Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zg2bqbPjFwVrkLIIbKX43H5j2JQ.roa
File: zg2bqbPjFwVrkLIIbKX43H5j2JQ.roa (raw, json)
Hash identifier: IczrLsG2LR0jF7M1YQXvzYEfakrYgk695ZDMdZgGuO4=
Subject key identifier: CE:0D:9B:A9:B3:E3:17:05:6B:90:B2:08:6C:A5:F8:DC:7E:63:D8:94
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196A600293083A6BEC34A77AED9DF5A9FEA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zg2bqbPjFwVrkLIIbKX43H5j2JQ.roa
Signing time: Tue 06 May 2025 14:29:10 +0000
ROA not before: Tue 06 May 2025 14:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 May 2025 06:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:00:29:30:83:a6:be:c3:4a:77:ae:d9:df:5a:9f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 6 14:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce0d9ba9b3e317056b90b2086ca5f8dc7e63d894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:fb:4f:79:e3:fb:6c:d7:c7:f1:a3:7b:f9:
f1:fe:9a:c1:12:d9:1e:77:da:6e:f9:4f:ff:64:9b:
1a:17:36:78:1d:98:e0:15:95:25:b9:c3:98:db:9b:
6b:19:f0:56:20:a1:c9:78:0a:13:c3:db:d7:c0:db:
37:9f:de:b2:68:a9:00:a7:0f:61:fd:36:23:a8:40:
44:92:90:7d:16:72:9a:eb:af:a0:f6:22:94:48:86:
d7:ba:60:8b:77:56:46:b7:9b:ef:50:38:92:c4:01:
d3:22:36:c4:bc:ef:53:4c:14:a1:94:c4:a2:5a:f6:
47:06:a6:66:a0:ed:3f:d4:2a:9c:b1:43:94:d6:f6:
27:41:71:f3:96:12:77:e1:75:2e:1b:1c:d1:f0:10:
b8:5a:ba:12:12:f8:8c:ea:57:2a:7c:36:8a:f5:d1:
98:83:87:19:39:38:1c:73:4d:94:98:45:fd:84:25:
5e:29:86:85:30:39:c8:56:52:c2:dc:07:0b:cb:53:
3d:60:11:87:df:02:c8:ec:14:18:cd:4d:22:4c:8f:
81:64:45:4e:7e:2d:d8:c6:1c:25:43:eb:69:37:db:
87:8a:32:30:1c:7b:6d:c8:31:40:3a:b8:51:bc:2b:
5c:1e:85:45:28:c1:cc:98:54:fc:a2:fb:39:18:52:
79:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0D:9B:A9:B3:E3:17:05:6B:90:B2:08:6C:A5:F8:DC:7E:63:D8:94
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zg2bqbPjFwVrkLIIbKX43H5j2JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
193.8.215.0/24
193.23.245.0/24
193.27.19.0/24
194.33.29.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
24:b0:88:5e:31:00:20:9f:db:e8:a2:c7:1d:4f:b0:88:05:0c:
24:da:5e:38:2e:39:87:a0:19:e3:7f:df:99:31:4b:a1:54:94:
f4:02:95:86:11:5a:69:c9:88:ed:24:50:0a:66:f0:12:1b:74:
b8:53:27:11:8d:fe:de:a7:ee:c3:2e:a9:1a:55:f4:20:a4:f2:
98:db:97:34:12:2c:f2:7a:d9:5c:93:ca:26:f4:22:29:a6:2e:
c5:ad:d3:b9:44:02:b9:2e:ce:ac:11:1d:51:47:b2:25:c1:a3:
c8:06:f7:7d:03:ce:0f:4e:1e:7b:b0:d9:b5:2e:72:5a:97:f2:
3a:e3:18:7b:de:c4:8f:2d:52:40:54:5f:bb:e7:df:9f:fa:42:
26:c1:9b:93:cc:06:e7:4f:0b:e4:ba:f4:f0:87:93:66:90:b2:
fd:3d:d7:18:25:07:ab:e0:db:02:bf:c6:2d:d5:fb:ca:1b:2e:
37:44:63:a5:d6:3b:96:8a:8d:88:b5:25:df:ae:ae:90:ec:ce:
1a:5f:b5:5e:7d:a9:fa:bb:ce:a8:ff:29:43:75:73:5c:e8:8b:
80:fe:81:25:5e:18:84:d4:df:d4:42:1a:62:b1:f1:03:aa:89:
50:ea:60:e6:a6:8e:42:fd:b9:08:43:09:8a:2f:bd:3c:bc:18:
2b:ac:12:b2
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZamACkwg6a+w0p3rtnfWp/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTA2MTQyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBkOWJhOWIzZTMxNzA1NmI5MGIyMDg2Y2E1ZjhkYzdlNjNkODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0L7T3nj+2zXx/Gje/nx/prBEtke
d9pu+U//ZJsaFzZ4HZjgFZUlucOY25trGfBWIKHJeAoTw9vXwNs3n96yaKkApw9h
/TYjqEBEkpB9FnKa66+g9iKUSIbXumCLd1ZGt5vvUDiSxAHTIjbEvO9TTBShlMSi
WvZHBqZmoO0/1CqcsUOU1vYnQXHzlhJ34XUuGxzR8BC4WroSEviM6lcqfDaK9dGY
g4cZOTgcc02UmEX9hCVeKYaFMDnIVlLC3AcLy1M9YBGH3wLI7BQYzU0iTI+BZEVO
fi3YxhwlQ+tpN9uHijIwHHttyDFAOrhRvCtcHoVFKMHMmFT8ovs5GFJ5TQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFM4Nm6mz4xcFa5CyCGyl+Nx+Y9iUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvemcyYnFiUGpGd1Zya0xJSWJLWDQzSDVqMkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBqQQCAAEwgaIDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAtnrkDBABV0YADBABn
cisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBADBCNcDBADBF/UDBADB
GxMDBADCIR0DBADDnsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG
9w0BAQsFAAOCAQEAJLCIXjEAIJ/b6KLHHU+wiAUMJNpeOC45h6AZ43/fmTFLoVSU
9AKVhhFaacmI7SRQCmbwEht0uFMnEY3+3qfuwy6pGlX0IKTymNuXNBIs8nrZXJPK
JvQiKaYuxa3TuUQCuS7OrBEdUUeyJcGjyAb3fQPOD04ee7DZtS5yWpfyOuMYe97E
jy1SQFRfu+ffn/pCJsGbk8wG508L5Lr08IeTZpCy/T3XGCUHq+DbAr/GLdX7yhsu
N0RjpdY7loqNiLUl366ukOzOGl+1Xn2p+rvOqP8pQ3VzXOiLgP6BJV4YhNTf1EIa
YrHxA6qJUOpg5qaOQv25CEMJii+9PLwYK6wSsg==
-----END CERTIFICATE-----
Generated at Thu May 8 10:16:04 2025 by rpki-client