Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4jDFHatm3bW-Z35BNUP3gXEwrY0.roa
File: 4jDFHatm3bW-Z35BNUP3gXEwrY0.roa (raw, json)
Hash identifier: CTyUVgHWOnokepzwRFNIk9zIdHcokarqf8hYT6vic+8=
Subject key identifier: E2:30:C5:1D:AB:66:DD:B5:BE:67:7E:41:35:43:F7:81:71:30:AD:8D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196AA34D510F71F5790C7F8405DBE4B023F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4jDFHatm3bW-Z35BNUP3gXEwrY0.roa
Signing time: Wed 07 May 2025 10:05:11 +0000
ROA not before: Wed 07 May 2025 10:05:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 12:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:34:d5:10:f7:1f:57:90:c7:f8:40:5d:be:4b:02:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 7 10:05:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e230c51dab66ddb5be677e413543f7817130ad8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:a0:48:b4:c1:66:7a:33:b8:6d:d7:a6:28:
32:51:a3:16:93:af:ce:7a:aa:08:bf:97:14:0c:cb:
38:42:33:ee:48:8b:25:30:5d:a2:bc:d5:11:93:ba:
43:d8:e5:26:a9:04:16:2c:09:8f:ee:a5:da:b8:30:
1e:55:bd:0e:d9:29:e8:c8:5f:8f:0f:1d:f2:71:d4:
5d:12:e8:12:59:6d:5e:15:09:b9:4f:95:00:1f:fc:
3f:71:8e:cd:1f:5d:f8:6b:67:5d:8d:a8:44:a6:0f:
53:25:98:f3:b5:b3:8c:04:78:1b:78:56:a6:27:53:
1e:34:e0:02:97:ba:3d:a3:0d:c5:9d:7b:95:f7:73:
6e:46:1f:5c:40:7e:df:6b:71:8d:25:c6:06:71:21:
ef:dc:9e:eb:1b:a6:9a:3f:ec:f5:53:06:86:1c:56:
96:2f:e5:92:76:58:7e:2b:e5:71:f4:38:cc:c1:85:
ee:73:5f:08:82:48:d9:62:0d:9a:d9:7e:cd:32:92:
39:a2:c6:a7:8f:db:23:7c:96:f0:1e:dc:2a:ea:78:
5b:8a:4b:e7:f9:5f:91:b1:e3:7c:2a:72:e3:ec:61:
3f:69:9f:65:09:8e:46:a1:03:38:5c:40:2a:c9:94:
1f:05:ee:3d:fd:7c:db:cf:86:d7:ce:b4:01:25:a4:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:30:C5:1D:AB:66:DD:B5:BE:67:7E:41:35:43:F7:81:71:30:AD:8D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4jDFHatm3bW-Z35BNUP3gXEwrY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.78.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
193.8.112.0/23
193.58.146.0/23
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
29:1a:5a:e2:61:de:52:5c:3e:e0:4d:6b:22:f7:72:bb:1f:58:
8e:a4:22:df:1e:fe:84:4c:fc:4e:23:d7:00:02:01:a4:87:f2:
a2:54:c9:7c:40:08:91:c7:04:9e:04:f4:79:13:5e:ad:1f:18:
6b:4c:7e:28:08:03:33:63:3c:4d:bb:96:8d:ab:82:be:6f:dd:
ca:2b:ef:66:39:0f:cb:c8:f5:cc:c3:b7:2f:16:0f:7e:06:11:
93:85:74:e1:d9:27:25:12:1d:ad:7f:a5:a5:5f:c6:33:72:cd:
74:df:0b:57:a8:3b:1d:9d:de:c2:5b:ad:8d:81:e2:ed:30:e8:
24:4e:93:88:fa:90:39:f3:a7:a5:10:20:72:b0:b9:ac:45:90:
12:8f:6a:ac:cc:dc:6b:29:f6:6b:3b:49:bb:0e:f8:5a:10:88:
5d:62:d5:82:c5:aa:df:56:26:3d:9a:62:7c:a3:67:35:85:18:
73:87:a7:0d:c1:c3:7f:95:2a:02:f0:42:55:2a:26:fe:38:03:
01:45:fd:f0:87:59:28:b8:2c:5e:6d:1d:ea:d4:45:63:0e:c9:
f9:8b:87:24:c9:94:a6:5a:a4:56:55:21:b9:4e:31:18:29:5b:
7e:fd:09:3d:60:cc:7b:da:23:78:3d:bc:18:5c:43:52:d4:72:
6a:e2:10:1d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZaqNNUQ9x9XkMf4QF2+SwI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTA3MTAwNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjMwYzUxZGFiNjZkZGI1YmU2NzdlNDEzNTQzZjc4MTcxMzBhZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk2gSLTBZnozuG3XpigyUaMWk6/O
eqoIv5cUDMs4QjPuSIslMF2ivNURk7pD2OUmqQQWLAmP7qXauDAeVb0O2SnoyF+P
Dx3ycdRdEugSWW1eFQm5T5UAH/w/cY7NH134a2ddjahEpg9TJZjztbOMBHgbeFam
J1MeNOACl7o9ow3FnXuV93NuRh9cQH7fa3GNJcYGcSHv3J7rG6aaP+z1UwaGHFaW
L+WSdlh+K+Vx9DjMwYXuc18IgkjZYg2a2X7NMpI5osanj9sjfJbwHtwq6nhbikvn
+V+RseN8KnLj7GE/aZ9lCY5GoQM4XEAqyZQfBe49/Xzbz4bXzrQBJaTeOQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFOIwxR2rZt21vmd+QTVD94FxMK2NMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNGpERkhhdG0zYlctWjM1Qk5VUDNnWEV3clkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAt
WhEDBAC5flIDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC51mwDBAC52hQDBAC5
2mUDBAG53PoDBAG53hwDBAC5304DBAC535sDBAG54QADBAC54QMDBAC54mgDBAG5
45IDBAC55EsDBAC56M4DBAHBCHADBAHBOpIDBADCTKkDBADCTKwDBADCfEUwDQYJ
KoZIhvcNAQELBQADggEBACkaWuJh3lJcPuBNayL3crsfWI6kIt8e/oRM/E4j1wAC
AaSH8qJUyXxACJHHBJ4E9HkTXq0fGGtMfigIAzNjPE27lo2rgr5v3cor72Y5D8vI
9czDty8WD34GEZOFdOHZJyUSHa1/paVfxjNyzXTfC1eoOx2d3sJbrY2B4u0w6CRO
k4j6kDnzp6UQIHKwuaxFkBKPaqzM3Gsp9ms7SbsO+FoQiF1i1YLFqt9WJj2aYnyj
ZzWFGHOHpw3Bw3+VKgLwQlUqJv44AwFF/fCHWSi4LF5tHerURWMOyfmLhyTJlKZa
pFZVIblOMRgpW379CT1gzHvaI3g9vBhcQ1LUcmriEB0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:32:06 2025 by rpki-client