Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PNXIaaAUEj4AV71ss6wnpVvRF-A.roa
File: PNXIaaAUEj4AV71ss6wnpVvRF-A.roa (raw, json)
Hash identifier: 9i9Nm3+bebJMlLvGAut1rQO0oT462/RLDmtbQzaZKeM=
Subject key identifier: 3C:D5:C8:69:A0:14:12:3E:00:57:BD:6C:B3:AC:27:A5:5B:D1:17:E0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CD4E246C6419DC42059154A9EC03C146E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PNXIaaAUEj4AV71ss6wnpVvRF-A.roa
Signing time: Thu 04 Jan 2024 14:30:48 +0000
ROA not before: Thu 04 Jan 2024 14:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a11:fd80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a13:fc00::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a06:5280::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a13:18c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jan 2024 13:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:e2:46:c6:41:9d:c4:20:59:15:4a:9e:c0:3c:14:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 4 14:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd5c869a014123e0057bd6cb3ac27a55bd117e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:f0:2f:c0:bd:bd:07:1d:64:b4:c5:58:5a:
a4:fa:14:58:1c:6d:13:33:dd:66:85:5f:8b:25:16:
ad:7f:bf:80:5f:eb:a1:82:27:41:b7:67:a7:31:39:
6f:ae:3a:0e:28:d6:66:c0:00:c1:60:86:4d:8d:b1:
05:8e:39:ab:4c:12:b9:db:cb:f4:18:39:93:f4:0d:
08:1a:c7:c5:2e:fa:96:38:83:cb:15:81:8c:e4:21:
be:89:c1:6e:a8:3d:80:25:30:5f:d0:e8:65:f3:26:
af:b9:3b:eb:cc:69:9a:4e:93:ab:69:5f:fa:0b:5e:
6f:f2:53:3f:46:0c:18:e7:df:26:12:68:84:73:44:
46:11:4f:a4:46:cf:88:e5:ab:4b:52:99:09:9d:cd:
44:f9:3e:91:ab:ee:5e:d5:5a:79:47:14:5a:67:92:
0f:94:d8:85:48:b9:30:9f:8a:68:3b:26:d1:cb:97:
4a:0b:d1:e7:31:7b:7c:ee:5d:b2:d8:7a:0f:d8:60:
49:0b:f2:78:01:90:70:93:28:b6:30:5a:18:d6:ee:
15:68:60:72:67:23:bc:22:8b:c0:d6:ce:37:77:0f:
79:77:24:7b:c4:94:f5:38:6c:84:ed:ff:d7:87:7b:
6b:05:7c:53:b1:9b:d4:e4:4a:78:c7:d2:19:8c:32:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D5:C8:69:A0:14:12:3E:00:57:BD:6C:B3:AC:27:A5:5B:D1:17:E0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PNXIaaAUEj4AV71ss6wnpVvRF-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a06:5280::/29
2a07:f300::/29
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:7d01::/32
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a13:18c0:1::/48
2a13:18c3::/32
2a13:4900::/29
2a13:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
