Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/R4gHswoJqqa-MALuqFGyrW3TBTI.roa
File: R4gHswoJqqa-MALuqFGyrW3TBTI.roa (raw, json)
Hash identifier: hB6IrpSmzgfFymeuj1azJ5tXzxfyQtcB/ld/M0QkjBA=
Subject key identifier: 47:88:07:B3:0A:09:AA:A6:BE:30:02:EE:A8:51:B2:AD:6D:D3:05:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F3D98858D460FA20752CA9ECBD68AE1AE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/R4gHswoJqqa-MALuqFGyrW3TBTI.roa
Signing time: Fri 03 May 2024 08:35:56 +0000
ROA not before: Fri 03 May 2024 08:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.9.118.0/24 maxlen: 24
45.9.119.0/24 maxlen: 24
45.9.120.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 03 May 2024 08:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:98:85:8d:46:0f:a2:07:52:ca:9e:cb:d6:8a:e1:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 3 08:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=478807b30a09aaa6be3002eea851b2ad6dd30532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9e:86:a1:4a:c5:44:c1:46:c2:04:d5:1d:72:
dc:ab:15:82:e9:94:40:21:65:f5:9a:91:4b:17:ca:
02:0c:74:92:c0:a8:90:08:8f:0b:8e:1f:c8:4e:bc:
25:98:2b:f6:e1:79:9b:14:65:4e:17:ce:81:d2:b4:
6e:2e:db:bf:41:79:cc:ea:55:36:16:2f:4b:f8:16:
22:bf:95:87:b6:7e:22:07:6e:d1:84:36:ab:14:17:
0e:f1:78:c5:17:e9:a9:7c:cb:c1:3f:98:45:8b:ac:
f4:f2:b5:24:81:be:90:59:8c:af:91:1d:d6:c7:d5:
4a:f2:c0:ba:22:a4:1d:13:c3:95:6e:1b:b5:b4:ff:
58:95:54:b6:e1:9d:8c:4e:ec:f1:24:b4:f9:eb:11:
29:c1:1d:46:14:63:34:2d:c1:c4:f2:4d:40:98:4d:
07:98:bb:fe:f3:63:e6:da:1d:04:9d:3d:dd:eb:87:
59:83:ce:75:6b:8b:01:ba:65:3c:cc:f6:0b:23:b3:
f7:a7:a4:27:39:0e:71:7a:69:c5:88:a9:87:77:3f:
a4:9b:62:33:ac:46:b3:41:8b:d6:3e:2f:83:00:cb:
13:5b:c6:5b:2e:5d:96:e0:d9:6a:c3:8a:64:81:38:
2e:b4:69:55:97:1d:65:62:ac:09:78:33:00:90:f8:
bf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:88:07:B3:0A:09:AA:A6:BE:30:02:EE:A8:51:B2:AD:6D:D3:05:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/R4gHswoJqqa-MALuqFGyrW3TBTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.9.118.0-45.9.120.255
45.152.203.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
56:a9:16:79:1f:0a:1a:9f:4e:e0:89:b4:8e:29:e0:a6:e3:0a:
79:f2:97:33:47:6e:c7:c2:cb:d3:e9:e0:6f:4d:3c:91:95:ad:
5a:29:02:59:79:b8:28:8c:d9:6e:39:cd:66:9f:ff:d3:2d:97:
72:6d:3c:13:6a:39:06:59:f9:3b:fe:79:b7:47:29:71:f8:c7:
95:c9:3e:0e:30:a0:f3:b5:2e:96:73:c7:6a:a8:ea:f6:c4:d8:
62:f5:5d:ff:18:01:29:0a:cb:8c:31:d9:cb:58:de:59:b0:97:
41:ce:8c:b9:cf:51:d6:2e:cf:ce:78:36:9f:ee:53:11:30:b4:
4e:5b:19:bf:03:34:f5:6b:30:3b:2e:6a:06:78:4c:01:27:af:
e4:1c:25:02:4b:8b:89:cc:77:57:a6:da:5d:8a:b3:f0:5c:0b:
47:58:05:cd:c1:95:e7:44:23:47:5a:ab:c7:52:55:af:ae:d8:
da:c7:aa:43:06:f9:85:22:e8:3c:0f:09:0e:f2:09:f8:cb:5b:
d3:4d:b9:27:59:7f:fa:7d:56:1b:34:3c:e8:20:69:8e:96:c9:
33:a3:ab:2a:05:f8:2b:9e:ea:9d:ba:fb:eb:bf:5c:a5:15:b6:
4b:dc:04:a2:2e:eb:20:1c:8b:cf:69:02:96:28:ac:a6:dd:f8:
57:f0:ec:53
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY89mIWNRg+iB1LKnsvWiuGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTAzMDgzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzg4MDdiMzBhMDlhYWE2YmUzMDAyZWVhODUxYjJhZDZkZDMwNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop6GoUrFRMFGwgTVHXLcqxWC6ZRA
IWX1mpFLF8oCDHSSwKiQCI8Ljh/ITrwlmCv24XmbFGVOF86B0rRuLtu/QXnM6lU2
Fi9L+BYiv5WHtn4iB27RhDarFBcO8XjFF+mpfMvBP5hFi6z08rUkgb6QWYyvkR3W
x9VK8sC6IqQdE8OVbhu1tP9YlVS24Z2MTuzxJLT56xEpwR1GFGM0LcHE8k1AmE0H
mLv+82Pm2h0EnT3d64dZg851a4sBumU8zPYLI7P3p6QnOQ5xemnFiKmHdz+km2Iz
rEazQYvWPi+DAMsTW8ZbLl2W4Nlqw4pkgTgutGlVlx1lYqwJeDMAkPi/oQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEeIB7MKCaqmvjAC7qhRsq1t0wUyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUjRnSHN3b0pxcWEtTUFMdXFGR3lyVzNUQlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAAjhmAwQA
AjsXMAwDBAEtCXYDBAAtCXgDBAAtmMsDBADBJ/QwDQQCAAIwBwMFAyoPSgAwDQYJ
KoZIhvcNAQELBQADggEBAFapFnkfChqfTuCJtI4p4KbjCnnylzNHbsfCy9Pp4G9N
PJGVrVopAll5uCiM2W45zWaf/9Mtl3JtPBNqOQZZ+Tv+ebdHKXH4x5XJPg4woPO1
LpZzx2qo6vbE2GL1Xf8YASkKy4wx2ctY3lmwl0HOjLnPUdYuz854Np/uUxEwtE5b
Gb8DNPVrMDsuagZ4TAEnr+QcJQJLi4nMd1em2l2Ks/BcC0dYBc3BledEI0daq8dS
Va+u2NrHqkMG+YUi6DwPCQ7yCfjLW9NNuSdZf/p9Vhs0POggaY6WyTOjqyoF+Cue
6p26++u/XKUVtkvcBKIu6yAci89pApYorKbd+Ffw7FM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 16:53:26 2025 by rpki-client