Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/gn2Q5ZIS0XvbjOpzA6GIOd8eXBg.roa
File: gn2Q5ZIS0XvbjOpzA6GIOd8eXBg.roa (raw, json)
Hash identifier: 2B/IkVU/UNaqLUoN/KS8slRULkmskWqBbxtWgHp0O14=
Subject key identifier: 82:7D:90:E5:92:12:D1:7B:DB:8C:EA:73:03:A1:88:39:DF:1E:5C:18
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 0197322C5DE125C477B0B628A94344FD8F40
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/gn2Q5ZIS0XvbjOpzA6GIOd8eXBg.roa
Signing time: Mon 02 Jun 2025 19:44:17 +0000
ROA not before: Mon 02 Jun 2025 19:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1828
IP address blocks: 45.15.192.0/22 maxlen: 22
45.15.192.0/24 maxlen: 24
45.15.193.0/24 maxlen: 24
45.15.194.0/24 maxlen: 24
45.15.195.0/24 maxlen: 24
45.133.80.0/22 maxlen: 22
45.133.80.0/24 maxlen: 24
45.133.81.0/24 maxlen: 24
45.133.82.0/24 maxlen: 24
95.172.66.0/23 maxlen: 23
185.92.120.0/24 maxlen: 24
185.92.121.0/24 maxlen: 24
185.92.122.0/24 maxlen: 24
185.92.123.0/24 maxlen: 24
185.175.12.0/24 maxlen: 24
185.175.13.0/24 maxlen: 24
2a05:f240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Jun 2025 19:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:32:2c:5d:e1:25:c4:77:b0:b6:28:a9:43:44:fd:8f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jun 2 19:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=827d90e59212d17bdb8cea7303a18839df1e5c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:e8:af:10:ec:6b:20:64:68:79:c9:db:e1:
24:c6:6f:54:37:7e:44:64:19:46:1f:c9:72:23:6e:
b6:34:01:43:97:ef:ad:e5:c3:68:44:f4:a3:c8:ae:
7c:34:46:54:fa:2e:ec:7d:07:20:12:e3:01:0d:00:
52:aa:25:b1:3d:ae:c8:26:be:47:47:4f:3e:fb:b0:
01:cb:5e:6b:40:82:6f:ae:c1:80:70:2d:ea:3b:bf:
aa:8c:76:de:88:90:0e:8a:4f:8d:b2:77:67:28:22:
10:24:1a:70:c9:ac:30:8f:e3:32:58:ef:f9:3b:73:
59:21:0d:29:a2:a3:43:a4:64:2f:09:b8:3e:87:90:
fd:d1:a8:64:97:e2:23:a3:30:cd:0a:46:b6:a2:11:
ee:e6:73:0d:f6:eb:9f:00:b4:34:58:df:78:1c:1a:
30:e1:2f:3a:d5:86:8c:c3:ba:0b:77:23:20:a2:8d:
16:90:5a:fb:ab:b3:24:77:65:12:1b:21:a8:8a:aa:
6e:4a:a4:aa:84:48:7d:cf:4a:47:3d:cb:21:71:ba:
68:95:2c:ee:8c:0f:bf:cd:ec:e2:c1:5c:46:f0:60:
aa:4a:3f:fb:bd:52:64:80:3f:17:8a:b1:33:cc:73:
c5:16:4c:06:9b:1d:e7:16:ba:85:d3:3e:7e:e5:a3:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7D:90:E5:92:12:D1:7B:DB:8C:EA:73:03:A1:88:39:DF:1E:5C:18
