Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4xbb0VcKni1pagVBBP9RMD3X7YY.roa
File: 4xbb0VcKni1pagVBBP9RMD3X7YY.roa (raw, json)
Hash identifier: a68IdQkruGhwAf85EFRtzFAyRy29US/eqmpVxH7avfY=
Subject key identifier: E3:16:DB:D1:57:0A:9E:2D:69:6A:05:41:04:FF:51:30:3D:D7:ED:86
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019473297DDFE94F051DF92A0B9E22A85011
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4xbb0VcKni1pagVBBP9RMD3X7YY.roa
Signing time: Fri 17 Jan 2025 07:28:06 +0000
ROA not before: Fri 17 Jan 2025 07:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.246.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 17 Mar 2025 10:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:29:7d:df:e9:4f:05:1d:f9:2a:0b:9e:22:a8:50:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 17 07:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e316dbd1570a9e2d696a054104ff51303dd7ed86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b1:e0:4e:e8:21:c2:c1:9d:d5:1b:a3:ca:6f:
3d:73:6d:cf:64:d3:11:12:e2:13:a4:7c:5d:ea:90:
20:94:c7:0a:cf:82:94:54:23:63:b3:ff:7e:e1:18:
25:fe:bf:79:f3:25:2b:44:28:8c:99:a5:ed:f6:4d:
00:c6:3c:e8:24:91:f3:ee:a2:1e:e6:76:3b:0b:84:
f9:c4:7a:73:26:51:4f:8f:5c:23:06:cd:2b:4f:51:
9b:42:84:b1:06:2e:48:13:da:0e:80:44:83:51:90:
74:a0:f5:fe:2f:d1:0c:eb:10:6b:86:a3:d9:1c:d4:
6a:05:81:93:a5:e7:2b:be:c8:57:29:8a:76:b0:00:
63:11:f5:4c:9a:8c:05:be:a6:79:c1:6f:84:68:0f:
33:42:bc:7d:0e:7a:9a:65:40:4a:06:2e:40:d8:3d:
db:05:ac:f5:29:03:6c:7a:46:7e:0a:93:6f:fc:f8:
63:bb:2e:f1:d4:06:63:a1:03:4f:b9:6f:a5:32:3f:
14:72:08:6f:ee:09:9f:92:cf:c9:b4:ab:ef:d1:16:
61:f8:fa:0a:3a:d2:90:5d:00:69:b9:3b:81:46:4a:
3a:96:81:fc:2f:b0:ff:b6:c0:4f:d0:c8:67:cb:89:
6b:d0:f2:06:7c:9a:85:70:91:cd:28:21:f5:97:5b:
7f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:16:DB:D1:57:0A:9E:2D:69:6A:05:41:04:FF:51:30:3D:D7:ED:86
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4xbb0VcKni1pagVBBP9RMD3X7YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0/24
77.242.148.0/24
77.242.151.0/24
83.137.153.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.219.0/24
88.209.246.0/23
92.52.208.0/21
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:34:83:9c:8e:bf:6f:3b:4a:e2:d0:22:94:ab:62:3b:5d:ff:
8a:a8:46:81:a4:b7:4d:12:6c:b8:85:98:70:df:26:ad:49:90:
26:21:23:e4:6b:59:a1:02:8b:e3:90:a3:f4:1d:b4:7f:f6:67:
d3:0a:a0:9f:06:12:5b:11:c4:95:10:cb:54:db:b8:48:6f:19:
85:23:21:87:b8:65:ee:66:e8:0c:53:54:a9:1c:6f:ab:b3:99:
a6:59:58:f5:93:d3:b9:c4:c6:53:7a:28:99:5f:6a:63:de:28:
22:63:f2:88:86:c7:56:d0:2a:6d:d9:66:9e:b9:0a:55:0d:7f:
88:48:09:85:52:09:70:d6:df:d2:37:f8:27:c8:c7:fb:b4:08:
bf:60:2f:d0:1f:a6:1c:67:2b:e7:b6:f2:1b:b2:13:a1:40:3e:
67:f8:d8:36:fa:70:fc:e1:76:e2:af:41:76:f9:5b:d7:6a:87:
ee:49:16:e2:51:00:de:e2:fa:a3:1d:d5:6d:64:e7:10:a1:21:
e1:a6:65:3c:45:72:e7:5f:c1:dd:5b:6c:03:4a:30:65:89:ba:
d1:2f:e3:d9:06:b2:cc:2d:d1:77:d0:8d:2b:bf:53:a9:51:7a:
ea:cb:2f:aa:a2:df:e8:d9:cb:82:3e:a6:42:d4:e2:b7:93:dd:
a4:e3:11:b1
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZRzKX3f6U8FHfkqC54iqFARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTE3MDcyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE2ZGJkMTU3MGE5ZTJkNjk2YTA1NDEwNGZmNTEzMDNkZDdlZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7HgTughwsGd1Rujym89c23PZNMR
EuITpHxd6pAglMcKz4KUVCNjs/9+4Rgl/r958yUrRCiMmaXt9k0AxjzoJJHz7qIe
5nY7C4T5xHpzJlFPj1wjBs0rT1GbQoSxBi5IE9oOgESDUZB0oPX+L9EM6xBrhqPZ
HNRqBYGTpecrvshXKYp2sABjEfVMmowFvqZ5wW+EaA8zQrx9DnqaZUBKBi5A2D3b
Baz1KQNsekZ+CpNv/Phjuy7x1AZjoQNPuW+lMj8Ucghv7gmfks/JtKvv0RZh+PoK
OtKQXQBpuTuBRko6loH8L7D/tsBP0Mhny4lr0PIGfJqFcJHNKCH1l1t/vwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFOMW29FXCp4taWoFQQT/UTA91+2GMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNHhiYjBWY0tuaTFwYWdWQkJQOVJNRDNYN1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzB0BAIAATBuMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0DBABN8pADBABN8pQDBABN8pcDBABTiZkDBABY
0cEDBABY0cQDBABY0dADBABY0dIDBAJY0dQDBABY0dsDBAFY0fYDBANcNNADBAOy
+MgDBADBin0wGwQCAAIwFQMFAyoAH0ADBQMqBfXAAwUDKgzxwDANBgkqhkiG9w0B
AQsFAAOCAQEAFDSDnI6/bztK4tAilKtiO13/iqhGgaS3TRJsuIWYcN8mrUmQJiEj
5GtZoQKL45Cj9B20f/Zn0wqgnwYSWxHElRDLVNu4SG8ZhSMhh7hl7mboDFNUqRxv
q7OZpllY9ZPTucTGU3oomV9qY94oImPyiIbHVtAqbdlmnrkKVQ1/iEgJhVIJcNbf
0jf4J8jH+7QIv2Av0B+mHGcr57byG7IToUA+Z/jYNvpw/OF24q9Bdvlb12qH7kkW
4lEA3uL6ox3VbWTnEKEh4aZlPEVy51/B3VtsA0owZYm60S/j2QayzC3Rd9CNK79T
qVF66ssvqqLf6NnLgj6mQtTit5PdpOMRsQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:30 2025 by rpki-client