Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xtXYuiCNmdi0qxPgfieeLmytScY.roa
File: xtXYuiCNmdi0qxPgfieeLmytScY.roa (raw, json)
Hash identifier: WEF3YWS5oNsBKJx/oNY8VIS31sEgxu9TkRi5+qshXGo=
Subject key identifier: C6:D5:D8:BA:20:8D:99:D8:B4:AB:13:E0:7E:27:9E:2E:6C:AD:49:C6
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0196B47A37EC30099BD5F666819DC7A9BD1A
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xtXYuiCNmdi0qxPgfieeLmytScY.roa
Signing time: Fri 09 May 2025 09:57:10 +0000
ROA not before: Fri 09 May 2025 09:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 06:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:7a:37:ec:30:09:9b:d5:f6:66:81:9d:c7:a9:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: May 9 09:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6d5d8ba208d99d8b4ab13e07e279e2e6cad49c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8d:3d:11:0f:ec:93:be:11:8d:61:5f:65:fa:
9a:27:3f:bc:32:6b:9c:0d:e9:c5:d3:3f:00:d0:ed:
bd:bd:bd:34:3f:5e:a2:0a:62:f2:a2:8d:d1:96:b6:
73:bd:9a:06:ee:9a:5b:22:86:c7:4d:9c:66:f4:a1:
40:84:a3:be:44:00:11:bb:17:f2:b1:1c:93:64:bd:
54:86:83:ca:ea:84:96:19:70:7b:a8:03:05:e2:02:
a6:0e:a6:62:a0:68:ad:5f:f5:d8:84:ce:0a:98:4f:
19:f7:e5:3e:73:84:68:4e:a9:60:10:2e:e4:aa:39:
3f:38:a1:c2:e2:6f:78:57:c3:6b:18:78:75:8a:32:
6e:4a:69:42:af:3f:19:6d:3e:a1:66:45:c6:57:79:
b9:d8:ef:29:94:7a:dd:70:cd:b9:9d:a3:1c:53:01:
e3:21:a5:16:f0:e5:6b:d0:98:6f:14:8c:e1:b6:22:
a5:3d:f4:22:16:7e:39:f6:87:1b:08:31:a9:e0:55:
3d:b6:c5:4b:12:a1:3e:8a:7e:0c:7f:2c:ac:26:f8:
cc:d0:a9:b5:24:cf:ae:9f:02:78:5b:3c:b9:4b:43:
79:f7:14:e4:04:ea:85:ba:b5:06:65:21:22:2f:64:
87:f6:d6:db:c3:87:4c:f5:51:67:0d:f1:a6:86:d2:
64:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D5:D8:BA:20:8D:99:D8:B4:AB:13:E0:7E:27:9E:2E:6C:AD:49:C6
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xtXYuiCNmdi0qxPgfieeLmytScY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0-194.143.218.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0-195.114.198.255
195.114.205.0/24
213.220.2.0/24
213.220.4.0/24
213.220.9.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3e:76:74:02:b4:ee:d4:a2:fa:dd:ea:8e:50:db:b5:95:bc:
e3:fb:13:13:25:1a:18:84:11:38:55:c7:da:f6:6c:d9:8e:4e:
90:99:30:f3:b0:36:e0:57:bc:e2:6f:74:40:4a:23:f7:04:b8:
5c:40:17:a4:0f:00:81:8f:35:1e:74:ee:59:88:d7:a4:d9:23:
11:0b:a3:1a:66:1f:a4:10:d8:2e:02:77:81:3f:9c:c2:1c:a6:
bb:33:23:69:ed:63:3e:76:b3:1e:5a:40:c1:2e:30:80:fd:95:
b5:f0:50:fa:59:82:2c:a3:b3:9b:aa:7f:6f:33:bc:e7:b3:c3:
6c:88:cc:e7:81:e5:6c:10:80:77:96:74:88:ef:33:f7:0f:ee:
6f:fc:d4:85:47:77:c8:a9:71:3a:5e:d0:01:3c:9e:bb:e5:dc:
d2:5b:ba:c5:26:87:5c:d5:74:fe:f3:ba:cc:8f:dc:08:1d:2c:
37:d6:88:1e:e5:45:13:bb:be:14:2d:8b:15:fa:d5:cd:e0:66:
42:56:df:fd:03:46:93:65:92:37:78:c7:de:73:5e:e0:ac:69:
f4:73:eb:22:88:f7:c9:0c:09:ea:af:a8:ab:d9:d4:38:f3:ae:
95:90:70:92:28:23:eb:a0:fa:31:21:47:14:ef:93:ce:e3:cf:
d6:6a:35:e8
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZa0ejfsMAmb1fZmgZ3Hqb0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNTA5MDk1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ1ZDhiYTIwOGQ5OWQ4YjRhYjEzZTA3ZTI3OWUyZTZjYWQ0OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7409EQ/sk74RjWFfZfqaJz+8Mmuc
DenF0z8A0O29vb00P16iCmLyoo3RlrZzvZoG7ppbIobHTZxm9KFAhKO+RAARuxfy
sRyTZL1UhoPK6oSWGXB7qAMF4gKmDqZioGitX/XYhM4KmE8Z9+U+c4RoTqlgEC7k
qjk/OKHC4m94V8NrGHh1ijJuSmlCrz8ZbT6hZkXGV3m52O8plHrdcM25naMcUwHj
IaUW8OVr0JhvFIzhtiKlPfQiFn459ocbCDGp4FU9tsVLEqE+in4MfyysJvjM0Km1
JM+unwJ4Wzy5S0N59xTkBOqFurUGZSEiL2SH9tbbw4dM9VFnDfGmhtJkmwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFMbV2LogjZnYtKsT4H4nni5srUnGMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEveHRYWXVpQ05tZGkwcXhQZ2ZpZWVMbXl0U2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQELZvw
AwQALZvyMAwDBADCj80DBATCj8AwDAMEAMKP2QMEAMKP2gMEAMKP3QMEAMNywAME
AMNywzAMAwQAw3LFAwQAw3LGAwQAw3LNAwQA1dwCAwQA1dwEAwQA1dwJAwQA1dwU
AwQA1dw+MA0GCSqGSIb3DQEBCwUAA4IBAQBIPnZ0ArTu1KL63eqOUNu1lbzj+xMT
JRoYhBE4Vcfa9mzZjk6QmTDzsDbgV7zib3RASiP3BLhcQBekDwCBjzUedO5ZiNek
2SMRC6MaZh+kENguAneBP5zCHKa7MyNp7WM+drMeWkDBLjCA/ZW18FD6WYIso7Ob
qn9vM7zns8NsiMzngeVsEIB3lnSI7zP3D+5v/NSFR3fIqXE6XtABPJ675dzSW7rF
Jodc1XT+87rMj9wIHSw31oge5UUTu74ULYsV+tXN4GZCVt/9A0aTZZI3eMfec17g
rGn0c+siiPfJDAnqr6ir2dQ4866VkHCSKCProPoxIUcU75PO48/WajXo
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:43:57 2025 by rpki-client