Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gsvydcQVi62WZ8rOZpKmNNkaNo.roa
File: 1gsvydcQVi62WZ8rOZpKmNNkaNo.roa (raw, json)
Hash identifier: xtxLPxewEm+7GUVUd5Ke8N5BhfcZ7aQAWrcnd4kB8uM=
Subject key identifier: D6:0B:2F:C9:D7:10:56:2E:B6:59:9F:2B:39:9A:4A:98:D3:64:68:DA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01964544FA989399235346388002DFA69B52
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gsvydcQVi62WZ8rOZpKmNNkaNo.roa
Signing time: Thu 17 Apr 2025 19:41:10 +0000
ROA not before: Thu 17 Apr 2025 19:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.85.107.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.165.45.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/24 maxlen: 24
194.61.41.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 17:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:44:fa:98:93:99:23:53:46:38:80:02:df:a6:9b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 17 19:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d60b2fc9d710562eb6599f2b399a4a98d36468da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e1:a2:6b:ac:d1:68:b0:2c:78:0d:41:c5:cb:
e5:df:6a:5d:c3:bd:9c:d1:ac:fd:87:8a:92:74:20:
c9:7e:af:de:a9:d9:02:a8:44:2c:59:73:3b:df:c8:
54:42:64:a5:9c:6b:f7:d0:8f:63:7a:43:58:4f:7f:
e5:84:e7:72:e7:50:e2:09:44:0c:8e:6c:7b:2d:73:
fb:fc:2e:c3:b6:56:11:73:e0:02:c6:af:70:ca:d9:
aa:bf:b4:04:7f:95:6e:c2:90:e2:7e:59:b4:b6:c5:
5c:9f:3e:9d:f5:13:2c:47:87:fa:23:09:7b:5d:5e:
78:4d:d5:4b:d0:d3:a8:78:d1:58:8a:3a:6c:d5:74:
67:1d:57:31:19:c1:f9:ab:74:f7:ee:c2:90:2a:4f:
c8:76:cb:02:6d:51:59:78:d0:67:b5:e7:8a:53:5b:
c4:7f:d4:95:35:da:65:83:47:d3:70:4a:c2:70:05:
21:f7:20:54:69:87:41:c9:70:a5:36:02:6a:1b:08:
b7:e4:7b:0f:be:29:9f:5d:65:30:31:4b:69:cb:4f:
2e:40:46:1b:37:c0:c7:26:a6:b8:02:b7:dd:e3:e2:
b0:57:09:ac:47:47:88:b9:62:aa:e2:64:d0:ef:47:
42:62:56:d8:b6:1f:12:d0:6f:29:e5:41:73:d0:1e:
3f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0B:2F:C9:D7:10:56:2E:B6:59:9F:2B:39:9A:4A:98:D3:64:68:DA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gsvydcQVi62WZ8rOZpKmNNkaNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.85.107.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
185.245.7.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f3:bd:ed:05:66:b4:3e:8b:3d:c7:54:d2:7b:a3:a2:3e:0d:
9c:77:91:97:75:e6:3e:87:24:95:32:29:56:ce:3b:f8:9d:ae:
ec:9c:d5:19:d4:c5:f0:3a:38:1a:ec:42:e1:bb:0f:4d:7f:31:
de:52:1f:3e:29:96:70:79:4c:a3:9a:01:ab:62:b1:de:cf:9e:
23:c7:d3:d8:1d:46:36:e9:d5:d0:56:01:cf:2f:cf:99:f8:a9:
62:11:d5:68:6c:51:03:75:c4:3b:1c:c3:3b:3c:44:57:98:a8:
c9:75:ab:1e:07:29:d0:0c:8b:bc:c9:5e:b4:57:39:3f:3a:34:
9a:6e:cc:b1:03:b7:4c:e8:87:f5:57:55:52:b4:e5:62:31:80:
b0:90:89:83:18:94:0b:20:51:e8:9b:5f:14:5c:38:c7:a0:fd:
d3:bf:da:95:89:ab:d1:94:b2:64:41:4a:02:79:d0:2d:98:b6:
55:9f:fb:21:d8:c6:1c:59:04:04:94:9e:1c:f4:a7:5f:d8:5b:
36:99:e4:ed:fc:c0:97:75:bf:1e:9d:f0:f6:64:f2:7a:16:c7:
8d:6a:f6:a1:4c:85:98:ef:1d:7c:ae:c5:bc:77:05:42:4b:02:
13:16:19:66:9e:0d:bc:4f:df:91:e1:77:83:6e:c1:b8:f3:f5:
e9:37:88:0d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZZFRPqYk5kjU0Y4gALfpptSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwNDE3MTk0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBiMmZjOWQ3MTA1NjJlYjY1OTlmMmIzOTlhNGE5OGQzNjQ2OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeGia6zRaLAseA1Bxcvl32pdw72c
0az9h4qSdCDJfq/eqdkCqEQsWXM738hUQmSlnGv30I9jekNYT3/lhOdy51DiCUQM
jmx7LXP7/C7DtlYRc+ACxq9wytmqv7QEf5VuwpDiflm0tsVcnz6d9RMsR4f6Iwl7
XV54TdVL0NOoeNFYijps1XRnHVcxGcH5q3T37sKQKk/IdssCbVFZeNBnteeKU1vE
f9SVNdplg0fTcErCcAUh9yBUaYdByXClNgJqGwi35HsPvimfXWUwMUtpy08uQEYb
N8DHJqa4Arfd4+KwVwmsR0eIuWKq4mTQ70dCYlbYth8S0G8p5UFz0B4/qQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNYLL8nXEFYutlmfKzmaSpjTZGjaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMWdzdnlkY1FWaTYyV1o4ck9acEttTk5rYU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhGAwQA
LVVrAwQBLYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQAufUHAwQAvNXKAwQBwgVSAwQB
wj0oAwQAyxl8AwQAzEvlAwQA3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQBA873tBWa0
Pos9x1TSe6OiPg2cd5GXdeY+hySVMilWzjv4na7snNUZ1MXwOjga7ELhuw9NfzHe
Uh8+KZZweUyjmgGrYrHez54jx9PYHUY26dXQVgHPL8+Z+KliEdVobFEDdcQ7HMM7
PERXmKjJdaseBynQDIu8yV60Vzk/OjSabsyxA7dM6If1V1VStOViMYCwkImDGJQL
IFHom18UXDjHoP3Tv9qViavRlLJkQUoCedAtmLZVn/sh2MYcWQQElJ4c9Kdf2Fs2
meTt/MCXdb8enfD2ZPJ6FseNavahTIWY7x18rsW8dwVCSwITFhlmng28T9+R4XeD
bsG48/XpN4gN
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:24:49 2025 by rpki-client