Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ATmdjWxqFVLFhtvAiX1jLWVX1K0.roa
File: ATmdjWxqFVLFhtvAiX1jLWVX1K0.roa (raw, json)
Hash identifier: vvlBgvw5Dd0yLw34yTOFRDLJiRtMeZjcP+ccQROvIjI=
Subject key identifier: 01:39:9D:8D:6C:6A:15:52:C5:86:DB:C0:89:7D:63:2D:65:57:D4:AD
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 0196904DA7A8001A35C9400EE0718480B0E5
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ATmdjWxqFVLFhtvAiX1jLWVX1K0.roa
Signing time: Fri 02 May 2025 09:22:10 +0000
ROA not before: Fri 02 May 2025 09:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.117.52.0/24 maxlen: 24
45.117.54.0/24 maxlen: 24
103.4.248.0/24 maxlen: 24
103.4.249.0/24 maxlen: 24
103.4.250.0/24 maxlen: 24
103.4.251.0/24 maxlen: 24
103.196.8.0/24 maxlen: 24
103.196.9.0/24 maxlen: 24
103.216.1.0/24 maxlen: 24
103.216.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 09:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:4d:a7:a8:00:1a:35:c9:40:0e:e0:71:84:80:b0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 2 09:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01399d8d6c6a1552c586dbc0897d632d6557d4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ca:a9:94:cc:79:1c:bd:79:4c:9f:bc:da:44:
28:f3:dd:6b:88:7b:00:2e:25:e1:3a:94:6d:a2:37:
94:ab:57:4a:b2:e4:64:85:95:05:9d:b6:c9:ed:8d:
b9:0a:14:d8:9d:09:1d:62:b8:e2:60:d3:0d:a9:ff:
72:94:a2:5b:23:95:8b:6c:8e:7f:17:2e:7a:80:fb:
11:f7:9a:77:b6:f4:1b:ec:58:2d:04:90:23:f4:38:
2d:49:61:53:24:b3:79:c3:8c:94:e0:6f:c1:93:58:
dd:59:f0:06:1a:25:6f:29:66:f8:82:06:80:c0:34:
96:37:22:97:b6:3b:26:d1:85:f9:0c:e7:5e:71:f3:
8f:b6:35:df:32:b3:5a:23:43:76:13:b2:fa:02:30:
b7:65:cb:d0:19:90:4c:88:05:ef:92:9f:88:a1:86:
d3:65:3c:a6:df:77:38:0a:db:ee:bf:56:f0:38:0d:
a7:2b:e8:94:8a:6a:ea:e9:92:9e:9f:9a:58:5e:35:
4c:64:99:b6:3b:6d:71:d1:7b:20:a3:57:33:a4:a7:
04:7e:92:1c:2e:a9:03:0b:de:56:90:5f:47:ab:ee:
0b:ab:7f:cc:f5:17:b6:05:36:0f:17:06:55:ea:3d:
9b:61:39:56:7a:0a:65:79:c6:67:88:87:f3:01:e8:
e9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:39:9D:8D:6C:6A:15:52:C5:86:DB:C0:89:7D:63:2D:65:57:D4:AD
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ATmdjWxqFVLFhtvAiX1jLWVX1K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.52.0/24
45.117.54.0/24
103.4.248.0/22
103.196.8.0/23
103.216.1.0/24
103.216.3.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ee:a6:ff:b6:49:28:c1:ec:b9:bc:de:8c:a3:68:36:65:13:
54:49:7b:4d:2a:01:b2:66:e9:14:a4:47:17:9f:e2:99:0a:69:
f2:c5:1c:45:7f:71:a1:a5:ec:82:68:e4:1c:96:2c:85:ae:b6:
60:e3:32:72:95:f4:88:d6:ed:2b:52:9e:7d:e2:b1:7c:64:0a:
ad:2c:22:57:4b:38:4e:17:c2:84:25:c7:04:20:3b:c6:ae:a3:
52:14:82:13:a4:d6:4b:bb:5c:c5:9f:77:0d:ab:c5:2e:b7:be:
ec:64:67:f1:22:98:b8:05:60:73:b2:62:e1:cf:93:94:65:f9:
6f:d0:de:f3:bd:7f:e0:c0:6b:c2:28:8e:a9:e4:eb:43:0c:16:
47:25:cc:6e:41:43:38:bb:73:38:a7:6c:73:56:27:f9:af:69:
42:48:e6:8e:90:9a:02:68:79:3f:e9:c5:48:c2:c2:9e:72:19:
78:52:37:3d:98:d0:c6:9e:90:e0:37:d0:90:94:c1:ff:43:31:
a4:89:2b:da:b4:14:20:6b:da:d3:12:de:87:5e:d7:ad:89:bf:
78:5a:0a:47:dc:e1:83:c5:67:df:33:76:a0:83:06:69:9c:22:
9f:2c:2a:40:1d:e6:b7:02:21:c2:15:d7:72:73:f9:b6:a1:16:
7f:52:59:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaQTaeoABo1yUAO4HGEgLDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwNTAyMDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM5OWQ4ZDZjNmExNTUyYzU4NmRiYzA4OTdkNjMyZDY1NTdkNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8qplMx5HL15TJ+82kQo891riHsA
LiXhOpRtojeUq1dKsuRkhZUFnbbJ7Y25ChTYnQkdYrjiYNMNqf9ylKJbI5WLbI5/
Fy56gPsR95p3tvQb7FgtBJAj9DgtSWFTJLN5w4yU4G/Bk1jdWfAGGiVvKWb4ggaA
wDSWNyKXtjsm0YX5DOdecfOPtjXfMrNaI0N2E7L6AjC3ZcvQGZBMiAXvkp+IoYbT
ZTym33c4Ctvuv1bwOA2nK+iUimrq6ZKen5pYXjVMZJm2O21x0Xsgo1czpKcEfpIc
LqkDC95WkF9Hq+4Lq3/M9Re2BTYPFwZV6j2bYTlWegplecZniIfzAejpqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAE5nY1sahVSxYbbwIl9Yy1lV9StMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvQVRtZGpXeHFGVkxGaHR2QWlYMWpMV1ZYMUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALXU0AwQA
LXU2AwQCZwT4AwQBZ8QIAwQAZ9gBAwQAZ9gDMA0GCSqGSIb3DQEBCwUAA4IBAQCS
7qb/tkkowey5vN6Mo2g2ZRNUSXtNKgGyZukUpEcXn+KZCmnyxRxFf3GhpeyCaOQc
liyFrrZg4zJylfSI1u0rUp594rF8ZAqtLCJXSzhOF8KEJccEIDvGrqNSFIITpNZL
u1zFn3cNq8Uut77sZGfxIpi4BWBzsmLhz5OUZflv0N7zvX/gwGvCKI6p5OtDDBZH
JcxuQUM4u3M4p2xzVif5r2lCSOaOkJoCaHk/6cVIwsKechl4Ujc9mNDGnpDgN9CQ
lMH/QzGkiSvatBQga9rTEt6HXtetib94WgpH3OGDxWffM3aggwZpnCKfLCpAHea3
AiHCFddyc/m2oRZ/UlkP
-----END CERTIFICATE-----
Generated at Tue May 6 08:24:44 2025 by rpki-client