Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/PYvdODMHOh4eHz-GLa8dTEV9CV8.roa
File: PYvdODMHOh4eHz-GLa8dTEV9CV8.roa (raw, json)
Hash identifier: gEyY3UG6Hz1+DVMpiQS9WQnR2kW3WqE8UsIIXMBBddI=
Subject key identifier: 3D:8B:DD:38:33:07:3A:1E:1E:1F:3F:86:2D:AF:1D:4C:45:7D:09:5F
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 019687808BECBF11C67899C71EED38771674
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/PYvdODMHOh4eHz-GLa8dTEV9CV8.roa
Signing time: Wed 30 Apr 2025 16:21:10 +0000
ROA not before: Wed 30 Apr 2025 16:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.82.165.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 20:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:80:8b:ec:bf:11:c6:78:99:c7:1e:ed:38:77:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Apr 30 16:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8bdd3833073a1e1e1f3f862daf1d4c457d095f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:fc:03:61:12:6e:c3:c3:c2:04:3b:1b:c8:
46:30:6d:ee:01:15:47:99:e1:62:c8:b1:10:fa:2f:
f7:d7:d2:fb:26:dd:17:32:4b:12:e2:a0:9a:4e:a8:
92:54:ad:9e:61:a7:27:74:33:a5:59:c2:2b:ab:1e:
60:3e:95:93:17:9f:e7:b9:22:7d:d5:67:f6:8a:d2:
f9:cb:6e:b9:85:47:1c:f9:d3:c2:36:8f:d4:8f:fc:
e2:0c:cd:b5:48:73:6d:23:4c:60:34:36:0c:b9:a7:
c0:dd:d6:2b:44:04:6c:f3:34:7a:d0:60:4e:92:5e:
75:b9:54:bc:a5:60:3a:c9:e6:27:b7:6f:04:2f:ef:
c8:63:68:ac:42:aa:92:d0:9f:f7:b9:85:11:83:1c:
01:c1:35:30:ac:b1:9e:f3:01:e4:35:91:da:e9:44:
54:8f:3d:c3:07:b2:bb:8d:32:5b:84:aa:19:55:42:
d3:e2:df:77:ca:13:c4:b4:bd:c0:99:ef:32:6e:51:
67:e6:6c:92:ed:1c:be:50:b6:6a:c8:58:df:52:e3:
1b:ad:84:32:8f:b3:bd:62:0a:35:37:93:62:ee:7c:
d3:40:70:ae:40:c0:f8:8d:3d:f3:fe:7d:43:ff:eb:
45:a2:55:e6:7c:13:38:f2:3e:76:79:8f:87:fe:f9:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:DD:38:33:07:3A:1E:1E:1F:3F:86:2D:AF:1D:4C:45:7D:09:5F
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/PYvdODMHOh4eHz-GLa8dTEV9CV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.165.0/24
45.144.242.0/23
81.90.190.0/24
91.220.202.0/23
185.126.137.0/24
185.126.227.0/24
192.54.56.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a6:0e:42:5c:80:c2:cb:c6:f5:96:c4:fb:9f:a5:5a:be:27:
4a:e8:07:14:85:b7:f0:d4:77:18:4c:9d:fc:68:93:83:23:2d:
14:02:f0:ae:c0:a8:86:39:1f:66:32:cf:b9:20:9f:b3:2c:a1:
8b:ab:f8:a0:92:a3:1f:29:c3:a2:97:d8:33:5b:04:1e:f9:44:
01:71:f7:2d:4a:5f:8c:6a:c9:35:f2:40:bd:5e:9d:00:00:28:
78:f7:78:48:a3:47:ba:1c:53:08:2d:46:f6:3c:f7:f4:9f:10:
a8:7d:5e:76:77:15:46:2f:1c:b9:c1:c4:54:48:4e:89:1f:74:
b6:73:9e:2c:83:eb:78:fc:36:24:df:60:ae:99:c1:4f:ae:ae:
5f:92:78:f7:bc:79:04:e3:30:65:a2:9e:0d:f4:e4:19:25:8f:
72:06:fb:10:d5:76:8c:23:e0:df:b2:e9:b8:67:2f:e7:9f:3e:
b0:10:0b:f6:0c:18:1c:0f:c7:c3:94:0b:d5:68:e3:86:08:c8:
d9:c7:89:f7:42:f6:d5:c9:59:96:2c:c3:9b:1f:09:9d:fc:32:
56:db:9f:7d:67:49:6d:6a:7e:2c:00:90:fa:b1:95:ae:a3:2a:
3d:02:f1:f0:f0:26:34:7c:27:fe:a8:49:1f:9a:3a:3b:54:cd:
f3:4a:7a:1e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaHgIvsvxHGeJnHHu04dxZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNDMwMTYyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhiZGQzODMzMDczYTFlMWUxZjNmODYyZGFmMWQ0YzQ1N2QwOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uz8A2ESbsPDwgQ7G8hGMG3uARVH
meFiyLEQ+i/319L7Jt0XMksS4qCaTqiSVK2eYacndDOlWcIrqx5gPpWTF5/nuSJ9
1Wf2itL5y265hUcc+dPCNo/Uj/ziDM21SHNtI0xgNDYMuafA3dYrRARs8zR60GBO
kl51uVS8pWA6yeYnt28EL+/IY2isQqqS0J/3uYURgxwBwTUwrLGe8wHkNZHa6URU
jz3DB7K7jTJbhKoZVULT4t93yhPEtL3Ame8yblFn5myS7Ry+ULZqyFjfUuMbrYQy
j7O9Ygo1N5Ni7nzTQHCuQMD4jT3z/n1D/+tFolXmfBM48j52eY+H/vmMLQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD2L3TgzBzoeHh8/hi2vHUxFfQlfMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvUFl2ZE9ETUhPaDRlSHotR0xhOGRURVY5Q1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVKlAwQB
LZDyAwQAUVq+AwQBW9zKAwQAuX6JAwQAuX7jAwQAwDY4MA0GCSqGSIb3DQEBCwUA
A4IBAQAMpg5CXIDCy8b1lsT7n6VavidK6AcUhbfw1HcYTJ38aJODIy0UAvCuwKiG
OR9mMs+5IJ+zLKGLq/igkqMfKcOil9gzWwQe+UQBcfctSl+Mask18kC9Xp0AACh4
93hIo0e6HFMILUb2PPf0nxCofV52dxVGLxy5wcRUSE6JH3S2c54sg+t4/DYk32Cu
mcFPrq5fknj3vHkE4zBlop4N9OQZJY9yBvsQ1XaMI+Dfsum4Zy/nnz6wEAv2DBgc
D8fDlAvVaOOGCMjZx4n3QvbVyVmWLMObHwmd/DJW2599Z0ltan4sAJD6sZWuoyo9
AvHw8CY0fCf+qEkfmjo7VM3zSnoe
-----END CERTIFICATE-----
Generated at Sun May 11 20:23:45 2025 by rpki-client