Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QUnoUk9GIdilQd2HNWEBb7RIIRc.roa
File: QUnoUk9GIdilQd2HNWEBb7RIIRc.roa (raw, json)
Hash identifier: pjYqBiuCkx/GM2gqmP9HRhd3tlgeUQ4b8O6kDPDXrxc=
Subject key identifier: 41:49:E8:52:4F:46:21:D8:A5:41:DD:87:35:61:01:6F:B4:48:21:17
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019666C5A43DC79A0556F41105FF97D7251F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QUnoUk9GIdilQd2HNWEBb7RIIRc.roa
Signing time: Thu 24 Apr 2025 07:49:10 +0000
ROA not before: Thu 24 Apr 2025 07:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Apr 2025 09:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:c5:a4:3d:c7:9a:05:56:f4:11:05:ff:97:d7:25:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 24 07:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4149e8524f4621d8a541dd873561016fb4482117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:74:d1:44:d2:f5:df:ca:eb:73:d2:2e:b3:16:
8f:46:0a:36:4c:f5:1a:0e:5d:8d:12:88:62:17:13:
ea:2c:60:03:d0:c5:36:0f:9d:08:0e:08:41:ea:94:
ba:b1:58:06:10:59:7b:27:7b:31:ad:16:04:15:3c:
3d:52:bd:54:c4:5f:39:d8:fe:f2:ee:63:0e:f6:5a:
f3:04:15:1e:78:93:77:04:3e:89:f5:17:24:f9:66:
46:af:b1:cb:61:b8:0f:c5:46:2c:f9:78:ba:48:9d:
f4:ea:e1:52:e6:2c:ea:e7:ed:ca:c1:20:b2:2c:9a:
c0:f8:29:90:d9:d2:e7:1e:2b:2d:b5:ff:42:cc:0d:
1f:93:9b:e6:79:1f:06:1b:15:c2:ff:41:fa:22:46:
eb:d2:c0:0e:45:34:79:b5:b7:e7:6d:a8:b6:b3:20:
1f:0a:62:95:9c:ed:d3:16:a7:54:e0:32:b0:a9:71:
80:19:f9:5a:6c:34:7b:fc:15:c7:63:da:f7:37:ab:
75:a7:9a:05:cc:5f:20:38:17:ea:d7:20:09:5e:ca:
08:dd:cb:aa:91:89:9f:5c:6c:f6:ae:e4:70:16:b5:
e5:7f:66:52:54:49:44:a0:96:2a:75:58:f5:53:7a:
46:79:8a:70:06:c8:2e:4e:7b:46:50:71:c7:0b:a5:
12:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:49:E8:52:4F:46:21:D8:A5:41:DD:87:35:61:01:6F:B4:48:21:17
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QUnoUk9GIdilQd2HNWEBb7RIIRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
5b:84:fc:98:78:42:9e:c2:d2:b6:80:d4:ad:7f:e7:7a:64:73:
be:f6:3f:77:6d:9d:d9:85:af:1d:e2:9c:94:f0:59:ca:7f:5d:
df:f7:10:4a:28:ff:d3:ff:7c:49:f6:ce:d9:17:6e:22:6c:d6:
f6:e9:81:9b:af:d5:00:92:6b:38:1b:c6:ec:25:6a:15:af:58:
50:71:f7:64:ac:91:c3:03:55:39:b8:50:5b:60:ba:dc:a4:7a:
a2:94:69:cd:79:5e:03:40:5b:09:1a:4b:20:69:1f:c4:e6:ef:
cc:ee:16:eb:3c:be:54:e4:49:43:da:fd:6d:29:48:11:06:d2:
8d:ec:52:d1:e1:8e:18:bb:b6:9e:b6:98:41:59:c8:76:8c:d7:
ad:d6:d2:f2:3e:b9:a1:a8:c6:13:97:fb:b4:0f:83:11:7d:d6:
5f:e3:ac:70:d3:4f:3f:64:96:10:7f:87:ff:0a:be:4b:e1:e9:
bb:f2:a4:04:c3:af:ad:4c:e0:8a:1b:e6:8f:75:a1:91:dd:49:
b8:1b:4f:96:30:eb:d0:ec:08:cd:0a:c3:a3:0c:f0:71:76:86:
9b:2c:a4:4a:83:70:24:8a:80:4f:74:e6:2c:65:3f:c6:8e:8a:
36:b5:d0:40:c0:8b:fc:23:d8:58:da:cd:b6:3f:84:c0:c0:ac:
59:0d:f8:05
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZZmxaQ9x5oFVvQRBf+X1yUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI0MDc0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ5ZTg1MjRmNDYyMWQ4YTU0MWRkODczNTYxMDE2ZmI0NDgyMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nTRRNL138rrc9IusxaPRgo2TPUa
Dl2NEohiFxPqLGAD0MU2D50IDghB6pS6sVgGEFl7J3sxrRYEFTw9Ur1UxF852P7y
7mMO9lrzBBUeeJN3BD6J9Rck+WZGr7HLYbgPxUYs+Xi6SJ306uFS5izq5+3KwSCy
LJrA+CmQ2dLnHisttf9CzA0fk5vmeR8GGxXC/0H6Ikbr0sAORTR5tbfnbai2syAf
CmKVnO3TFqdU4DKwqXGAGflabDR7/BXHY9r3N6t1p5oFzF8gOBfq1yAJXsoI3cuq
kYmfXGz2ruRwFrXlf2ZSVElEoJYqdVj1U3pGeYpwBsguTntGUHHHC6USnwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFEFJ6FJPRiHYpUHdhzVhAW+0SCEXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUVVub1VrOUdJZGlsUWQySE5XRUJiN1JJSVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBkQQCAAEwgYoDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBABV0YADBABncisDBABxHpoDBAC5eqsDBAC5
fkADBAC5fkIDBADBCNcDBADBF/UDBADBGxMDBADCIR0DBADDnsAwGAQCAAIwEgMH
ACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEAW4T8mHhCnsLStoDU
rX/nemRzvvY/d22d2YWvHeKclPBZyn9d3/cQSij/0/98SfbO2RduImzW9umBm6/V
AJJrOBvG7CVqFa9YUHH3ZKyRwwNVObhQW2C63KR6opRpzXleA0BbCRpLIGkfxObv
zO4W6zy+VORJQ9r9bSlIEQbSjexS0eGOGLu2nraYQVnIdozXrdbS8j65oajGE5f7
tA+DEX3WX+OscNNPP2SWEH+H/wq+S+Hpu/KkBMOvrUzgihvmj3Whkd1JuBtPljDr
0OwIzQrDowzwcXaGmyykSoNwJIqAT3TmLGU/xo6KNrXQQMCL/CPYWNrNtj+EwMCs
WQ34BQ==
-----END CERTIFICATE-----
Generated at Thu May 8 06:12:43 2025 by rpki-client