Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/shJ65lLvjaQu09YzWdTj43PyqOk.roa
File: shJ65lLvjaQu09YzWdTj43PyqOk.roa (raw, json)
Hash identifier: wSTaAHblh6zB5H8T8PbiaJGhOrdS1WLuPeADf8mjA94=
Subject key identifier: B2:12:7A:E6:52:EF:8D:A4:2E:D3:D6:33:59:D4:E3:E3:73:F2:A8:E9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01967BB438A4ADABB41458CE9BA62100653E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/shJ65lLvjaQu09YzWdTj43PyqOk.roa
Signing time: Mon 28 Apr 2025 09:22:10 +0000
ROA not before: Mon 28 Apr 2025 09:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 May 2025 09:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:b4:38:a4:ad:ab:b4:14:58:ce:9b:a6:21:00:65:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 28 09:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2127ae652ef8da42ed3d63359d4e3e373f2a8e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:30:d9:ee:51:91:2e:37:0d:71:c1:f3:a3:6d:
d4:b6:78:b3:27:d6:6e:91:77:4a:cb:2b:c5:ee:83:
24:35:d8:ef:e8:f1:d1:87:12:c6:b5:18:b1:b6:f4:
1e:b4:06:ad:72:5a:a7:8b:39:a1:16:88:96:09:07:
7a:ae:4c:27:87:a0:49:e2:e4:e0:94:6b:a0:28:9b:
30:a3:5b:a5:ba:f6:59:d8:b3:c9:bd:94:fe:c8:e0:
87:b9:f7:e3:87:02:fd:39:51:45:26:6c:45:7a:33:
3c:4c:ce:4e:fb:ca:f3:11:db:ea:27:32:bb:c7:dd:
2b:65:32:90:48:a8:56:b6:89:b7:2d:e6:e2:8a:f6:
47:a1:1d:32:89:96:19:6e:49:ef:19:d4:77:de:64:
ea:8c:ad:a0:79:99:a8:98:32:8b:f1:1f:1d:4a:c4:
68:82:72:ba:d4:b1:01:98:d9:75:49:c2:b1:2b:0b:
66:7c:17:57:51:06:b0:7e:e6:d0:4c:6f:b9:ec:e3:
a6:f2:12:b3:99:43:00:76:13:b8:dc:21:1a:18:64:
65:df:05:e5:0e:f9:05:1d:c1:c2:8c:1b:a2:44:f7:
6b:48:4b:86:f2:5b:d1:c8:ff:1b:56:0b:89:c3:c8:
16:64:7e:66:e7:ae:ef:9d:37:47:1c:a2:49:d1:49:
f9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:12:7A:E6:52:EF:8D:A4:2E:D3:D6:33:59:D4:E3:E3:73:F2:A8:E9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/shJ65lLvjaQu09YzWdTj43PyqOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
bb:69:18:a7:b3:19:8d:f3:27:ad:a4:57:0a:ea:d3:6d:53:a7:
7b:be:36:21:db:7b:e4:f5:4b:be:bf:e3:86:4d:98:06:f1:8e:
90:5f:94:64:f1:a2:e8:14:5e:b1:70:48:0f:dd:fa:11:87:d8:
82:01:16:0d:2c:2d:37:40:77:84:ae:77:a0:ea:1f:eb:fd:0c:
cc:f5:50:4f:bd:db:7f:5f:56:db:23:5f:04:2c:2e:f5:0d:ae:
0e:ff:f8:24:17:fa:60:6f:f6:9f:ad:0a:47:42:2d:19:ea:ca:
ed:ad:f0:c4:78:a6:5e:48:27:43:cb:75:b1:47:66:80:fd:12:
40:4b:35:63:28:f3:37:59:a5:c6:b2:b0:b2:96:61:8b:d0:7e:
70:aa:5c:4a:75:66:89:b3:dc:a9:32:b2:38:45:55:02:28:7b:
dd:52:83:fe:31:ad:0e:46:d6:54:4b:5d:37:d9:1d:09:c4:26:
fb:1a:57:31:e1:70:bc:ee:17:86:59:40:01:07:84:2c:06:24:
34:32:56:53:c4:1c:7d:e6:14:db:a7:24:59:d0:9f:62:c5:17:
fe:4b:8b:37:9d:38:07:ef:ae:ca:b1:b8:b4:63:15:1f:ee:02:
4d:f3:41:fa:3f:5c:13:47:fe:77:59:27:c6:5b:10:99:55:3c:
a9:e3:2d:1c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZZ7tDikrau0FFjOm6YhAGU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI4MDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjEyN2FlNjUyZWY4ZGE0MmVkM2Q2MzM1OWQ0ZTNlMzczZjJhOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zDZ7lGRLjcNccHzo23UtnizJ9Zu
kXdKyyvF7oMkNdjv6PHRhxLGtRixtvQetAatclqnizmhFoiWCQd6rkwnh6BJ4uTg
lGugKJswo1uluvZZ2LPJvZT+yOCHuffjhwL9OVFFJmxFejM8TM5O+8rzEdvqJzK7
x90rZTKQSKhWtom3LebiivZHoR0yiZYZbknvGdR33mTqjK2geZmomDKL8R8dSsRo
gnK61LEBmNl1ScKxKwtmfBdXUQawfubQTG+57OOm8hKzmUMAdhO43CEaGGRl3wXl
DvkFHcHCjBuiRPdrSEuG8lvRyP8bVguJw8gWZH5m567vnTdHHKJJ0Un5dwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFLISeuZS742kLtPWM1nU4+Nz8qjpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc2hKNjVsTHZqYVF1MDlZeldkVGo0M1B5cU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBnQQCAAEwgZYDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBABV0YADBABncisDBABx
HpoDBAC5eqsDBAC5fkADBAC5fkIDBADBCNcDBADBF/UDBADBGxMDBADCIR0DBADD
nsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEA
u2kYp7MZjfMnraRXCurTbVOne742Idt75PVLvr/jhk2YBvGOkF+UZPGi6BResXBI
D936EYfYggEWDSwtN0B3hK53oOof6/0MzPVQT73bf19W2yNfBCwu9Q2uDv/4JBf6
YG/2n60KR0ItGerK7a3wxHimXkgnQ8t1sUdmgP0SQEs1YyjzN1mlxrKwspZhi9B+
cKpcSnVmibPcqTKyOEVVAih73VKD/jGtDkbWVEtdN9kdCcQm+xpXMeFwvO4XhllA
AQeELAYkNDJWU8QcfeYU26ckWdCfYsUX/kuLN504B++uyrG4tGMVH+4CTfNB+j9c
E0f+d1knxlsQmVU8qeMtHA==
-----END CERTIFICATE-----
Generated at Thu May 8 14:12:49 2025 by rpki-client