Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fVtylxhzHAHm6y3b5lFxiPPBaeg.roa
File: fVtylxhzHAHm6y3b5lFxiPPBaeg.roa (raw, json)
Hash identifier: xqVlcK6ti3/7lz9MnE54T8wqvRfDHcUxtqmPF5uXEM4=
Subject key identifier: 7D:5B:72:97:18:73:1C:01:E6:EB:2D:DB:E6:51:71:88:F3:C1:69:E8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222042FFA01ACAFD49A28E7A118A023A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fVtylxhzHAHm6y3b5lFxiPPBaeg.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207046
IP address blocks: 45.134.84.0/22 maxlen: 24
178.212.225.0/24 maxlen: 24
185.221.16.0/23 maxlen: 23
185.224.220.0/22 maxlen: 22
185.227.206.0/24 maxlen: 24
185.227.207.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.247.4.0/22 maxlen: 24
185.247.5.0/24 maxlen: 24
185.247.6.0/23 maxlen: 24
185.247.7.0/24 maxlen: 24
185.249.204.0/22 maxlen: 22
185.250.182.0/23 maxlen: 24
194.113.28.0/22 maxlen: 24
194.146.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:42:ff:a0:1a:ca:fd:49:a2:8e:7a:11:8a:02:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d5b729718731c01e6eb2ddbe6517188f3c169e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b9:1b:ae:18:70:e4:ee:78:0e:f4:26:72:72:
53:fd:57:7e:37:ee:16:a3:21:df:d7:d6:16:cc:08:
34:a5:22:f5:71:8e:1e:ca:d8:6f:12:fc:25:72:6e:
19:66:42:ed:cc:17:e2:86:9a:79:ba:1d:b4:f0:f0:
95:7c:c8:f4:a3:47:56:16:df:dc:53:ed:e9:0d:9e:
3f:c2:70:2c:ae:6f:e9:4f:00:df:8d:a6:f9:53:22:
43:e3:0b:18:d9:cd:78:57:a2:33:49:01:e7:c2:c1:
94:6f:62:4c:82:aa:9e:1b:97:4f:d0:db:48:b2:69:
9c:0e:e6:b5:6c:42:b5:36:5a:c0:3d:5f:eb:6d:7c:
39:ab:72:78:87:b5:37:dc:35:16:ce:02:ab:fc:22:
1f:38:d3:37:2c:31:1a:11:98:71:23:4d:69:43:09:
26:bb:8f:cb:38:0d:ab:c3:48:b9:c5:2d:7a:dd:23:
94:29:2d:4d:ae:1a:ed:d2:02:80:9b:9b:30:7c:39:
0b:03:a2:fa:b2:f0:6a:5c:2c:1b:97:72:da:64:a4:
f1:a9:a4:4f:b8:00:c0:37:9c:f2:46:9c:76:67:41:
4d:a3:21:19:55:b6:8f:ba:ca:af:7a:7b:e3:63:0a:
f5:9d:6e:da:77:af:0d:cb:25:d1:21:21:19:ff:33:
97:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5B:72:97:18:73:1C:01:E6:EB:2D:DB:E6:51:71:88:F3:C1:69:E8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fVtylxhzHAHm6y3b5lFxiPPBaeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
178.212.225.0/24
185.221.16.0/23
185.224.220.0/22
185.227.206.0/23
185.239.141.0/24
185.247.4.0/22
185.249.204.0/22
185.250.182.0/23
194.113.28.0/22
194.146.220.0/22
Signature Algorithm: sha256WithRSAEncryption
15:fd:7a:f5:b1:e4:c5:5c:95:ba:f2:04:6f:c0:22:b5:0a:f4:
0c:38:d1:29:1d:53:04:f0:00:9b:16:ba:dc:ea:8b:7c:80:18:
b5:c7:09:2d:b0:78:53:c4:2c:a2:4d:78:1d:25:b8:0a:59:12:
65:c6:49:06:0d:d8:58:22:c0:f6:56:e0:bc:7c:06:c6:5e:33:
aa:34:0d:f6:b6:95:2c:db:98:68:c4:b2:5d:b7:c4:26:71:77:
af:6f:d4:4c:5a:e0:16:59:0a:11:ac:4d:c9:09:49:fa:48:29:
96:b7:d1:7d:fd:3e:fa:d1:42:1b:3f:77:7d:46:5a:95:54:df:
00:f7:49:a0:16:80:c1:15:bd:74:1d:06:47:50:f9:29:92:bf:
f0:c3:93:23:04:35:59:4c:16:26:70:26:db:1a:67:75:f6:c2:
48:0f:38:07:b2:7d:31:4b:57:08:b6:da:1d:c4:6c:55:07:28:
61:a8:29:fe:e2:5f:c2:e7:7a:cc:ff:41:7d:88:b1:02:05:f3:
01:60:11:e3:9d:9b:84:e3:13:84:33:9d:5f:ef:23:09:b9:9c:
5b:fd:45:2c:6e:da:be:ad:42:a5:3c:35:44:fa:f0:55:fd:76:
be:96:da:bd:cf:35:29:a7:91:f1:a9:ee:cf:80:22:4d:d3:01:
09:dd:89:63
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQiIEL/oBrK/UmijnoRigI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDViNzI5NzE4NzMxYzAxZTZlYjJkZGJlNjUxNzE4OGYzYzE2OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLkbrhhw5O54DvQmcnJT/Vd+N+4W
oyHf19YWzAg0pSL1cY4eythvEvwlcm4ZZkLtzBfihpp5uh208PCVfMj0o0dWFt/c
U+3pDZ4/wnAsrm/pTwDfjab5UyJD4wsY2c14V6IzSQHnwsGUb2JMgqqeG5dP0NtI
smmcDua1bEK1NlrAPV/rbXw5q3J4h7U33DUWzgKr/CIfONM3LDEaEZhxI01pQwkm
u4/LOA2rw0i5xS163SOUKS1Nrhrt0gKAm5swfDkLA6L6svBqXCwbl3LaZKTxqaRP
uADAN5zyRpx2Z0FNoyEZVbaPusqvenvjYwr1nW7ad68NyyXRISEZ/zOXvQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFH1bcpcYcxwB5ust2+ZRcYjzwWnoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZlZ0eWx4aHpIQUhtNnkzYjVsRnhpUFBCYWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLYZUAwQA
stThAwQBud0QAwQCueDcAwQBuePOAwQAue+NAwQCufcEAwQCufnMAwQBufq2AwQC
wnEcAwQCwpLcMA0GCSqGSIb3DQEBCwUAA4IBAQAV/Xr1seTFXJW68gRvwCK1CvQM
ONEpHVME8ACbFrrc6ot8gBi1xwktsHhTxCyiTXgdJbgKWRJlxkkGDdhYIsD2VuC8
fAbGXjOqNA32tpUs25hoxLJdt8QmcXevb9RMWuAWWQoRrE3JCUn6SCmWt9F9/T76
0UIbP3d9RlqVVN8A90mgFoDBFb10HQZHUPkpkr/ww5MjBDVZTBYmcCbbGmd19sJI
DzgHsn0xS1cIttodxGxVByhhqCn+4l/C53rM/0F9iLECBfMBYBHjnZuE4xOEM51f
7yMJuZxb/UUsbtq+rUKlPDVE+vBV/Xa+ltq9zzUpp5Hxqe7PgCJN0wEJ3Ylj
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:11:51 2025 by rpki-client