Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/y3cINS1IfZzXegRCxwPj20xFWgA.roa
File: y3cINS1IfZzXegRCxwPj20xFWgA.roa (raw, json)
Hash identifier: N1CNJ1fKApjR4cimpkOpY6kHVJ4NEpWi696LdUodN9I=
Subject key identifier: CB:77:08:35:2D:48:7D:9C:D7:7A:04:42:C7:03:E3:DB:4C:45:5A:00
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F1F06238E4D2A2721B3AA79336D82FED0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/y3cINS1IfZzXegRCxwPj20xFWgA.roa
Signing time: Sat 27 Apr 2024 10:07:26 +0000
ROA not before: Sat 27 Apr 2024 10:07:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a0e:1a80::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0f:2e80::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0f:3d87::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:7d07::/32 maxlen: 32
2a0f:e1c6::/32 maxlen: 32
2a0f:e1c7:1::/48 maxlen: 48
2a0f:e847:2::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:18c3::/32 maxlen: 32
2a13:18c6::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 10:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:06:23:8e:4d:2a:27:21:b3:aa:79:33:6d:82:fe:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 27 10:07:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb7708352d487d9cd77a0442c703e3db4c455a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ea:1d:34:0c:c5:af:e0:70:b7:fb:d5:7f:d3:
48:67:84:3c:a3:3d:b5:a7:c1:fc:5e:46:e4:8d:67:
c0:7c:c0:28:dc:d2:73:85:67:02:59:9b:b4:36:c1:
4a:51:ee:8c:0f:59:f0:e7:03:32:4b:d4:0d:52:9c:
db:65:21:77:85:98:59:2b:9c:55:5b:f3:f6:be:cd:
b1:e1:c5:a8:09:b2:4d:95:98:1e:bc:1d:58:4b:27:
4c:db:43:13:dd:37:52:64:11:c6:65:46:d1:f5:4c:
5f:f9:84:e2:8c:cd:81:e2:6a:12:b9:8c:c1:a0:0a:
79:5a:33:18:31:99:18:f1:8c:a6:2e:45:ca:93:91:
8a:cd:6b:3a:7e:06:40:da:55:f5:2f:cd:8b:ef:ee:
a9:cd:2b:f5:cb:37:dd:a9:7d:25:31:d0:d5:92:46:
e5:a3:9b:3b:1b:22:17:c1:fc:a7:52:e1:e2:bc:69:
a9:00:48:70:29:db:2b:5d:bd:50:f1:d5:56:1d:73:
63:06:cb:bb:d7:8e:2e:a2:77:42:f4:e4:52:ee:68:
1a:f2:98:c7:47:0f:d4:3e:a0:3a:ee:5d:0d:11:3d:
db:db:f3:05:9d:33:03:19:be:62:39:18:2e:92:9a:
4b:5e:7e:98:fb:b6:c8:32:83:f3:65:ca:bf:a5:66:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:77:08:35:2D:48:7D:9C:D7:7A:04:42:C7:03:E3:DB:4C:45:5A:00
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/y3cINS1IfZzXegRCxwPj20xFWgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:2e80::/29
2a0f:2f80::/29
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7d02:1::/48
2a0f:7d07::/32
2a0f:e1c6::/32
2a0f:e1c7:1::/48
2a0f:e847:2::/48
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:f540::/29
2a13:18c0:1::/48
2a13:18c3::/32
2a13:18c6::/32
