Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/mrG4YsSvEqUlPs3rULCr2I_SnIc.roa
File: mrG4YsSvEqUlPs3rULCr2I_SnIc.roa (raw, json)
Hash identifier: vAL5vwoJlpep/oDJ5q5rvhbUHFScs0SUalidwQcRo4U=
Subject key identifier: 9A:B1:B8:62:C4:AF:12:A5:25:3E:CD:EB:50:B0:AB:D8:8F:D2:9C:87
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 01953901C59D5989944F06AF661523D6CE59
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/mrG4YsSvEqUlPs3rULCr2I_SnIc.roa
Signing time: Mon 24 Feb 2025 17:29:32 +0000
ROA not before: Mon 24 Feb 2025 17:29:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.37.0/24 maxlen: 24
45.136.38.0/24 maxlen: 24
45.136.39.0/24 maxlen: 24
185.38.26.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 13:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:39:01:c5:9d:59:89:94:4f:06:af:66:15:23:d6:ce:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Feb 24 17:29:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ab1b862c4af12a5253ecdeb50b0abd88fd29c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:69:21:e5:38:da:80:d0:d0:b3:cd:15:b5:
61:6c:cf:45:4a:8b:d3:f5:d1:be:95:ec:a7:37:39:
18:64:66:7a:20:45:78:da:0c:80:56:72:99:60:a6:
56:3e:3b:32:04:bb:68:9b:66:8c:31:ea:9a:56:85:
09:85:ab:2d:0d:44:2a:ed:04:47:6a:26:43:6a:f0:
c5:77:0b:5e:e0:01:e5:03:34:2a:3b:e4:d2:43:2e:
07:23:79:28:ef:37:4b:f5:62:b7:7c:cd:aa:13:00:
0f:ad:6d:0f:8c:37:f3:b0:91:8b:9e:53:b5:f1:5b:
6f:f4:f1:df:0b:cf:9e:7b:38:ba:88:29:03:05:eb:
23:ea:c6:08:e3:66:e4:1b:b3:72:2d:2d:1c:65:6f:
04:8e:56:51:9c:ad:3d:f7:9d:e1:7a:74:3f:ed:fb:
16:6e:1e:0e:1f:68:0d:58:c5:b2:f0:52:e2:95:8b:
3e:46:fc:55:df:6c:9d:35:ec:a0:b0:7a:ca:a0:83:
7c:a0:98:a8:1d:4c:8b:75:4f:88:72:b4:cd:92:20:
05:48:9e:29:2f:2d:5b:12:3e:49:31:d7:9d:9e:9d:
21:57:3b:f7:0c:22:40:bf:a2:73:5f:f5:76:78:43:
7f:e6:55:19:54:2d:f2:f1:28:df:f9:ed:a8:f5:ae:
a9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B1:B8:62:C4:AF:12:A5:25:3E:CD:EB:50:B0:AB:D8:8F:D2:9C:87
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/mrG4YsSvEqUlPs3rULCr2I_SnIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0-45.136.39.255
185.38.26.0/23
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:3e:6e:a4:5c:0b:3e:df:77:35:25:c1:bb:21:66:99:83:1c:
73:91:dd:eb:43:84:2b:71:93:32:8a:90:38:5d:b6:0e:93:c0:
30:93:05:7d:a2:1e:7c:b0:57:6b:d9:a0:c4:a7:25:5f:10:e2:
d5:a9:ea:98:e5:41:0c:ac:b6:9e:a0:0b:16:06:ff:4f:4d:5e:
7a:bf:9e:32:c6:d3:96:05:b8:f6:04:81:60:d4:f7:c7:83:a3:
b6:68:f6:fc:0a:f9:cd:c7:37:62:44:91:44:b6:b2:1d:41:7c:
52:59:6a:5c:f6:a5:97:44:7e:53:c9:36:47:8f:27:ee:53:44:
7b:27:2f:b9:37:6c:1b:b8:01:02:bb:c8:cc:bf:e2:59:02:41:
35:61:2e:42:f6:68:a1:b1:35:b5:42:fa:38:3e:25:9e:d2:0f:
3e:07:78:d1:4b:56:c3:53:34:a2:fc:81:cd:99:d6:69:0a:cd:
04:d2:57:a4:58:10:ca:12:b7:72:5a:80:45:c4:58:ce:d1:8d:
ee:ed:04:14:7b:19:4e:3a:7e:91:b2:c2:ea:27:0d:35:07:e5:
a2:e4:85:09:75:08:a3:72:ae:f3:5f:80:9e:ea:c4:9d:cd:3c:
52:93:3e:8b:c9:7d:3b:ac:54:73:64:bb:ad:1d:41:1d:30:8b:
ca:4b:97:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZU5AcWdWYmUTwavZhUj1s5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMjI0MTcyOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWIxYjg2MmM0YWYxMmE1MjUzZWNkZWI1MGIwYWJkODhmZDI5Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqRpIeU42oDQ0LPNFbVhbM9FSovT
9dG+leynNzkYZGZ6IEV42gyAVnKZYKZWPjsyBLtom2aMMeqaVoUJhastDUQq7QRH
aiZDavDFdwte4AHlAzQqO+TSQy4HI3ko7zdL9WK3fM2qEwAPrW0PjDfzsJGLnlO1
8Vtv9PHfC8+eezi6iCkDBesj6sYI42bkG7NyLS0cZW8EjlZRnK09953henQ/7fsW
bh4OH2gNWMWy8FLilYs+RvxV32ydNeygsHrKoIN8oJioHUyLdU+IcrTNkiAFSJ4p
Ly1bEj5JMdednp0hVzv3DCJAv6JzX/V2eEN/5lUZVC3y8Sjf+e2o9a6prwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJqxuGLErxKlJT7N61Cwq9iP0pyHMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvbXJHNFlzU3ZFcVVsUHMzclVMQ3IySV9TbkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtiCUD
BAMtiCADBAG5JhoDBADCH6UwDQYJKoZIhvcNAQELBQADggEBAF4+bqRcCz7fdzUl
wbshZpmDHHOR3etDhCtxkzKKkDhdtg6TwDCTBX2iHnywV2vZoMSnJV8Q4tWp6pjl
QQystp6gCxYG/09NXnq/njLG05YFuPYEgWDU98eDo7Zo9vwK+c3HN2JEkUS2sh1B
fFJZalz2pZdEflPJNkePJ+5TRHsnL7k3bBu4AQK7yMy/4lkCQTVhLkL2aKGxNbVC
+jg+JZ7SDz4HeNFLVsNTNKL8gc2Z1mkKzQTSV6RYEMoSt3JagEXEWM7Rje7tBBR7
GU46fpGywuonDTUH5aLkhQl1CKNyrvNfgJ7qxJ3NPFKTPovJfTusVHNku60dQR0w
i8pLl4g=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:06:49 2025 by rpki-client