Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3Ts-Dxd1Trmh0n0TnXpG4FEE9s.roa
File: x3Ts-Dxd1Trmh0n0TnXpG4FEE9s.roa (raw, json)
Hash identifier: PEPQ8lTlAjgpC9oTSOkFWSioabTzKNf1iUHzovCkS/E=
Subject key identifier: C7:74:EC:F8:3C:5D:D5:3A:E6:87:49:F4:4E:75:E9:1B:81:44:13:DB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01902622278F503BE6FB401405570DA8B2F3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3Ts-Dxd1Trmh0n0TnXpG4FEE9s.roa
Signing time: Mon 17 Jun 2024 12:18:10 +0000
ROA not before: Mon 17 Jun 2024 12:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.9.117.0/24 maxlen: 24
45.86.12.0/24 maxlen: 24
45.130.124.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e847:1::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Jun 2024 15:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:22:27:8f:50:3b:e6:fb:40:14:05:57:0d:a8:b2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 17 12:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c774ecf83c5dd53ae68749f44e75e91b814413db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:0c:9a:b2:72:3e:a9:fa:8a:75:93:1a:22:
ca:27:c0:eb:a1:f6:6d:c4:e7:9b:58:32:f1:7f:93:
02:0c:6b:cb:49:75:b3:ef:d1:68:fa:63:96:fd:a3:
14:6f:b1:fa:7e:f9:ce:74:06:3d:ef:43:be:2c:75:
c1:6f:dd:0d:99:87:22:c5:70:93:2f:2e:87:6c:01:
a4:8c:47:57:56:d7:60:72:db:a0:c3:e5:01:b2:f2:
4d:f2:6d:8d:97:8d:80:b5:52:d5:0c:e8:1b:c2:c7:
7a:ba:ea:0d:4d:1a:b1:fe:3d:60:c4:ce:f7:41:23:
9f:5c:05:b8:26:e6:48:34:07:b8:80:ed:a8:77:e9:
af:18:70:6c:28:13:82:8e:23:ed:ea:86:d0:e2:8a:
33:6e:f9:e0:0e:b0:50:76:e0:cd:e4:8d:27:e0:08:
d5:bc:40:8e:aa:d7:ef:ea:dc:8b:e8:01:52:94:1a:
1d:2f:37:a0:14:0c:ca:ae:ba:2c:20:01:f4:0a:ae:
48:1d:4f:bd:e0:df:f8:e6:85:b4:c7:e6:b2:e6:52:
a7:d6:3b:b0:43:f1:c0:81:ae:90:7b:21:20:6a:b3:
82:46:19:c1:7a:e5:6d:9a:31:91:f2:72:1f:ab:c1:
cd:64:62:06:24:1c:d3:2e:e6:c4:94:c8:6c:d3:b3:
a0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:74:EC:F8:3C:5D:D5:3A:E6:87:49:F4:4E:75:E9:1B:81:44:13:DB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3Ts-Dxd1Trmh0n0TnXpG4FEE9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.86.12.0/24
45.130.124.0/24
45.152.198.0/24
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e847:1::/48
2a13:18c3::/32
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:d8:35:73:98:cd:c2:58:20:20:8c:50:df:c4:ee:28:12:fe:
4b:64:44:72:1c:64:61:95:4a:cc:d2:94:58:91:64:e2:a7:ce:
f4:2f:6d:9c:1c:b8:4f:c3:66:58:a4:4b:fb:01:20:a3:a6:6d:
66:f9:33:d4:aa:5e:6b:c7:11:f4:e2:97:cd:95:22:7a:3b:eb:
ef:81:b6:6a:d8:0d:1d:49:1b:bc:16:a7:61:24:cb:24:24:77:
1d:84:46:3d:21:ee:47:83:b1:78:49:9c:3d:21:58:16:3a:56:
93:9c:95:07:a0:2c:53:74:4c:ac:77:72:ed:85:b7:6b:24:43:
d9:a8:7c:ca:ff:52:d5:3b:16:06:aa:cd:ed:a6:2c:99:fb:6b:
fc:88:75:a3:41:5c:b7:e3:94:23:13:6d:33:7c:26:f4:d6:39:
c5:17:c9:8f:9e:0e:e8:6a:d5:18:e4:9c:a1:18:06:0e:18:d4:
5d:ac:9b:21:ae:9b:39:ca:66:66:39:44:aa:e5:5f:41:7a:89:
65:bc:78:43:9f:27:a7:04:17:4a:c6:53:cd:64:04:de:f8:ca:
45:b6:56:a0:9d:34:b5:07:84:cf:24:6f:fc:a7:b7:8c:00:56:
6a:c9:26:6b:82:00:a0:22:e9:64:9f:af:0e:bb:fc:5c:cf:57:
ee:dd:56:fd
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZAmIiePUDvm+0AUBVcNqLLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjE3MTIxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc0ZWNmODNjNWRkNTNhZTY4NzQ5ZjQ0ZTc1ZTkxYjgxNDQxM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopwMmrJyPqn6inWTGiLKJ8DrofZt
xOebWDLxf5MCDGvLSXWz79Fo+mOW/aMUb7H6fvnOdAY970O+LHXBb90NmYcixXCT
Ly6HbAGkjEdXVtdgctugw+UBsvJN8m2Nl42AtVLVDOgbwsd6uuoNTRqx/j1gxM73
QSOfXAW4JuZINAe4gO2od+mvGHBsKBOCjiPt6obQ4oozbvngDrBQduDN5I0n4AjV
vECOqtfv6tyL6AFSlBodLzegFAzKrrosIAH0Cq5IHU+94N/45oW0x+ay5lKn1juw
Q/HAga6QeyEgarOCRhnBeuVtmjGR8nIfq8HNZGIGJBzTLubElMhs07OgTQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFMd07Pg8XdU65odJ9E516RuBRBPbMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveDNUcy1EeGQxVHJtaDBuMFRuWHBHNEZFRTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDAeBAIAATAYAwQALQl1AwQA
LVYMAwQALYJ8AwQALZjGMEYEAgACMEADBQAqDHiEAwUAKg4ahAMHACoPLYASkgMH
ACoPfQAAAQMHACoPvAChxAMHACoP6EcAAQMFACoTGMMDBQMqEytAMA0GCSqGSIb3
DQEBCwUAA4IBAQCi2DVzmM3CWCAgjFDfxO4oEv5LZERyHGRhlUrM0pRYkWTip870
L22cHLhPw2ZYpEv7ASCjpm1m+TPUql5rxxH04pfNlSJ6O+vvgbZq2A0dSRu8Fqdh
JMskJHcdhEY9Ie5Hg7F4SZw9IVgWOlaTnJUHoCxTdEysd3LthbdrJEPZqHzK/1LV
OxYGqs3tpiyZ+2v8iHWjQVy345QjE20zfCb01jnFF8mPng7oatUY5JyhGAYOGNRd
rJshrps5ymZmOUSq5V9BeollvHhDnyenBBdKxlPNZATe+MpFtlagnTS1B4TPJG/8
p7eMAFZqySZrggCgIulkn68Ou/xcz1fu3Vb9
-----END CERTIFICATE-----
Generated at Sat May 10 19:42:03 2025 by rpki-client