Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/qBLCCFGuctUQiYsQk0W3_ZPazZE.roa
File: qBLCCFGuctUQiYsQk0W3_ZPazZE.roa (raw, json)
Hash identifier: ybSuQQK5pmtn9II222GXUcCQdNJUPu4zNVd1WtIMTDI=
Subject key identifier: A8:12:C2:08:51:AE:72:D5:10:89:8B:10:93:45:B7:FD:93:DA:CD:91
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 01941FFAB0CF7525FF9FD76FF026006C91FF
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/qBLCCFGuctUQiYsQk0W3_ZPazZE.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
185.159.128.0/24 maxlen: 32
185.159.131.0/24 maxlen: 32
185.228.235.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 08:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b0:cf:75:25:ff:9f:d7:6f:f0:26:00:6c:91:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a812c20851ae72d510898b109345b7fd93dacd91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:92:c2:a5:35:fc:a1:33:b5:f5:7c:c6:2c:
81:6b:16:b8:88:a9:57:33:9b:82:a1:da:c9:d7:96:
cf:72:5c:ed:17:f4:42:44:44:94:e1:ca:83:61:4e:
56:b2:b8:4c:e6:39:03:69:fe:d2:e4:ef:05:db:16:
1c:d8:b2:35:83:5f:e7:30:72:ac:2e:46:01:b7:14:
01:c0:63:19:ee:e6:37:c7:32:90:71:88:e9:15:1f:
1c:ad:dd:6e:91:1d:30:17:13:f5:12:cd:7e:82:28:
58:21:93:82:63:63:df:97:9b:da:e0:79:4c:d9:84:
18:d7:c9:a6:0f:45:97:4d:a3:63:42:4c:50:23:2d:
34:45:aa:b7:3d:43:c6:df:a0:61:c4:ca:01:28:da:
b9:c0:98:65:62:59:8d:6b:41:09:21:1a:b2:a6:2f:
dd:8b:9a:f9:30:e8:38:f3:92:85:f5:5e:fd:d1:ae:
48:c7:9d:6b:c4:a4:76:c1:dd:53:cf:54:3f:0a:44:
f8:a2:35:1f:ad:ff:a4:2e:44:87:6f:7e:07:f8:05:
b0:b4:3f:c7:ab:cb:d7:03:1b:bd:cc:d9:d7:b4:9b:
7e:b7:09:b7:84:21:97:94:dc:29:d5:ff:d2:1e:6e:
3f:3f:df:14:d0:2c:10:2d:29:78:75:02:2a:2f:76:
e4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:12:C2:08:51:AE:72:D5:10:89:8B:10:93:45:B7:FD:93:DA:CD:91
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/qBLCCFGuctUQiYsQk0W3_ZPazZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.22.0-45.156.25.255
45.156.27.0/24
178.255.222.0/24
185.92.180.0/22
185.159.128.0/24
185.159.131.0/24
185.228.235.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
8c:05:f1:39:5a:3a:92:71:6e:46:e0:4e:6e:b7:ca:20:31:7f:
5f:f0:61:7e:00:7e:b3:02:70:9f:71:16:76:94:5c:ff:16:5e:
df:5b:4c:3c:8c:32:56:97:38:ad:fc:89:f8:52:86:fd:ff:b6:
9c:7d:c1:45:e5:7d:34:9f:6d:35:cb:79:cd:b9:b5:28:5a:b7:
7e:d7:ee:e5:d4:42:7d:3a:6c:0d:6b:04:ba:cb:66:7a:8e:f9:
41:8f:e5:aa:d9:c9:62:e4:b5:c1:57:6d:e2:d9:ca:14:e3:1f:
e3:0e:a2:c6:bc:d0:9c:c1:e8:9e:29:f6:ee:b4:e6:e1:66:02:
8b:63:dd:47:ee:c3:86:83:d9:75:d4:89:dd:87:c2:63:44:ce:
7e:fd:11:d4:53:41:1a:88:6d:de:1a:63:47:5a:c5:31:c8:b3:
18:b5:0e:e6:97:93:01:82:78:e1:1c:06:76:8e:50:a2:8a:04:
3f:a6:e7:ab:4a:44:bc:ae:a6:20:c0:1e:8d:77:b3:33:85:ea:
a7:ef:a1:ce:d7:b1:cd:27:ab:36:e6:83:10:43:f4:06:33:44:
29:32:31:b4:d9:27:b6:28:74:82:7b:b1:f0:a9:68:bf:61:a4:
df:e0:8b:1d:af:b7:2a:c8:d5:fc:44:d0:ed:0a:40:0c:b6:b6:
ba:aa:f5:aa
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQf+rDPdSX/n9dv8CYAbJH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODEyYzIwODUxYWU3MmQ1MTA4OThiMTA5MzQ1YjdmZDkzZGFjZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxOSwqU1/KEztfV8xiyBaxa4iKlX
M5uCodrJ15bPclztF/RCRESU4cqDYU5WsrhM5jkDaf7S5O8F2xYc2LI1g1/nMHKs
LkYBtxQBwGMZ7uY3xzKQcYjpFR8crd1ukR0wFxP1Es1+gihYIZOCY2Pfl5va4HlM
2YQY18mmD0WXTaNjQkxQIy00Raq3PUPG36BhxMoBKNq5wJhlYlmNa0EJIRqypi/d
i5r5MOg485KF9V790a5Ix51rxKR2wd1Tz1Q/CkT4ojUfrf+kLkSHb34H+AWwtD/H
q8vXAxu9zNnXtJt+twm3hCGXlNwp1f/SHm4/P98U0CwQLSl4dQIqL3bk9QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKgSwghRrnLVEImLEJNFt/2T2s2RMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvcUJMQ0NGR3VjdFVRaVlzUWswVzNfWlBhelpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwMAwDBAEt
nBYDBAEtnBgDBAAtnBsDBACy/94DBAK5XLQDBAC5n4ADBAC5n4MDBAC55OsDBADB
sJkDBADBsJ4DBADBsLMDBADBsL4DBAHCJKoDBADCJNEwDAMEAcJ01gMEAcJ02AME
AMJ4GAMEAMJ4dDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEAjAXx
OVo6knFuRuBObrfKIDF/X/BhfgB+swJwn3EWdpRc/xZe31tMPIwyVpc4rfyJ+FKG
/f+2nH3BReV9NJ9tNct5zbm1KFq3ftfu5dRCfTpsDWsEustmeo75QY/lqtnJYuS1
wVdt4tnKFOMf4w6ixrzQnMHonin27rTm4WYCi2PdR+7DhoPZddSJ3YfCY0TOfv0R
1FNBGoht3hpjR1rFMcizGLUO5peTAYJ44RwGdo5QoooEP6bnq0pEvK6mIMAejXez
M4Xqp++hztexzSerNuaDEEP0BjNEKTIxtNkntih0gnux8Klov2Gk3+CLHa+3KsjV
/ETQ7QpADLa2uqr1qg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:41 2025 by rpki-client