Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tNJtkpYh0IuKS8sHR53n-fKybqg.roa
File: tNJtkpYh0IuKS8sHR53n-fKybqg.roa (raw, json)
Hash identifier: BTJeJmN/hED4a4OS3tekw4MOBGj4TRRK6GqaVwbG/po=
Subject key identifier: B4:D2:6D:92:96:21:D0:8B:8A:4B:CB:07:47:9D:E7:F9:F2:B2:6E:A8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01969FD04CE37424831401CA2210A4151CF5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tNJtkpYh0IuKS8sHR53n-fKybqg.roa
Signing time: Mon 05 May 2025 09:39:10 +0000
ROA not before: Mon 05 May 2025 09:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 May 2025 14:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:d0:4c:e3:74:24:83:14:01:ca:22:10:a4:15:1c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 5 09:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4d26d929621d08b8a4bcb07479de7f9f2b26ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:bc:9e:a0:fd:5a:24:0f:93:ab:37:c9:01:
72:e9:62:c7:47:fe:f0:ef:80:50:c4:bd:f8:f7:68:
d2:de:3a:56:a6:47:3a:f7:11:51:ec:44:d9:04:41:
8e:74:f8:73:68:7c:84:28:15:42:b8:2f:78:1d:09:
2e:e7:0f:09:52:37:83:b7:13:13:ad:66:ad:07:40:
86:45:47:4f:89:19:a8:cb:33:f9:13:6f:82:62:42:
d1:2d:37:4e:65:c3:ab:39:0a:92:5d:ba:b2:79:0e:
4a:de:78:d2:32:0d:c2:55:ff:36:90:36:d3:f9:f4:
0c:5c:1d:6f:9d:cb:ea:8a:53:5a:0c:a9:d6:94:23:
a8:dd:69:d7:96:0c:41:7b:25:4d:22:21:8f:7c:fd:
e4:a5:3e:09:6f:67:6a:a5:86:48:2e:66:25:9d:de:
99:e8:3e:32:99:44:b5:6f:57:4d:1a:8a:7b:72:5e:
5e:7f:3a:9b:0f:b7:d2:7c:0b:ae:14:d4:03:fd:f7:
ca:72:c6:f3:7a:1a:49:7a:4a:57:a3:25:39:8e:aa:
92:87:0d:3c:ad:e4:2c:c1:fe:5c:d2:2e:47:9e:0c:
64:4e:b6:cb:0f:c7:e5:44:02:fe:0d:93:5b:47:90:
77:d9:e5:cc:f5:9f:f5:d5:57:1c:53:37:b6:9a:06:
72:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D2:6D:92:96:21:D0:8B:8A:4B:CB:07:47:9D:E7:F9:F2:B2:6E:A8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tNJtkpYh0IuKS8sHR53n-fKybqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
75:be:0e:8e:2b:69:3f:ae:ba:35:d5:03:9a:4c:9d:c1:a5:f3:
c8:12:20:50:fa:83:91:1c:b6:ca:4b:7a:e9:1e:1b:92:99:2f:
1d:6f:8b:d6:4f:ab:39:bd:7c:73:a5:9b:93:62:61:5d:5e:c1:
76:94:ce:cc:34:c6:98:98:77:11:a2:92:a4:22:1b:1f:90:8f:
29:12:69:62:9b:d2:6a:00:c8:8f:14:6e:7d:ae:3f:68:ac:f5:
43:f7:a6:d5:55:77:b1:79:6a:2c:4a:40:70:47:0e:fd:38:9c:
a3:45:8c:18:49:6b:af:5b:c6:59:c0:b5:0d:b2:f6:e1:cb:6f:
00:63:79:1e:57:a3:27:41:c4:68:f3:42:cc:5b:48:88:b9:e5:
73:86:b2:88:d4:6e:ba:f0:37:7c:f8:86:d3:24:47:28:a3:fd:
49:9e:4f:c7:d4:9d:ad:f7:cb:8e:2f:79:4c:2e:6a:d5:17:87:
cf:81:39:6a:dc:5c:f8:6a:0a:96:6a:1b:c4:5d:ad:20:00:f9:
a2:00:a0:8d:34:d9:98:1e:d6:1d:cc:55:3c:3b:87:fb:41:94:
1c:a8:1e:5e:7e:9b:03:e5:d2:8c:5e:9b:b3:f6:45:6b:d5:af:
5b:6b:bc:f8:5b:e6:2d:f1:a5:60:fd:be:b3:1b:97:4e:fc:7b:
83:c8:fb:71
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZaf0EzjdCSDFAHKIhCkFRz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTA1MDkzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQyNmQ5Mjk2MjFkMDhiOGE0YmNiMDc0NzlkZTdmOWYyYjI2ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLq8nqD9WiQPk6s3yQFy6WLHR/7w
74BQxL3492jS3jpWpkc69xFR7ETZBEGOdPhzaHyEKBVCuC94HQku5w8JUjeDtxMT
rWatB0CGRUdPiRmoyzP5E2+CYkLRLTdOZcOrOQqSXbqyeQ5K3njSMg3CVf82kDbT
+fQMXB1vncvqilNaDKnWlCOo3WnXlgxBeyVNIiGPfP3kpT4Jb2dqpYZILmYlnd6Z
6D4ymUS1b1dNGop7cl5efzqbD7fSfAuuFNQD/ffKcsbzehpJekpXoyU5jqqShw08
reQswf5c0i5HngxkTrbLD8flRAL+DZNbR5B32eXM9Z/11VccUze2mgZyAwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFLTSbZKWIdCLikvLB0ed5/nysm6oMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdE5KdGtwWWgwSXVLUzhzSFI1M24tZkt5YnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBowQCAAEwgZwDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBABV0YADBABncisDBABx
HpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBADBCNcDBADBF/UDBADBGxMDBADC
IR0DBADDnsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsF
AAOCAQEAdb4OjitpP666NdUDmkydwaXzyBIgUPqDkRy2ykt66R4bkpkvHW+L1k+r
Ob18c6Wbk2JhXV7BdpTOzDTGmJh3EaKSpCIbH5CPKRJpYpvSagDIjxRufa4/aKz1
Q/em1VV3sXlqLEpAcEcO/Tico0WMGElrr1vGWcC1DbL24ctvAGN5HlejJ0HEaPNC
zFtIiLnlc4ayiNRuuvA3fPiG0yRHKKP9SZ5Px9SdrffLji95TC5q1ReHz4E5atxc
+GoKlmobxF2tIAD5ogCgjTTZmB7WHcxVPDuH+0GUHKgeXn6bA+XSjF6bs/ZFa9Wv
W2u8+FvmLfGlYP2+sxuXTvx7g8j7cQ==
-----END CERTIFICATE-----
Generated at Thu May 8 19:18:17 2025 by rpki-client