03:24:4a:21:62:29:db:dc:8b:b4:97:f0:d6:d0:45:19:5e:95:
d4:87:ec:e9:50:a9:76:c2:bc:22:9f:7a:45:3b:e6:bb:34:4d:
b8:fc:03:2e:ec:cf:e0:03:9e:17:39:97:e2:0c:1b:b6:4a:6a:
82:31:b9:53:93:a5:9f:bb:2e:13:6a:70:90:5f:b2:ea:33:f0:
44:cb:38:af:51:f5:dd:9b:8e:f8:89:56:19:57:b1:fd:c0:a7:
2f:6f:82:24:cc:84:be:45:46:ad:12:df:62:ce:9c:9e:b4:e5:
c0:66:ad:8d:bf:02:29:b4:89:2d:5d:78:4f:75:23:26:8e:f0:
26:eb:01:9b:c3:51:7a:49:a0:e6:d4:b9:ff:f5:e4:ba:cf:e8:
78:3f:75:65:e3:d9:54:d0:6e:47:33:98:aa:d3:cb:2a:6a:86:
09:9c:d5:7b:38:48:ab:a2:45:70:c7:0d:7b:ca:c3:e2:ba:bd:
7f:bd:2f:98:ca:c6:27:5c:a0:75:4b:13:60:ae:22:45:4e:4f:
07:30:8e:80:d6:7a:d5:71:9a:84:07:ed:cd:ed:b5:08:89:32:
69:f8:2c:05:df:fb:e3:b9:ab:f9:f5:d9:50:ab:f3:30:63:1d:
b2:ed:b3:f4:a8:3c:01:ce:09:33:28:d0:cc:90:1b:bf:bc:4c:
3d:fe:b7:c9
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYzU4kbGQZ3EIFkVSp7APBRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA0MTQzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q1Yzg2OWEwMTQxMjNlMDA1N2JkNmNiM2FjMjdhNTViZDExN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+rwL8C9vQcdZLTFWFqk+hRYHG0T
M91mhV+LJRatf7+AX+uhgidBt2enMTlvrjoOKNZmwADBYIZNjbEFjjmrTBK528v0
GDmT9A0IGsfFLvqWOIPLFYGM5CG+icFuqD2AJTBf0Ohl8yavuTvrzGmaTpOraV/6
C15v8lM/RgwY598mEmiEc0RGEU+kRs+I5atLUpkJnc1E+T6Rq+5e1Vp5RxRaZ5IP
lNiFSLkwn4poOybRy5dKC9HnMXt87l2y2HoP2GBJC/J4AZBwkyi2MFoY1u4VaGBy
ZyO8IovA1s43dw95dyR7xJT1OGyE7f/Xh3trBXxTsZvU5Ep4x9IZjDLR0wIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFDzVyGmgFBI+AFe9bLOsJ6Vb0RfgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUE5YSWFhQVVFajRBVjcxc3M2d25wVnZSRi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBAAQCAAIwgfkDBQMqBlKAAwUDKgfzAAMFACoOGoAD
BQAqDseAAwcAKg7yAQABAwcAKg8eAAEjAwcAKg8eAARWAwcAKg8eAAmHAwcAKg8e
AAq8AwcAKg8eAN75AwcAKg8eAQABAwcAKg8egQACAwcAKg8egRKTAwcAKg8egUMZ
AwcAKg8egZLoAwcAKg8egaPQAwcAKg8egc2uAwUDKg8hAAMHACoPPYABIzAOAwUB
Kg89ggMFACoPPYQDBQAqDz2HAwUAKg99AQMFAyoP6UADBQMqEG1AAwUDKhH9gAMF
ASoSrEADBwAqExjAAAEDBQAqExjDAwUDKhNJAAMFAyoT/AAwDQYJKoZIhvcNAQEL
BQADggEBAAMkSiFiKdvci7SX8NbQRRleldSH7OlQqXbCvCKfekU75rs0Tbj8Ay7s
z+ADnhc5l+IMG7ZKaoIxuVOTpZ+7LhNqcJBfsuoz8ETLOK9R9d2bjviJVhlXsf3A
py9vgiTMhL5FRq0S32LOnJ605cBmrY2/Aim0iS1deE91IyaO8CbrAZvDUXpJoObU
uf/15LrP6Hg/dWXj2VTQbkczmKrTyypqhgmc1Xs4SKuiRXDHDXvKw+K6vX+9L5jK
xidcoHVLE2CuIkVOTwcwjoDWetVxmoQH7c3ttQiJMmn4LAXf++O5q/n12VCr8zBj
HbLts/SoPAHOCTMo0MyQG7+8TD3+t8k=
-----END CERTIFICATE-----
Generated at Sat May 10 04:53:59 2025 by rpki-client