Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/8U5EZyWYZ310MrhaowdZvsHHaI4.roa
File: 8U5EZyWYZ310MrhaowdZvsHHaI4.roa (raw, json)
Hash identifier: 0QA1A9d9NxkfV+7VNf2hJoXHYC7DXZkObCvesvkJoyQ=
Subject key identifier: F1:4E:44:67:25:98:67:7D:74:32:B8:5A:A3:07:59:BE:C1:C7:68:8E
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0196B429A676FFB4F194A35CE2B65AB31155
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/8U5EZyWYZ310MrhaowdZvsHHaI4.roa
Signing time: Fri 09 May 2025 08:29:10 +0000
ROA not before: Fri 09 May 2025 08:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
45.154.239.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.39.216.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 May 2025 09:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:29:a6:76:ff:b4:f1:94:a3:5c:e2:b6:5a:b3:11:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 9 08:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f14e44672598677d7432b85aa30759bec1c7688e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:45:07:28:b0:f1:fa:2e:b7:be:e9:13:8d:d1:
0b:4a:70:8b:9c:01:02:ac:76:2e:80:04:58:c2:c0:
6a:21:11:98:e1:a8:d2:88:45:f2:5a:dd:21:42:48:
f1:a4:64:3e:68:9c:26:31:a0:e8:61:ae:1a:b0:4a:
d8:89:ab:ff:14:28:62:f3:bf:ef:77:12:bd:d8:58:
a1:1c:0e:ac:37:95:60:47:3e:3a:6e:39:46:76:d9:
30:4e:1e:6f:97:32:09:63:00:f4:08:fc:62:36:4b:
dc:17:af:b3:bf:06:ac:6f:09:bb:43:80:61:5f:87:
b0:cb:5c:a9:46:0d:2a:a4:2c:09:fc:5a:9a:ab:1d:
bb:8d:b4:60:00:04:6a:d5:69:44:9d:6d:01:1d:80:
af:7b:fc:c4:a1:3d:55:2d:d3:dd:47:f3:bd:6b:55:
57:fb:f5:ae:6a:1b:e0:dc:68:97:09:3f:d1:60:7b:
ed:b7:99:95:a6:cb:1d:62:1a:e6:0f:ad:aa:20:07:
5f:79:ce:c1:8e:f3:c6:40:c5:55:f0:fe:13:99:7b:
a0:c5:3c:b5:f0:e3:63:12:36:bc:75:af:db:8d:3f:
b9:c9:62:27:76:1d:64:85:9d:22:ef:b2:77:8a:49:
4e:35:de:fb:5c:3b:04:d4:c0:37:13:44:0f:33:09:
e2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4E:44:67:25:98:67:7D:74:32:B8:5A:A3:07:59:BE:C1:C7:68:8E
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/8U5EZyWYZ310MrhaowdZvsHHaI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.154.238.0/23
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.39.216.0/24
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
bc:9d:3b:df:e9:78:6b:0b:06:d2:54:61:db:7d:de:d6:52:31:
b2:43:55:8d:33:6a:b7:79:7d:45:d8:94:19:53:91:76:31:83:
90:aa:87:12:d0:6b:b7:14:73:5f:92:6c:3b:8d:c5:03:e7:55:
b0:65:4d:dd:56:81:e8:60:43:3c:6e:15:df:bf:12:0f:dd:98:
81:47:b5:8d:44:2f:b3:42:df:87:93:48:76:be:51:a1:81:ff:
98:d0:71:e8:2e:40:c0:6b:67:27:31:1c:90:43:8f:a4:ea:39:
2e:1b:c9:e8:fa:66:4f:a2:98:3a:a1:f8:f3:33:8e:1d:16:92:
9f:80:e0:fd:04:37:b2:64:c7:2c:06:41:78:11:e6:1a:52:40:
60:2a:9f:b2:38:f9:c4:93:24:4e:68:86:81:b5:06:00:d2:ab:
84:89:1b:0c:ba:31:3c:0f:1f:02:ff:64:06:0d:e5:bf:02:9d:
9f:91:e0:0f:92:45:09:cf:30:b5:af:a7:7e:ea:d3:28:fa:2c:
72:f9:8d:cc:49:57:a3:74:8d:83:74:35:9e:ac:02:2d:3d:6f:
6f:55:b0:d3:ee:3c:85:0c:00:2e:ba:19:5b:c4:96:fb:da:88:
e8:48:f1:85:84:9c:e0:6f:ab:eb:f5:3f:4c:c0:03:4d:6a:44:
fa:e7:b0:cf
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZa0KaZ2/7TxlKNc4rZasxFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNTA5MDgyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRlNDQ2NzI1OTg2NzdkNzQzMmI4NWFhMzA3NTliZWMxYzc2ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEUHKLDx+i63vukTjdELSnCLnAEC
rHYugARYwsBqIRGY4ajSiEXyWt0hQkjxpGQ+aJwmMaDoYa4asErYiav/FChi87/v
dxK92FihHA6sN5VgRz46bjlGdtkwTh5vlzIJYwD0CPxiNkvcF6+zvwasbwm7Q4Bh
X4ewy1ypRg0qpCwJ/Fqaqx27jbRgAARq1WlEnW0BHYCve/zEoT1VLdPdR/O9a1VX
+/Wuahvg3GiXCT/RYHvtt5mVpssdYhrmD62qIAdfec7BjvPGQMVV8P4TmXugxTy1
8ONjEja8da/bjT+5yWIndh1khZ0i77J3iklONd77XDsE1MA3E0QPMwnijQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFPFORGclmGd9dDK4WqMHWb7Bx2iOMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvOFU1RVp5V1laMzEwTXJoYW93ZFp2c0hIYUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAS2a7gMEArnQ0AMEALnjUgMEALnkUwME
AbnzcAMEAMIn2AMEAMKSMAMEAcMaBjCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAvJ073+l4awsG0lRh233e1lIx
skNVjTNqt3l9RdiUGVORdjGDkKqHEtBrtxRzX5JsO43FA+dVsGVN3VaB6GBDPG4V
378SD92YgUe1jUQvs0Lfh5NIdr5RoYH/mNBx6C5AwGtnJzEckEOPpOo5LhvJ6Ppm
T6KYOqH48zOOHRaSn4Dg/QQ3smTHLAZBeBHmGlJAYCqfsjj5xJMkTmiGgbUGANKr
hIkbDLoxPA8fAv9kBg3lvwKdn5HgD5JFCc8wta+nfurTKPoscvmNzElXo3SNg3Q1
nqwCLT1vb1Ww0+48hQwALroZW8SW+9qI6EjxhYSc4G+r6/U/TMADTWpE+uewzw==
-----END CERTIFICATE-----
Generated at Mon May 12 17:27:03 2025 by rpki-client