Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4OGHQelGDtvsARPTloDGtJc5U0.roa
File: A4OGHQelGDtvsARPTloDGtJc5U0.roa (raw, json)
Hash identifier: MSzB40Kp8i1FrNZtG4h06HiEMDEzZy8/ooE1sb3ZjgQ=
Subject key identifier: 03:83:86:1D:07:A5:18:3B:6F:B0:04:4F:4E:5A:03:1A:D2:5C:E5:4D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196F1EC8F1A26861A0EE55B78B1F16E1807
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4OGHQelGDtvsARPTloDGtJc5U0.roa
Signing time: Wed 21 May 2025 08:18:54 +0000
ROA not before: Wed 21 May 2025 08:18:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 11:03:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:ec:8f:1a:26:86:1a:0e:e5:5b:78:b1:f1:6e:18:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 21 08:18:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0383861d07a5183b6fb0044f4e5a031ad25ce54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b5:4a:9a:f5:79:d5:5f:80:ff:9c:37:f4:de:
81:eb:2b:db:75:e8:77:9e:25:a6:97:9d:3f:74:e6:
9d:86:1f:4c:48:2e:f6:f9:c1:04:3d:f2:4d:43:93:
b1:c8:9a:d9:7d:e4:6a:68:bb:ee:56:0b:84:85:43:
03:b5:ce:8b:55:26:38:77:2e:3d:3d:b6:fb:31:24:
e6:35:d2:c4:42:b2:66:2d:e0:97:1b:05:fb:5c:be:
44:06:82:c4:31:74:15:a8:c4:36:4e:f2:ef:76:e1:
84:02:21:c4:37:fb:61:4a:85:52:2e:98:5e:e9:04:
fa:f8:d3:ac:b9:eb:b1:c6:fe:84:ee:d5:b0:ad:f0:
53:18:2d:4c:55:80:76:dd:24:0d:21:46:22:1a:10:
f7:fd:c5:67:f0:43:ac:7f:e1:c4:89:11:3c:42:97:
46:66:63:9c:c9:03:b6:1c:90:18:22:e3:f2:09:c6:
09:f1:33:21:a3:88:87:a3:b9:5a:29:2e:d5:10:ea:
ef:c9:51:f0:df:5c:85:2f:ca:f3:d5:59:f1:a8:02:
c2:cb:20:b5:a4:eb:a5:3d:83:2b:be:36:a8:50:fc:
b8:45:83:1c:be:af:f0:10:fa:b3:39:21:d4:da:1e:
d3:ae:62:ba:72:9d:cd:d1:2e:87:ae:89:52:18:90:
5e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:83:86:1D:07:A5:18:3B:6F:B0:04:4F:4E:5A:03:1A:D2:5C:E5:4D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4OGHQelGDtvsARPTloDGtJc5U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.82.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0/23
193.58.146.0/23
194.5.64.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
80:33:bf:51:e7:cb:1f:1b:e2:aa:bf:11:0c:78:d3:f1:c6:19:
23:72:5b:35:65:8c:51:ba:08:1d:9c:98:8a:45:06:56:55:de:
dc:16:1e:25:b4:93:6d:99:83:76:a5:7e:1d:9d:89:b3:b1:d3:
c1:39:c5:e4:c4:17:d9:6a:2f:37:15:8e:4c:94:65:57:c0:de:
56:04:1d:fb:c8:be:fd:db:0f:34:99:d2:d3:bb:74:7a:17:63:
6f:e5:11:1e:29:e6:f9:a8:db:8f:f3:dd:46:e0:3d:d7:ee:7d:
d3:6c:fc:6b:b9:5e:f7:fe:d8:85:a0:d1:a6:76:a2:eb:6b:22:
9d:a2:16:9b:1f:ed:0f:6b:b0:2b:74:cb:55:c1:00:c2:a4:0f:
f3:50:9e:cc:11:8e:2b:9c:5d:57:3d:2b:e9:ae:74:a4:8b:6d:
21:bb:11:d1:80:d2:27:4c:ba:7f:43:1b:33:eb:24:f5:14:6c:
b1:fc:a6:64:cc:33:7d:72:7f:5b:a4:d7:d9:41:c9:cd:a8:6b:
92:d6:ae:32:a2:40:03:6a:98:08:af:42:f2:13:8d:12:9d:33:
33:7a:cc:6e:41:4d:10:52:01:14:ae:2d:79:0d:58:e5:4c:4f:
d7:db:03:da:71:b0:b7:25:0f:71:c0:71:57:31:1e:c4:32:49:
0b:d8:2d:bf
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZbx7I8aJoYaDuVbeLHxbhgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTIxMDgxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzgzODYxZDA3YTUxODNiNmZiMDA0NGY0ZTVhMDMxYWQyNWNlNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLVKmvV51V+A/5w39N6B6yvbdeh3
niWml50/dOadhh9MSC72+cEEPfJNQ5OxyJrZfeRqaLvuVguEhUMDtc6LVSY4dy49
Pbb7MSTmNdLEQrJmLeCXGwX7XL5EBoLEMXQVqMQ2TvLvduGEAiHEN/thSoVSLphe
6QT6+NOsueuxxv6E7tWwrfBTGC1MVYB23SQNIUYiGhD3/cVn8EOsf+HEiRE8QpdG
ZmOcyQO2HJAYIuPyCcYJ8TMho4iHo7laKS7VEOrvyVHw31yFL8rz1VnxqALCyyC1
pOulPYMrvjaoUPy4RYMcvq/wEPqzOSHU2h7TrmK6cp3N0S6HrolSGJBeAwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAODhh0HpRg7b7AET05aAxrSXOVNMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQTRPR0hRZWxHRHR2c0FSUFRsb0RHdEpjNVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC5
1mwDBAC52hQDBAC52mUDBAG53PoDBAG53hwDBAC531IDBAC535sDBAG54QADBAC5
4QMDBAC54mgDBAG545IDBAC55EsDBAC56M4DBAC59nADBAHBCHADBAHBOpIDBADC
BUADBADCTKkDBADCTKwDBADCfEUwDQYJKoZIhvcNAQELBQADggEBAIAzv1Hnyx8b
4qq/EQx40/HGGSNyWzVljFG6CB2cmIpFBlZV3twWHiW0k22Zg3alfh2dibOx08E5
xeTEF9lqLzcVjkyUZVfA3lYEHfvIvv3bDzSZ0tO7dHoXY2/lER4p5vmo24/z3Ubg
PdfufdNs/Gu5Xvf+2IWg0aZ2outrIp2iFpsf7Q9rsCt0y1XBAMKkD/NQnswRjiuc
XVc9K+mudKSLbSG7EdGA0idMun9DGzPrJPUUbLH8pmTMM31yf1uk19lByc2oa5LW
rjKiQANqmAivQvITjRKdMzN6zG5BTRBSARSuLXkNWOVMT9fbA9pxsLclD3HAcVcx
HsQySQvYLb8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:50:30 2025 by rpki-client