Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_Tqp5ecAjQ-IQmlkHCnkjAd-6C0.roa
File: _Tqp5ecAjQ-IQmlkHCnkjAd-6C0.roa (raw, json)
Hash identifier: zC0gPBJF6E5wgAmPAzVRnE7iSsLROGcG46FgoF50kUk=
Subject key identifier: FD:3A:A9:E5:E7:00:8D:0F:88:42:69:64:1C:29:E4:8C:07:7E:E8:2D
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019487B8DBD16E6714F09081EC64784039B2
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_Tqp5ecAjQ-IQmlkHCnkjAd-6C0.roa
Signing time: Tue 21 Jan 2025 07:17:06 +0000
ROA not before: Tue 21 Jan 2025 07:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.209.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 07:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:87:b8:db:d1:6e:67:14:f0:90:81:ec:64:78:40:39:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 21 07:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3aa9e5e7008d0f884269641c29e48c077ee82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d8:96:f3:b6:d4:ee:b1:b4:8d:25:0b:89:1b:
3e:e3:75:a8:e9:47:a1:8e:89:06:75:16:5a:fd:61:
4d:1c:2f:92:df:20:41:10:22:d8:f9:4a:03:34:69:
40:a5:89:dc:ed:e0:8d:8d:15:c0:2e:ee:c4:af:b3:
98:3f:ff:bb:a2:3a:4c:1d:3d:88:51:cb:65:24:c1:
a3:32:24:fb:cf:35:20:1d:42:af:e4:ad:a3:6b:f2:
f0:06:47:01:ac:1b:3e:38:8b:47:da:ff:8f:ee:a9:
26:b5:66:24:25:0c:78:a3:05:76:63:89:a9:63:34:
0b:a3:73:c7:62:e4:d6:15:9c:32:75:ec:53:88:83:
ff:af:42:8f:e4:f4:7e:de:01:c3:d6:37:1f:35:41:
eb:c4:33:3c:70:29:a9:ff:c1:79:eb:97:5f:e2:93:
22:88:3d:e9:d5:d1:e3:f1:d0:11:87:70:99:2d:8b:
23:0a:19:87:88:b4:63:d7:48:56:23:c5:c5:7e:4c:
9f:38:db:44:fd:eb:64:e9:2f:3a:06:d2:3d:92:f3:
3f:04:64:e9:74:07:c0:f4:50:d4:0e:65:08:c5:78:
02:ee:6b:37:e9:b9:18:4d:60:87:13:b7:2d:2f:30:
68:ce:34:2f:02:01:c6:ae:29:6f:46:d8:cb:81:21:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3A:A9:E5:E7:00:8D:0F:88:42:69:64:1C:29:E4:8C:07:7E:E8:2D
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_Tqp5ecAjQ-IQmlkHCnkjAd-6C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0/24
194.143.209.0/24
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.198.0/24
213.220.3.0/24
213.220.19.0/24
213.220.59.0-213.220.60.255
Signature Algorithm: sha256WithRSAEncryption
02:49:c1:e2:9a:ef:3f:e0:63:3d:4c:04:37:cc:1b:50:e4:83:
64:40:32:26:47:ab:40:65:c7:21:69:f8:6c:88:ca:6b:69:88:
5d:f5:c8:f1:75:72:3a:4f:7c:32:39:43:24:74:2a:31:43:ba:
a7:cf:c8:7e:45:f6:7d:15:51:33:15:e7:d6:ea:51:52:58:a2:
fc:d3:cf:2e:94:e9:19:e1:e4:ce:27:3f:f4:c9:45:48:a6:e6:
05:d8:08:bd:2d:a9:ce:8d:8d:fd:5d:a1:b3:0b:f5:88:be:32:
a5:b6:4b:e7:4a:e9:19:41:21:66:99:3e:97:4f:2b:39:b4:98:
bd:29:01:1d:70:5c:28:01:08:e3:4c:4c:db:02:f5:cc:55:14:
d6:f8:a4:64:23:58:a1:28:a0:78:0e:80:36:ca:c4:c7:7c:6b:
fb:1a:a3:13:d7:6c:e0:cb:0b:3f:cd:f6:8d:70:f6:fb:f9:cb:
6a:e9:5f:30:00:92:60:89:43:fb:ff:b4:ef:74:9e:fb:cc:dc:
31:dd:88:88:50:9c:27:82:93:96:9a:3e:ed:0a:47:57:be:66:
9a:db:4f:22:25:55:a1:54:43:86:c0:46:bd:70:50:22:7c:be:
57:fc:51:60:2b:7f:ae:5b:c9:57:c3:eb:98:c7:c7:4b:46:a7:
b2:36:d6:2c
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZSHuNvRbmcU8JCB7GR4QDmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTIxMDcxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNhYTllNWU3MDA4ZDBmODg0MjY5NjQxYzI5ZTQ4YzA3N2VlODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktiW87bU7rG0jSULiRs+43Wo6Ueh
jokGdRZa/WFNHC+S3yBBECLY+UoDNGlApYnc7eCNjRXALu7Er7OYP/+7ojpMHT2I
UctlJMGjMiT7zzUgHUKv5K2ja/LwBkcBrBs+OItH2v+P7qkmtWYkJQx4owV2Y4mp
YzQLo3PHYuTWFZwydexTiIP/r0KP5PR+3gHD1jcfNUHrxDM8cCmp/8F565df4pMi
iD3p1dHj8dARh3CZLYsjChmHiLRj10hWI8XFfkyfONtE/etk6S86BtI9kvM/BGTp
dAfA9FDUDmUIxXgC7ms36bkYTWCHE7ctLzBozjQvAgHGrilvRtjLgSHXVQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFP06qeXnAI0PiEJpZBwp5IwHfugtMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvX1RxcDVlY0FqUS1JUW1sa0hDbmtqQWQtNkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZvwAwQA
LZvyAwQAwo/NAwQAwo/RAwQAwo/ZAwQAwo/dAwQAw3LAAwQAw3LGAwQA1dwDAwQA
1dwTMAwDBADV3DsDBADV3DwwDQYJKoZIhvcNAQELBQADggEBAAJJweKa7z/gYz1M
BDfMG1Dkg2RAMiZHq0BlxyFp+GyIymtpiF31yPF1cjpPfDI5QyR0KjFDuqfPyH5F
9n0VUTMV59bqUVJYovzTzy6U6Rnh5M4nP/TJRUim5gXYCL0tqc6Njf1dobML9Yi+
MqW2S+dK6RlBIWaZPpdPKzm0mL0pAR1wXCgBCONMTNsC9cxVFNb4pGQjWKEooHgO
gDbKxMd8a/saoxPXbODLCz/N9o1w9vv5y2rpXzAAkmCJQ/v/tO90nvvM3DHdiIhQ
nCeCk5aaPu0KR1e+ZprbTyIlVaFUQ4bARr1wUCJ8vlf8UWArf65byVfD65jHx0tG
p7I21iw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:13:38 2025 by rpki-client