Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/k9vmrxhYPt6Q9dw3oaT6S1wg5Nw.roa
File: k9vmrxhYPt6Q9dw3oaT6S1wg5Nw.roa (raw, json)
Hash identifier: 6cKtBq2CiiI39p1T+0ohxE5XGgKSeRTmhres1Wz/JIc=
Subject key identifier: 93:DB:E6:AF:18:58:3E:DE:90:F5:DC:37:A1:A4:FA:4B:5C:20:E4:DC
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01963DB58CAB3DC81D56986CB59424DC323D
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/k9vmrxhYPt6Q9dw3oaT6S1wg5Nw.roa
Signing time: Wed 16 Apr 2025 08:27:10 +0000
ROA not before: Wed 16 Apr 2025 08:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 08:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:b5:8c:ab:3d:c8:1d:56:98:6c:b5:94:24:dc:32:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 16 08:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93dbe6af18583ede90f5dc37a1a4fa4b5c20e4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:b9:72:01:f7:bd:e3:30:16:f5:2f:a7:50:
19:2f:3f:d9:46:95:df:84:d0:92:24:b1:ab:47:9d:
e8:63:8f:ae:3d:5b:a5:7c:da:ad:f9:08:46:0e:5e:
ff:e9:79:f0:19:05:1f:4a:4c:e9:ec:79:5a:f8:3d:
c6:03:b7:a3:4c:7f:c4:ca:51:4a:82:f4:2a:7d:2a:
a6:b7:3e:52:e8:3a:d5:52:c4:9c:ca:06:6b:b0:91:
a7:0e:2d:e6:0c:4e:49:cf:24:d9:dc:69:63:65:47:
fd:2c:1d:47:7b:f8:ff:9a:8d:32:dd:a1:77:6d:f3:
9b:96:1a:4c:d7:60:d2:4e:c2:e0:85:d3:cb:1f:a1:
b3:5a:89:08:37:3b:80:6a:b9:12:e6:ff:ad:8b:21:
28:22:94:75:e6:23:55:28:be:75:91:d8:91:36:e2:
6c:f0:dc:a5:cf:d0:5d:14:2e:b5:1f:9f:8d:ee:da:
e1:93:93:fd:10:16:0a:fc:9e:7a:a2:0b:bf:b8:92:
53:f0:ed:29:70:68:07:51:8b:a0:8d:6b:db:7f:30:
d7:bd:09:82:27:0c:05:dd:51:66:80:9e:d7:25:a8:
c8:47:90:ac:a3:18:af:9b:18:d4:b3:ab:bc:f1:7c:
98:10:0d:78:bf:7d:7c:43:cf:0b:25:71:ed:cf:68:
70:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DB:E6:AF:18:58:3E:DE:90:F5:DC:37:A1:A4:FA:4B:5C:20:E4:DC
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/k9vmrxhYPt6Q9dw3oaT6S1wg5Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0/24
213.220.5.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e0:26:94:d6:5f:0e:35:70:ee:6a:71:18:c5:5e:dc:73:bd:
44:0e:65:63:de:0b:67:53:39:49:3c:c3:1a:48:66:b4:2e:03:
bd:9f:90:ab:1f:ba:3e:6c:21:4e:c6:96:52:9c:78:ed:a8:f1:
cf:7e:d5:ca:c8:68:3b:c3:a1:11:18:0a:a6:2e:f3:73:8e:3f:
f8:d6:8e:5a:9c:22:b9:2a:45:16:0f:87:51:7b:8d:7d:66:85:
64:7b:a6:de:d5:1a:9c:5d:a6:9e:a1:2c:32:9f:7f:b8:42:bb:
bb:74:23:be:b9:5e:42:c1:1e:ae:2b:d8:7d:14:30:3d:65:40:
a0:76:e6:c8:42:47:24:51:a0:ae:97:49:7d:3d:cf:68:a0:3c:
94:3a:71:12:9a:a5:4b:73:e7:66:0f:9a:b9:97:16:37:26:cd:
2b:4a:ea:1a:c4:31:4f:b0:98:ff:07:95:32:42:a9:fe:e7:1c:
61:55:ca:32:b8:07:5a:cd:64:cc:5a:38:ae:6d:60:be:b4:5f:
f3:a8:79:d9:dd:02:b1:82:a8:e1:5a:e8:80:da:bc:02:cc:97:
75:7e:33:cf:8e:ed:da:50:58:17:57:0a:07:b5:be:3b:ed:a0:
00:8d:7d:69:4b:81:e5:1b:ac:2e:15:69:02:17:e4:9e:61:be:
0f:25:b5:5f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZY9tYyrPcgdVphstZQk3DI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDE2MDgyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RiZTZhZjE4NTgzZWRlOTBmNWRjMzdhMWE0ZmE0YjVjMjBlNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvr65cgH3veMwFvUvp1AZLz/ZRpXf
hNCSJLGrR53oY4+uPVulfNqt+QhGDl7/6XnwGQUfSkzp7Hla+D3GA7ejTH/EylFK
gvQqfSqmtz5S6DrVUsScygZrsJGnDi3mDE5JzyTZ3GljZUf9LB1He/j/mo0y3aF3
bfOblhpM12DSTsLghdPLH6GzWokINzuAarkS5v+tiyEoIpR15iNVKL51kdiRNuJs
8Nylz9BdFC61H5+N7trhk5P9EBYK/J56ogu/uJJT8O0pcGgHUYugjWvbfzDXvQmC
JwwF3VFmgJ7XJajIR5CsoxivmxjUs6u88XyYEA14v318Q88LJXHtz2hw9wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJPb5q8YWD7ekPXcN6Gk+ktcIOTcMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvazl2bXJ4aFlQdDZROWR3M29hVDZTMXdnNU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQtm/AD
BAAtm/IwDAMEAMKPzQMEBMKPwAMEAMKP2QMEAMKP3QMEAMNywAMEAMNywwMEAMNy
xQMEANXcBTANBgkqhkiG9w0BAQsFAAOCAQEAb+AmlNZfDjVw7mpxGMVe3HO9RA5l
Y94LZ1M5STzDGkhmtC4DvZ+Qqx+6PmwhTsaWUpx47ajxz37VyshoO8OhERgKpi7z
c44/+NaOWpwiuSpFFg+HUXuNfWaFZHum3tUanF2mnqEsMp9/uEK7u3QjvrleQsEe
rivYfRQwPWVAoHbmyEJHJFGgrpdJfT3PaKA8lDpxEpqlS3PnZg+auZcWNybNK0rq
GsQxT7CY/weVMkKp/uccYVXKMrgHWs1kzFo4rm1gvrRf86h52d0CsYKo4VrogNq8
AsyXdX4zz47t2lBYF1cKB7W+O+2gAI19aUuB5RusLhVpAhfknmG+DyW1Xw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:51:54 2025 by rpki-client