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/gn2Q5ZIS0XvbjOpzA6GIOd8eXBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.192.0/22
45.133.80.0/22
95.172.66.0/23
185.92.120.0/22
185.175.12.0/23
IPv6:
2a05:f240::/29
Signature Algorithm: sha256WithRSAEncryption
9a:79:95:a2:ff:c1:a8:9f:11:bf:c6:a1:27:b2:ee:e1:4d:ea:
c3:a1:be:be:e0:19:90:21:b6:35:bb:63:b4:1c:55:17:bd:04:
2f:37:02:21:1e:56:f6:79:8f:2e:9e:0a:93:5f:76:0d:a8:d3:
e9:0c:1d:5d:1b:eb:9b:ac:9a:97:91:4b:2a:ca:65:1a:29:46:
65:0d:40:85:52:e9:c7:62:d1:bc:44:1c:2b:e9:c8:fe:92:ec:
8d:30:d1:2a:bb:9f:59:14:23:ab:ab:29:e9:32:d1:7f:d7:ac:
83:d9:d1:9e:51:55:c0:4c:38:72:cd:11:3b:79:7b:d1:2b:4e:
6c:46:72:33:8e:1f:41:66:60:e4:26:5f:a6:91:a7:2b:dc:e7:
64:3b:8d:5f:48:43:39:0a:25:04:f0:99:e3:77:bb:9d:3e:62:
fa:ac:ea:31:08:02:9a:e3:c3:60:ea:3a:c6:0f:f3:2e:0f:fa:
ca:09:09:48:69:29:2d:1d:e0:f2:d5:ec:48:6c:d3:4e:25:8c:
91:43:17:2e:db:92:46:17:3f:94:eb:97:c0:5a:2e:d2:59:0a:
ed:b2:e9:b2:c2:90:df:be:fd:7f:42:43:93:c3:29:d8:6f:df:
0e:86:1d:f8:d7:df:91:0a:af:60:2c:b0:14:dd:61:16:04:5d:
34:53:9d:8b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZcyLF3hJcR3sLYoqUNE/Y9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwNjAyMTk0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdkOTBlNTkyMTJkMTdiZGI4Y2VhNzMwM2ExODgzOWRmMWU1YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS7orxDsayBkaHnJ2+Ekxm9UN35E
ZBlGH8lyI262NAFDl++t5cNoRPSjyK58NEZU+i7sfQcgEuMBDQBSqiWxPa7IJr5H
R08++7ABy15rQIJvrsGAcC3qO7+qjHbeiJAOik+NsndnKCIQJBpwyawwj+MyWO/5
O3NZIQ0poqNDpGQvCbg+h5D90ahkl+IjozDNCka2ohHu5nMN9uufALQ0WN94HBow
4S861YaMw7oLdyMgoo0WkFr7q7Mkd2USGyGoiqpuSqSqhEh9z0pHPcshcbpolSzu
jA+/zeziwVxG8GCqSj/7vVJkgD8XirEzzHPFFkwGmx3nFrqF0z5+5aOkKwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIJ9kOWSEtF724zqcwOhiDnfHlwYMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvZ24yUTVaSVMwWHZiak9wekE2R0lPZDhlWEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQ/AAwQC
LYVQAwQBX6xCAwQCuVx4AwQBua8MMA0EAgACMAcDBQMqBfJAMA0GCSqGSIb3DQEB
CwUAA4IBAQCaeZWi/8GonxG/xqEnsu7hTerDob6+4BmQIbY1u2O0HFUXvQQvNwIh
Hlb2eY8ungqTX3YNqNPpDB1dG+ubrJqXkUsqymUaKUZlDUCFUunHYtG8RBwr6cj+
kuyNMNEqu59ZFCOrqynpMtF/16yD2dGeUVXATDhyzRE7eXvRK05sRnIzjh9BZmDk
Jl+mkacr3OdkO41fSEM5CiUE8Jnjd7udPmL6rOoxCAKa48Ng6jrGD/MuD/rKCQlI
aSktHeDy1exIbNNOJYyRQxcu25JGFz+U65fAWi7SWQrtsumywpDfvv1/QkOTwynY
b98Ohh3419+RCq9gLLAU3WEWBF00U52L
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:55:28 2025 by rpki-client