Signature Algorithm: sha256WithRSAEncryption
a9:5b:63:cb:c4:ec:5f:40:60:32:2b:ff:3c:9c:fa:db:66:5d:
f7:32:c3:a7:4e:ba:d1:15:7a:d2:77:7d:0f:88:d9:1f:db:32:
e5:e0:29:94:ac:97:a8:47:2c:ce:4c:cf:eb:3a:d3:7c:72:8e:
18:ca:29:59:78:25:9a:65:26:ad:7a:f3:1e:24:6e:29:dd:1b:
77:e7:bf:fb:c1:20:b4:88:59:79:7f:02:74:21:fe:9c:79:b1:
2c:ec:ce:03:9a:54:b5:8b:70:7f:1e:14:c1:dc:5f:3c:7a:2e:
d8:7f:60:32:e6:d9:fa:ae:2a:c5:92:dc:29:b1:c6:4c:6d:d2:
3a:c8:77:a6:62:55:b8:3c:ac:a9:21:34:52:d3:ad:29:29:80:
65:0f:51:65:df:52:76:5f:3a:11:08:6c:37:49:e6:2b:50:a3:
14:5b:95:7c:4e:b8:96:5a:68:29:92:b9:cc:37:8f:88:d9:af:
e9:b7:fa:33:9f:c9:b9:87:63:28:e9:6c:90:ab:cd:9b:84:d5:
36:59:4a:94:62:c3:47:3e:2f:0e:fc:3e:d7:73:b8:87:00:68:
5a:f1:b3:65:e2:a9:5f:9d:3b:8e:9d:ec:14:4d:05:79:c5:e1:
1b:87:48:bd:9e:68:ff:6e:b0:b3:87:c4:34:95:16:90:c1:28:
29:b6:d8:69
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAY8fBiOOTSonIbOqeTNtgv7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDI3MTAwNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc3MDgzNTJkNDg3ZDljZDc3YTA0NDJjNzAzZTNkYjRjNDU1YTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeodNAzFr+Bwt/vVf9NIZ4Q8oz21
p8H8XkbkjWfAfMAo3NJzhWcCWZu0NsFKUe6MD1nw5wMyS9QNUpzbZSF3hZhZK5xV
W/P2vs2x4cWoCbJNlZgevB1YSydM20MT3TdSZBHGZUbR9Uxf+YTijM2B4moSuYzB
oAp5WjMYMZkY8YymLkXKk5GKzWs6fgZA2lX1L82L7+6pzSv1yzfdqX0lMdDVkkbl
o5s7GyIXwfynUuHivGmpAEhwKdsrXb1Q8dVWHXNjBsu7144uondC9ORS7mga8pjH
Rw/UPqA67l0NET3b2/MFnTMDGb5iORgukppLXn6Y+7bIMoPzZcq/pWbVMQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFMt3CDUtSH2c13oEQscD49tMRVoAMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveTNjSU5TMUlmWnpYZWdSQ3h3UGoyMHhGV2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRAYIKwYBBQUHAQcBAf8EggEzMIIBLzAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBEQQCAAIwggEJAwUAKg4agAMFACoOx4ADBwAqDvIB
AAEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkD
BwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMDBwAqDx6BQxkDBwAqDx6BkugDBwAq
Dx6Bo9ADBwAqDx6Bza4DBQMqDyEAAwUDKg8ugAMFAyoPL4ADBQAqDz2EAwUAKg89
hwMHACoPfQIAAQMFACoPfQcDBQAqD+HGAwcAKg/hxwABAwcAKg/oRwACAwUDKg/p
QAMFAyoQbUADBQMqEf2AAwUBKhKsQAMFAyoS9UADBwAqExjAAAEDBQAqExjDAwUA
KhMYxjANBgkqhkiG9w0BAQsFAAOCAQEAqVtjy8TsX0BgMiv/PJz622Zd9zLDp066
0RV60nd9D4jZH9sy5eAplKyXqEcszkzP6zrTfHKOGMopWXglmmUmrXrzHiRuKd0b
d+e/+8EgtIhZeX8CdCH+nHmxLOzOA5pUtYtwfx4UwdxfPHou2H9gMubZ+q4qxZLc
KbHGTG3SOsh3pmJVuDysqSE0UtOtKSmAZQ9RZd9Sdl86EQhsN0nmK1CjFFuVfE64
llpoKZK5zDePiNmv6bf6M5/JuYdjKOlskKvNm4TVNllKlGLDRz4vDvw+13O4hwBo
WvGzZeKpX507jp3sFE0FecXhG4dIvZ5o/26ws4fENJUWkMEoKbbYaQ==
-----END CERTIFICATE-----
Generated at Sun May 11 04:46:32 2025 by rpki-client