Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gE7ueudz6XHmm5OIkUpikNoWJig.roa
File: gE7ueudz6XHmm5OIkUpikNoWJig.roa (raw, json)
Hash identifier: WPXfUdDpvK9mlUFw7x84SAWkZcxiBdQzE+WGfCvMXqA=
Subject key identifier: 80:4E:EE:7A:E7:73:E9:71:E6:9B:93:88:91:4A:62:90:DA:16:26:28
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019657679D7DACA9596C7D042ACA7684CE37
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gE7ueudz6XHmm5OIkUpikNoWJig.roa
Signing time: Mon 21 Apr 2025 08:12:10 +0000
ROA not before: Mon 21 Apr 2025 08:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Apr 2025 07:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:67:9d:7d:ac:a9:59:6c:7d:04:2a:ca:76:84:ce:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 21 08:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=804eee7ae773e971e69b9388914a6290da162628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:e4:7d:32:da:bb:a5:06:c6:7e:10:d2:b2:
df:81:e9:a3:bd:58:ed:11:72:0e:56:07:03:c8:4a:
cc:eb:a9:26:7e:ce:4d:07:ea:7c:88:ae:ab:6f:20:
f8:71:ec:f4:c7:28:19:19:b1:08:6f:97:52:b1:ec:
0a:69:5c:a4:07:4d:df:c8:28:ef:d1:e9:4d:6a:61:
bd:74:80:79:f2:e9:89:6c:ae:9b:f1:9d:e0:14:c9:
b7:2b:a5:7e:1d:f8:a1:53:a6:2e:63:54:d4:97:db:
68:ee:fc:d9:cf:04:d4:76:9f:98:5f:d2:ef:d9:24:
7f:5d:77:73:66:9c:bb:07:86:cc:0e:f6:7d:56:38:
a7:8c:87:44:61:73:c3:1c:0e:01:d8:00:5f:6c:f2:
3f:89:de:14:e1:62:f3:c7:5e:41:58:e6:1a:0e:c4:
e7:79:c4:ec:b3:30:a7:c6:13:7e:2c:bc:ec:43:d0:
33:78:c1:2f:af:5a:60:1e:2c:46:4c:42:f5:8c:79:
1a:b5:1c:13:33:52:bc:3c:35:b8:e4:75:13:04:6d:
81:c5:68:e5:96:8e:d4:85:a0:70:9c:50:f5:08:a6:
de:b7:c4:fd:9e:4f:40:7b:42:2b:86:d6:5e:6b:ac:
78:43:e7:04:61:ed:76:22:05:49:ac:86:43:0e:8a:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4E:EE:7A:E7:73:E9:71:E6:9B:93:88:91:4A:62:90:DA:16:26:28
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gE7ueudz6XHmm5OIkUpikNoWJig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0/24
213.220.2.0/24
213.220.4.0/23
Signature Algorithm: sha256WithRSAEncryption
97:9e:cc:d1:78:a2:84:05:8c:42:a9:87:fa:11:78:46:94:35:
7a:e9:e4:cc:1e:78:c6:e4:35:3a:9c:9e:c0:82:5a:31:4a:73:
dc:2a:9b:d4:8a:7f:67:4a:8f:24:45:00:a4:da:ac:0f:d6:3f:
c2:0e:5a:35:21:2d:cb:6e:96:7f:71:3f:e9:e8:41:9f:de:79:
a2:8d:44:08:fa:05:1a:e9:4b:86:eb:ab:58:ab:40:74:05:20:
bf:ef:43:b7:6e:c9:28:26:05:15:a5:33:0f:7d:af:77:8a:dc:
77:90:8c:97:a1:e0:03:76:e2:4c:66:3f:cd:1e:6a:db:70:11:
76:68:94:51:86:15:c4:8f:90:fa:d7:66:e1:c9:ce:c9:86:b6:
62:52:04:77:5c:41:77:40:d3:c0:11:ba:f5:84:44:df:ce:2a:
76:1c:39:07:ec:32:cc:6a:3b:38:78:3e:e1:cf:37:75:03:87:
75:51:d0:fc:66:ce:05:9b:4f:67:24:23:ed:ce:d1:7e:ef:61:
48:5c:4b:b0:7e:73:35:f4:10:92:c8:73:ca:be:1d:da:dd:fc:
60:68:78:28:c0:7a:40:57:47:a6:6c:49:7e:ef:47:0a:cd:a3:
16:62:e0:c9:ce:fa:ee:6c:d8:ad:f4:d6:f5:ac:38:ff:1a:69:
60:64:46:d3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZZXZ519rKlZbH0EKsp2hM43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDIxMDgxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRlZWU3YWU3NzNlOTcxZTY5YjkzODg5MTRhNjI5MGRhMTYyNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5rkfTLau6UGxn4Q0rLfgemjvVjt
EXIOVgcDyErM66kmfs5NB+p8iK6rbyD4cez0xygZGbEIb5dSsewKaVykB03fyCjv
0elNamG9dIB58umJbK6b8Z3gFMm3K6V+HfihU6YuY1TUl9to7vzZzwTUdp+YX9Lv
2SR/XXdzZpy7B4bMDvZ9VjinjIdEYXPDHA4B2ABfbPI/id4U4WLzx15BWOYaDsTn
ecTsszCnxhN+LLzsQ9AzeMEvr1pgHixGTEL1jHkatRwTM1K8PDW45HUTBG2BxWjl
lo7UhaBwnFD1CKbet8T9nk9Ae0IrhtZea6x4Q+cEYe12IgVJrIZDDopwQwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFIBO7nrnc+lx5puTiJFKYpDaFiYoMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZ0U3dWV1ZHo2WEhtbTVPSWtVcGlrTm9XSmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAQtm/AD
BAAtm/IwDAMEAMKPzQMEBMKPwAMEAMKP2QMEAMKP3QMEAMNywAMEAMNywwMEAMNy
xQMEANXcAgMEAdXcBDANBgkqhkiG9w0BAQsFAAOCAQEAl57M0XiihAWMQqmH+hF4
RpQ1eunkzB54xuQ1OpyewIJaMUpz3Cqb1Ip/Z0qPJEUApNqsD9Y/wg5aNSEty26W
f3E/6ehBn955oo1ECPoFGulLhuurWKtAdAUgv+9Dt27JKCYFFaUzD32vd4rcd5CM
l6HgA3biTGY/zR5q23ARdmiUUYYVxI+Q+tdm4cnOyYa2YlIEd1xBd0DTwBG69YRE
384qdhw5B+wyzGo7OHg+4c83dQOHdVHQ/GbOBZtPZyQj7c7Rfu9hSFxLsH5zNfQQ
kshzyr4d2t38YGh4KMB6QFdHpmxJfu9HCs2jFmLgyc767mzYrfTW9aw4/xppYGRG
0w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:02:26 2025 by rpki-client