Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N5hi6IdUqNcLj5NapwyK1bdLsjk.roa
File: N5hi6IdUqNcLj5NapwyK1bdLsjk.roa (raw, json)
Hash identifier: YKut2yOoo8uzF2RFNhsDCUJTnhnD52kEaq2W6t5fjsU=
Subject key identifier: 37:98:62:E8:87:54:A8:D7:0B:8F:93:5A:A7:0C:8A:D5:B7:4B:B2:39
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01973FC274C0B50FD21DC4A3FD478244B809
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N5hi6IdUqNcLj5NapwyK1bdLsjk.roa
Signing time: Thu 05 Jun 2025 11:03:17 +0000
ROA not before: Thu 05 Jun 2025 11:03:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.154.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Jun 2025 13:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:c2:74:c0:b5:0f:d2:1d:c4:a3:fd:47:82:44:b8:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 5 11:03:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=379862e88754a8d70b8f935aa70c8ad5b74bb239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:10:10:4b:af:c4:40:3a:49:fc:38:20:6a:ed:
c2:a4:68:40:d3:56:8a:d8:74:b9:8a:41:8d:03:a2:
36:c7:cb:07:99:1d:d7:36:73:92:f9:d1:5e:18:53:
bd:df:ff:dc:e6:c3:01:45:4a:2c:89:36:60:97:6b:
1c:24:f9:25:62:28:f9:cb:41:67:b4:04:cd:0c:2e:
f2:12:96:a7:1a:71:46:21:58:50:2d:5e:c7:bf:05:
aa:d0:16:22:7d:81:a6:a4:53:2e:c5:2d:a9:47:29:
cb:3c:fa:ac:2d:44:07:3a:6c:ce:22:2f:e3:2f:ad:
ce:98:c7:bb:f5:0b:05:81:a8:09:53:4f:a4:d6:eb:
89:68:5a:8f:12:8c:23:65:b2:17:12:80:8a:47:65:
a7:38:df:33:97:71:28:9e:11:08:ee:0c:16:d6:78:
a8:44:e8:37:26:bf:9d:21:22:a2:4b:55:5c:c6:65:
e1:c5:6f:90:ce:95:de:d8:7a:60:8b:3a:c5:e6:ba:
30:64:22:18:ed:84:ba:f4:43:f1:51:78:00:fd:f5:
8c:e0:8e:cf:16:4b:a9:46:6e:c0:b6:4a:c0:5d:11:
1e:7c:41:41:4d:bf:53:5b:b4:f3:80:7e:e2:7c:e3:
c8:91:c4:83:46:ce:02:44:06:bc:b6:e0:dc:a8:e8:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:98:62:E8:87:54:A8:D7:0B:8F:93:5A:A7:0C:8A:D5:B7:4B:B2:39
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N5hi6IdUqNcLj5NapwyK1bdLsjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0/24
77.242.148.0/24
77.242.151.0/24
77.242.154.0/24
83.137.156.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.219.0/24
88.209.247.0/24
88.209.254.0/24
92.52.208.0/21
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:aa:38:36:77:a0:71:94:3a:22:78:79:b8:4f:a1:6a:77:02:
cb:1b:d3:64:8a:99:46:69:8b:bc:8c:70:aa:9d:af:e2:f5:54:
5e:36:1d:88:4c:4e:ca:e2:39:44:59:d1:12:ae:60:74:2c:d6:
30:89:5b:7b:1e:00:26:68:20:3c:5c:96:34:18:fb:ab:d2:5e:
70:13:a2:97:27:6b:f7:fd:c0:e1:a3:29:1b:c7:b6:16:3c:f7:
a9:3e:25:c4:02:18:3b:5d:ba:e3:38:66:9d:fa:ea:63:27:d0:
4b:e6:e6:76:e8:df:09:4e:39:68:c3:a6:bb:6d:96:d3:c6:32:
be:73:a8:50:ff:01:03:9e:78:ee:51:f9:c5:f8:35:03:55:46:
69:6d:8b:20:f3:7b:40:a0:ef:ab:02:31:bf:b0:dd:73:c4:d0:
66:61:55:6e:e1:fb:ba:3d:1f:29:f5:31:f0:ee:e1:a7:6c:e5:
94:28:4e:0e:da:82:ec:47:b8:06:44:6e:ae:cb:7f:7f:f7:5e:
95:d1:ce:2a:fa:36:4f:cb:1f:67:d5:47:88:69:9e:ca:97:8d:
83:ec:e3:41:ab:b6:c5:a7:10:ec:b2:88:50:c6:0a:54:96:17:
23:1c:b6:7f:aa:d4:22:d7:43:2a:03:77:78:fe:9d:9e:fb:c7:
11:7a:65:41
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZc/wnTAtQ/SHcSj/UeCRLgJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjA1MTEwMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk4NjJlODg3NTRhOGQ3MGI4ZjkzNWFhNzBjOGFkNWI3NGJiMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BAQS6/EQDpJ/Dggau3CpGhA01aK
2HS5ikGNA6I2x8sHmR3XNnOS+dFeGFO93//c5sMBRUosiTZgl2scJPklYij5y0Fn
tATNDC7yEpanGnFGIVhQLV7HvwWq0BYifYGmpFMuxS2pRynLPPqsLUQHOmzOIi/j
L63OmMe79QsFgagJU0+k1uuJaFqPEowjZbIXEoCKR2WnON8zl3EonhEI7gwW1nio
ROg3Jr+dISKiS1VcxmXhxW+QzpXe2HpgizrF5rowZCIY7YS69EPxUXgA/fWM4I7P
FkupRm7AtkrAXREefEFBTb9TW7TzgH7ifOPIkcSDRs4CRAa8tuDcqOixOQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFDeYYuiHVKjXC4+TWqcMitW3S7I5MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTjVoaTZJZFVxTmNMajVOYXB3eUsxYmRMc2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBhwQCAAEwgYAwDAME
AC0JqQMEAi0JqAMEAS0OCgMEAC1YXQMEAE3ykAMEAE3ylAMEAE3ylwMEAE3ymgME
AFOJnAMEAFOJngMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEAFjR2wME
AFjR9wMEAFjR/gMEA1w00AMEA7L4yAMEAMGKfTAbBAIAAjAVAwUDKgAfQAMFAyoF
9cADBQMqDPHAMA0GCSqGSIb3DQEBCwUAA4IBAQCSqjg2d6BxlDoieHm4T6FqdwLL
G9NkiplGaYu8jHCqna/i9VReNh2ITE7K4jlEWdESrmB0LNYwiVt7HgAmaCA8XJY0
GPur0l5wE6KXJ2v3/cDhoykbx7YWPPepPiXEAhg7XbrjOGad+upjJ9BL5uZ26N8J
Tjlow6a7bZbTxjK+c6hQ/wEDnnjuUfnF+DUDVUZpbYsg83tAoO+rAjG/sN1zxNBm
YVVu4fu6PR8p9THw7uGnbOWUKE4O2oLsR7gGRG6uy39/916V0c4q+jZPyx9n1UeI
aZ7Kl42D7ONBq7bFpxDssohQxgpUlhcjHLZ/qtQi10MqA3d4/p2e+8cRemVB
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:46:56 2025 by rpki-client