Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UdsSncOANSg1BeaRzCCTUiFj31M.roa
File: UdsSncOANSg1BeaRzCCTUiFj31M.roa (raw, json)
Hash identifier: 1hXdlaEJsQTHFIINFbcTyRsSZqIHMOVYZQ75pnH/31Q=
Subject key identifier: 51:DB:12:9D:C3:80:35:28:35:05:E6:91:CC:20:93:52:21:63:DF:53
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01941FFA163C4C92AA6D38E98CAF42F63E14
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UdsSncOANSg1BeaRzCCTUiFj31M.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:16:3c:4c:92:aa:6d:38:e9:8c:af:42:f6:3e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51db129dc38035283505e691cc2093522163df53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:83:40:f6:b9:54:ad:e7:90:6b:4d:fe:96:
f7:28:84:5d:98:78:6f:a9:7d:64:b1:5b:a0:f6:41:
b2:a6:b4:09:69:45:ba:5f:da:13:c5:ae:75:44:cf:
3c:33:bc:4f:00:05:22:c6:1e:90:6c:44:ce:b4:c3:
f5:e5:9f:4c:c1:f5:7b:64:57:40:cf:b2:36:02:16:
bf:78:21:7d:2c:82:f9:5d:12:db:62:d3:2c:fb:00:
30:03:da:26:8f:8b:cc:dd:6e:13:7b:6c:49:ee:85:
da:71:90:85:8c:fe:38:1a:f4:5b:88:1a:51:a9:6a:
f2:60:1c:19:fe:32:a7:55:29:0e:ab:40:7c:76:11:
46:84:21:11:45:1e:f0:62:65:45:04:ce:9a:fa:be:
5c:74:9b:2a:8d:84:01:22:f9:95:93:7f:8d:ae:09:
42:cf:e6:af:7d:d5:a1:57:ab:e8:f4:1e:af:6b:08:
55:49:b9:fe:0d:4b:57:1e:41:4d:fe:2c:a2:d4:55:
b8:58:56:49:fd:75:e1:c4:f4:ea:7c:52:7b:b2:a6:
4c:88:c9:22:88:bb:71:ec:26:8b:31:ad:bf:d4:6e:
f2:0d:97:08:cf:e6:3e:d9:81:5b:d4:cb:25:51:a1:
a1:50:f2:6e:4c:be:b8:6c:70:75:80:a2:42:0f:80:
be:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DB:12:9D:C3:80:35:28:35:05:E6:91:CC:20:93:52:21:63:DF:53
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UdsSncOANSg1BeaRzCCTUiFj31M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.227.255
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
48:34:78:52:a6:af:8f:d9:81:6b:6d:6e:12:bd:76:4a:9f:e6:
ee:64:58:84:66:67:f0:eb:2d:cc:37:bc:51:8f:ea:04:98:07:
94:04:81:8a:17:4b:f6:b9:95:df:0b:44:ae:72:1f:92:1b:28:
ba:e9:b0:70:80:fa:e7:c7:b7:9f:41:ee:6a:1f:a1:01:97:cc:
48:76:47:9a:8c:a3:99:99:fe:d3:67:f8:6c:19:07:14:98:24:
5d:77:e1:3b:c7:02:ff:51:7f:e9:80:4c:25:1f:d4:59:2d:04:
ab:67:59:4c:59:88:78:7e:34:73:cc:3a:10:84:d8:1b:6b:d0:
d8:e6:a0:26:8a:7f:3f:a9:92:39:1c:32:c6:2b:0b:ca:25:5c:
b3:1a:6c:94:2c:20:19:e1:2b:5a:f4:93:1b:b1:2d:5f:70:eb:
cf:77:2f:8f:1b:72:9b:b9:8a:bd:3f:85:b5:a7:c1:a3:bf:00:
12:37:7b:ee:d4:b1:46:e9:47:ce:bc:5c:c1:e8:2e:2e:59:c0:
cc:f5:a1:f7:59:78:c9:58:ca:9b:82:d4:1d:73:f5:0e:c3:07:
d6:26:12:26:e7:93:a8:76:d4:7f:4e:0d:c2:78:e0:58:40:09:
4e:ad:a8:60:37:71:7a:98:08:cd:42:e1:28:bf:3f:19:33:f0:
cc:cb:64:a8
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZQf+hY8TJKqbTjpjK9C9j4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWRiMTI5ZGMzODAzNTI4MzUwNWU2OTFjYzIwOTM1MjIxNjNkZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwGDQPa5VK3nkGtN/pb3KIRdmHhv
qX1ksVug9kGyprQJaUW6X9oTxa51RM88M7xPAAUixh6QbETOtMP15Z9MwfV7ZFdA
z7I2Aha/eCF9LIL5XRLbYtMs+wAwA9omj4vM3W4Te2xJ7oXacZCFjP44GvRbiBpR
qWryYBwZ/jKnVSkOq0B8dhFGhCERRR7wYmVFBM6a+r5cdJsqjYQBIvmVk3+NrglC
z+avfdWhV6vo9B6vawhVSbn+DUtXHkFN/iyi1FW4WFZJ/XXhxPTqfFJ7sqZMiMki
iLtx7CaLMa2/1G7yDZcIz+Y+2YFb1MslUaGhUPJuTL64bHB1gKJCD4C+mwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFFHbEp3DgDUoNQXmkcwgk1IhY99TMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVWRzU25jT0FOU2cxQmVhUnpDQ1RVaUZqMzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAIt
jegDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAMAwQAW1wh
AwQCW1wgMAwDBANbXCgDBABbXC4wDAMEAFtcMQMEAVtcNAMEAV2YzjAMAwQAXZjR
AwQCXZjQMAwDBABdmNUDBAJdmOADBABdmOYDBAFeGhwDBAJeGkwwDAMEAF4aWQME
AF4aWgMEAF6+wwMEAblg/AMEALlg/wMEANRmaQMEANRmazANBgkqhkiG9w0BAQsF
AAOCAQEASDR4Uqavj9mBa21uEr12Sp/m7mRYhGZn8OstzDe8UY/qBJgHlASBihdL
9rmV3wtErnIfkhsouumwcID658e3n0Huah+hAZfMSHZHmoyjmZn+02f4bBkHFJgk
XXfhO8cC/1F/6YBMJR/UWS0Eq2dZTFmIeH40c8w6EITYG2vQ2OagJop/P6mSORwy
xisLyiVcsxpslCwgGeErWvSTG7EtX3Drz3cvjxtym7mKvT+FtafBo78AEjd77tSx
RulHzrxcweguLlnAzPWh91l4yVjKm4LUHXP1DsMH1iYSJueTqHbUf04NwnjgWEAJ
Tq2oYDdxepgIzULhKL8/GTPwzMtkqA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:19:09 2025 by rpki-client