+QMHACoPHgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS
6AMHACoPHoGj0AMHACoPHoHNrgMFAyoPLoADBwAqD30CAAEDBQAqD+HGAwUDKhBn
wAMFAyoQbUADBQMqEf2AAwUBKhKsQAMHACoS7MQiEwMFAyoS9UADBwAqExjAAAED
BQAqE5KAAwcAKhPhAQACMA0GCSqGSIb3DQEBCwUAA4IBAQDF4Uw2h8cFD9aeBi2J
41VMmxBPtLAoVgJHWClik31yhkVqBKl0yAUVkhH2fnfd5haJH17UPP6X1O2vXGSY
QhOONX8g/8VvKPZwweHJ8QSKAIf+w++SJmaOQ2hdK1Ie6bOWkFfFEMG2lCIVV2yY
yM091eg+Hg77/v8NTyZxVceRBoEDwbWZcdq840k0rX/AN7eU09kLItRHpVJFeI8Z
7UtkBsLcH+ujSyVNBNk1FrIRoS97KyEntXAnjg36vKk/XEuzOJsEaK+MGjino5MZ
keUREi9h5SPwqPJrKiz6k/EJROn6V9cFUSCD5gqMag1PCUNtqe4CCrrN+7jR2EXm
TLV3
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:02 2025 by rpki-client