Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/BY9VXuLempthzVDlar3yxyZRRdc.roa
File: BY9VXuLempthzVDlar3yxyZRRdc.roa (raw, json)
Hash identifier: KLjs5PnfrFPA2ZELnt/3VPFQcyNWlxn/muEpNg0kTTM=
Subject key identifier: 05:8F:55:5E:E2:DE:9A:9B:61:CD:50:E5:6A:BD:F2:C7:26:51:45:D7
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01956130728869A9B3DFD0E07262373883E9
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/BY9VXuLempthzVDlar3yxyZRRdc.roa
Signing time: Tue 04 Mar 2025 12:45:19 +0000
ROA not before: Tue 04 Mar 2025 12:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 03 Apr 2025 20:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:30:72:88:69:a9:b3:df:d0:e0:72:62:37:38:83:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 4 12:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=058f555ee2de9a9b61cd50e56abdf2c7265145d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e8:4a:3c:7c:66:14:a7:8a:72:72:0e:50:b4:
9a:c8:f9:dc:72:08:7c:75:03:23:f4:54:b4:02:88:
0b:1a:3d:65:72:df:f0:50:2b:d4:c3:f0:16:85:26:
58:39:01:b4:50:3d:a3:5c:d0:45:98:56:de:e3:0a:
dd:5a:d9:f9:cd:6b:88:7d:c0:5f:af:06:af:e8:26:
c6:35:8c:b5:24:fc:04:72:d6:e7:9a:5e:c7:b0:77:
5d:08:51:8f:80:9a:cd:3a:d0:ab:e7:4e:a7:a9:99:
52:02:45:6c:d1:47:be:99:7e:c2:f6:3c:6e:03:f1:
a3:24:94:91:c9:76:b1:a7:e4:b1:5c:70:64:ef:68:
48:1a:24:96:7f:ec:04:da:36:12:58:90:37:81:14:
f9:6e:ff:33:15:aa:d9:a1:d7:c8:c6:ed:55:63:40:
ea:dd:ed:d8:73:f1:1d:d5:db:2f:02:7a:cd:ec:cc:
c1:ad:0d:7c:6f:2e:a1:12:86:a7:02:71:f5:e0:68:
9c:59:96:21:a7:20:cf:b5:d0:f7:e2:99:7e:7b:46:
99:13:15:d4:f8:8a:35:29:ff:3d:c6:9a:3f:c8:68:
f7:6d:8b:70:e5:3a:2e:55:50:e3:f4:29:09:c6:dc:
db:7f:2b:7f:40:d8:7e:6d:6a:10:96:d5:06:da:1d:
63:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8F:55:5E:E2:DE:9A:9B:61:CD:50:E5:6A:BD:F2:C7:26:51:45:D7
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/BY9VXuLempthzVDlar3yxyZRRdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/22
45.136.4.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
2b:cf:76:26:d1:2c:86:2f:f3:57:11:72:00:38:71:9a:76:5b:
f1:23:72:1e:c8:9f:4d:f7:3d:0e:e4:d8:1d:9c:36:22:65:c3:
5b:26:c7:c6:88:d3:65:80:3c:bb:1f:cf:6c:6a:8d:0c:55:df:
56:3a:dd:84:44:34:67:9e:05:29:ec:51:8f:86:3e:92:4a:ad:
47:e8:a8:57:0f:2c:20:a7:a1:67:c1:b2:f5:30:08:bf:aa:c2:
97:0e:8d:05:cc:d3:6c:71:f3:75:f8:17:14:4e:f2:c7:8e:dc:
ca:37:b0:5e:34:46:21:0c:f1:ec:de:06:40:1e:17:63:63:d4:
d3:7f:b4:bd:13:5d:33:eb:94:25:60:bc:eb:d5:fb:fb:49:3d:
25:0a:fc:d7:d7:52:0b:09:83:61:cd:ca:fe:53:df:2d:24:63:
b9:7e:b1:0d:1d:5a:58:94:52:4b:ed:a1:ac:29:56:f5:ed:7c:
b8:ee:a0:38:c8:3d:1f:30:de:ee:1f:5a:0f:4a:67:9b:a7:d6:
68:18:17:ab:ce:a2:5f:8d:bc:80:85:35:30:a5:73:27:d8:2c:
f5:3d:3d:b7:0e:d6:a4:5e:65:4a:eb:10:0d:a6:b1:90:88:99:
b0:8a:18:f7:b3:07:3f:58:2f:c9:99:9b:11:14:5c:8c:a0:f8:
88:9f:e0:e5
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZVhMHKIaamz39DgcmI3OIPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwMzA0MTI0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThmNTU1ZWUyZGU5YTliNjFjZDUwZTU2YWJkZjJjNzI2NTE0NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuehKPHxmFKeKcnIOULSayPnccgh8
dQMj9FS0AogLGj1lct/wUCvUw/AWhSZYOQG0UD2jXNBFmFbe4wrdWtn5zWuIfcBf
rwav6CbGNYy1JPwEctbnml7HsHddCFGPgJrNOtCr506nqZlSAkVs0Ue+mX7C9jxu
A/GjJJSRyXaxp+SxXHBk72hIGiSWf+wE2jYSWJA3gRT5bv8zFarZodfIxu1VY0Dq
3e3Yc/Ed1dsvAnrN7MzBrQ18by6hEoanAnH14GicWZYhpyDPtdD34pl+e0aZExXU
+Io1Kf89xpo/yGj3bYtw5TouVVDj9CkJxtzbfyt/QNh+bWoQltUG2h1jFwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFAWPVV7i3pqbYc1Q5Wq98scmUUXXMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvQlk5Vlh1TGVtcHRoelZEbGFyM3l4eVpSUmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBYBAIAATBSMAwDBAAF
tGkDBAIFtGgDBAItgwADBAAtiAQDBAAtjZQDBAAtkywwDAMEA01TyAMEAE1TygME
AMJ05AMEAcJ07AMEAMKSGgMEAMKSJAMEAMKSLzBFBAIAAjA/AwUDKgmHgAMFAyoP
twADBQMqD+kAAwUDKg/rAAMFAyoP7QADBQMqD/kAAwUAKhOkQQMFACoTpEUDBQAq
E6RHMA0GCSqGSIb3DQEBCwUAA4IBAQArz3Ym0SyGL/NXEXIAOHGadlvxI3IeyJ9N
9z0O5NgdnDYiZcNbJsfGiNNlgDy7H89sao0MVd9WOt2ERDRnngUp7FGPhj6SSq1H
6KhXDywgp6FnwbL1MAi/qsKXDo0FzNNscfN1+BcUTvLHjtzKN7BeNEYhDPHs3gZA
HhdjY9TTf7S9E10z65QlYLzr1fv7ST0lCvzX11ILCYNhzcr+U98tJGO5frENHVpY
lFJL7aGsKVb17Xy47qA4yD0fMN7uH1oPSmebp9ZoGBerzqJfjbyAhTUwpXMn2Cz1
PT23DtakXmVK6xANprGQiJmwihj3swc/WC/JmZsRFFyMoPiIn+Dl
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:45:25 2025 by rpki-client