Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mzesL7b8xDiEMbccrYxwxauUCNo.roa
File: mzesL7b8xDiEMbccrYxwxauUCNo.roa (raw, json)
Hash identifier: 9abaQNS2L+ykADnbBlaL9V1O8kjESf/2jjTxMsIC444=
Subject key identifier: 9B:37:AC:2F:B6:FC:C4:38:84:31:B7:1C:AD:8C:70:C5:AB:94:08:DA
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01967B60E742BA56E125FC1102E9854EB162
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mzesL7b8xDiEMbccrYxwxauUCNo.roa
Signing time: Mon 28 Apr 2025 07:51:10 +0000
ROA not before: Mon 28 Apr 2025 07:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 07:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:60:e7:42:ba:56:e1:25:fc:11:02:e9:85:4e:b1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 28 07:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b37ac2fb6fcc4388431b71cad8c70c5ab9408da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3b:e7:b7:77:1c:3d:ac:d3:bc:47:18:ce:1e:
6d:6d:4b:bf:43:da:37:20:7a:b7:07:c4:03:bd:2d:
a1:c9:2a:cf:d2:d8:ef:c8:ca:aa:38:b1:14:e2:50:
9c:11:e1:8e:b2:13:79:27:ac:9a:bf:a8:d1:b3:2b:
4f:e8:67:7c:7f:55:b6:98:13:40:e4:c6:77:66:43:
11:ea:c5:f8:6e:82:69:f2:2b:f6:9d:ce:ce:d5:f4:
5d:ad:79:bf:db:d8:d6:ba:97:22:7c:31:4f:a3:82:
db:b5:9d:15:1e:86:e9:93:40:b0:97:b9:44:ad:f5:
03:44:2f:3f:eb:b0:0e:65:8c:6d:28:ec:0c:52:f1:
d6:b7:93:92:39:7c:21:64:76:8a:3d:62:0a:01:91:
a0:f5:da:94:7f:ce:e8:28:b7:bd:f2:5f:90:7b:d8:
cd:18:bb:1d:e8:3e:68:ec:5c:9c:bd:9b:74:c7:de:
ef:03:29:12:04:b9:1d:49:b9:5c:89:a9:6d:0c:f5:
06:e2:b3:20:da:84:bc:ec:17:8d:84:c5:ae:ee:c0:
54:76:31:e4:1b:07:ac:bd:28:9e:bd:22:3d:1e:8b:
9b:ea:41:2a:37:0b:d9:75:8f:e2:2a:53:20:2a:c3:
28:22:0c:dc:3f:99:35:30:e1:d3:0c:7f:be:88:02:
94:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:37:AC:2F:B6:FC:C4:38:84:31:B7:1C:AD:8C:70:C5:AB:94:08:DA
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mzesL7b8xDiEMbccrYxwxauUCNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0-194.143.218.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0/24
195.114.205.0/24
213.220.2.0/24
213.220.4.0/23
213.220.9.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:a5:a7:80:21:0c:d1:9c:f5:97:06:08:57:92:1d:91:b8:34:
59:99:eb:a9:f7:84:ff:4b:1e:e6:cd:50:a3:0b:e9:32:63:2e:
cb:91:ff:09:dd:2f:45:73:9e:23:36:7d:88:67:fd:1c:db:57:
aa:13:82:86:01:b4:7c:6b:50:16:3e:98:74:5e:e3:23:0b:76:
cf:d3:57:54:8a:ea:59:a3:3a:5f:e7:5d:ab:ec:a3:49:28:d8:
e3:89:45:a6:27:fa:cb:02:52:c7:8a:02:a3:97:b6:2b:e9:4d:
2c:22:48:6a:5d:ac:93:35:a1:11:95:9d:5d:de:bf:b9:ad:b0:
40:77:79:ca:04:d9:55:d5:51:7f:b7:a1:a4:09:12:d3:ea:a3:
5c:8d:8b:81:e2:56:4e:e3:91:25:c0:88:25:2f:1c:44:d6:8e:
91:67:45:4d:5a:31:01:0d:d1:a4:3e:e1:f7:de:8e:bb:25:2b:
9f:11:2a:85:be:68:37:fa:a8:26:86:52:22:d5:ee:9a:91:d5:
89:25:bf:9d:5c:c0:b3:d0:f3:13:3d:6e:6c:e9:f4:1b:e6:da:
54:b9:82:77:62:06:b4:6e:c4:48:d0:45:66:92:a5:2d:6e:39:
6d:06:80:25:4e:7f:d7:db:79:89:4f:48:37:58:b0:a8:8a:bd:
9f:5d:28:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZZ7YOdCulbhJfwRAumFTrFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDI4MDc1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM3YWMyZmI2ZmNjNDM4ODQzMWI3MWNhZDhjNzBjNWFiOTQwOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jvnt3ccPazTvEcYzh5tbUu/Q9o3
IHq3B8QDvS2hySrP0tjvyMqqOLEU4lCcEeGOshN5J6yav6jRsytP6Gd8f1W2mBNA
5MZ3ZkMR6sX4boJp8iv2nc7O1fRdrXm/29jWupcifDFPo4LbtZ0VHobpk0Cwl7lE
rfUDRC8/67AOZYxtKOwMUvHWt5OSOXwhZHaKPWIKAZGg9dqUf87oKLe98l+Qe9jN
GLsd6D5o7FycvZt0x97vAykSBLkdSblcialtDPUG4rMg2oS87BeNhMWu7sBUdjHk
GwesvSievSI9Houb6kEqNwvZdY/iKlMgKsMoIgzcP5k1MOHTDH++iAKUZQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJs3rC+2/MQ4hDG3HK2McMWrlAjaMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvbXplc0w3Yjh4RGlFTWJjY3JZeHd4YXVVQ05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAQtm/AD
BAAtm/IwDAMEAMKPzQMEBMKPwDAMAwQAwo/ZAwQAwo/aAwQAwo/dAwQAw3LAAwQA
w3LDAwQAw3LFAwQAw3LNAwQA1dwCAwQB1dwEAwQA1dwJAwQA1dwUAwQA1dw+MA0G
CSqGSIb3DQEBCwUAA4IBAQA+paeAIQzRnPWXBghXkh2RuDRZmeup94T/Sx7mzVCj
C+kyYy7Lkf8J3S9Fc54jNn2IZ/0c21eqE4KGAbR8a1AWPph0XuMjC3bP01dUiupZ
ozpf512r7KNJKNjjiUWmJ/rLAlLHigKjl7Yr6U0sIkhqXayTNaERlZ1d3r+5rbBA
d3nKBNlV1VF/t6GkCRLT6qNcjYuB4lZO45ElwIglLxxE1o6RZ0VNWjEBDdGkPuH3
3o67JSufESqFvmg3+qgmhlIi1e6akdWJJb+dXMCz0PMTPW5s6fQb5tpUuYJ3Yga0
bsRI0EVmkqUtbjltBoAlTn/X23mJT0g3WLCoir2fXSjm
-----END CERTIFICATE-----
Generated at Wed May 7 11:52:44 2025 by rpki-client