Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DtAA23cNuJ7y19_ek2Lm2GoNNzc.roa
File: DtAA23cNuJ7y19_ek2Lm2GoNNzc.roa (raw, json)
Hash identifier: ipPp835g2AET9b2DCEigzO4cZ5ar7ldRfIBrt9qaIQo=
Subject key identifier: 0E:D0:00:DB:77:0D:B8:9E:F2:D7:DF:DE:93:62:E6:D8:6A:0D:37:37
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0197692B59CCFF197751E230C11CF93892DF
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DtAA23cNuJ7y19_ek2Lm2GoNNzc.roa
Signing time: Fri 13 Jun 2025 12:02:18 +0000
ROA not before: Fri 13 Jun 2025 12:02:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.154.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 16 Jun 2025 08:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:2b:59:cc:ff:19:77:51:e2:30:c1:1c:f9:38:92:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 13 12:02:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ed000db770db89ef2d7dfde9362e6d86a0d3737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e1:be:25:7a:18:18:cd:d6:86:99:4e:a3:dd:
ec:f9:6d:75:48:ce:6e:de:9d:43:69:47:4a:29:d0:
e5:f7:c5:7a:7b:87:a1:27:b5:36:71:50:7a:2c:c8:
3f:ef:0d:ba:28:62:6f:eb:f2:f9:fa:ce:d4:17:b1:
49:2b:1a:bb:e3:5b:32:12:a1:89:f0:3a:55:82:b3:
56:19:5d:be:25:aa:fb:89:99:92:84:ea:48:58:97:
f9:08:d1:43:21:2d:88:54:fe:d2:8a:cd:11:d4:03:
b5:21:7e:9f:b7:d8:1a:7a:a5:78:c4:a7:5f:9f:a3:
dc:5f:b8:e3:d4:1e:89:9d:28:57:95:ea:d0:b2:ba:
aa:53:d4:cf:ba:e1:60:47:32:54:18:88:24:e3:94:
4a:38:f1:0b:87:9c:73:df:08:0d:58:9b:49:52:a2:
39:6a:08:f3:64:07:78:4d:25:54:b3:1c:98:57:01:
5b:a5:b7:c7:da:85:66:bf:b2:b6:26:77:7e:a7:08:
8f:fd:d6:5b:7f:7f:88:c6:54:70:3c:a5:bc:62:43:
06:ca:6e:b4:c4:cf:a6:17:ca:90:37:7c:3d:1d:78:
8e:cd:73:28:51:5f:d6:0c:3f:1e:15:be:5c:8e:2e:
4c:58:01:ca:1e:f5:3c:19:79:02:72:19:96:01:43:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D0:00:DB:77:0D:B8:9E:F2:D7:DF:DE:93:62:E6:D8:6A:0D:37:37
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DtAA23cNuJ7y19_ek2Lm2GoNNzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0/24
77.242.148.0/24
77.242.151.0/24
77.242.154.0/24
83.137.157.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.219.0/24
88.209.247.0/24
92.52.208.0/21
92.52.218.0/24
178.248.200.0/21
193.138.125.0/24
194.41.47.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:2a:e0:fc:e2:51:34:96:2b:57:2d:21:9a:aa:db:7b:0a:e0:
7b:49:d7:3c:eb:4a:92:11:8e:13:a1:60:19:25:71:63:79:12:
05:61:dd:70:25:90:8e:04:59:61:e5:6d:c6:d2:d1:7f:d3:c5:
16:73:b6:36:48:87:7d:05:a8:0e:b1:0d:32:1e:20:cc:11:50:
6e:52:6b:ae:2c:cb:bb:4c:82:db:68:28:4a:f1:e8:e8:aa:ec:
c4:8a:4c:48:25:15:6a:42:e4:a9:9e:3c:ba:4b:c9:ac:ec:5b:
ac:23:46:4a:c2:39:be:1c:7c:7a:0f:a5:25:d3:de:5e:3e:d4:
51:21:1d:23:2a:3e:f7:30:1d:f2:e1:80:40:b2:96:51:d5:2f:
1e:4c:30:83:7f:3c:d2:98:59:81:6b:a1:42:bc:90:06:07:e8:
74:a3:be:29:13:04:e0:74:8e:e9:31:2e:91:f5:fb:df:3c:5a:
c5:26:75:cd:75:30:b3:61:3f:6a:b7:ae:ae:a5:6b:9b:dd:4d:
b2:88:54:d8:32:b3:92:c6:54:a3:dc:94:d3:0c:81:e6:13:23:
23:e1:87:d1:da:23:c6:a0:c3:b6:e7:25:7a:77:3c:34:3f:e7:
60:bf:2b:13:9b:0e:1d:a1:3f:2f:1d:49:4b:9b:c8:63:7e:bf:
3b:e5:e6:c0
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZdpK1nM/xl3UeIwwRz5OJLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjEzMTIwMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQwMDBkYjc3MGRiODllZjJkN2RmZGU5MzYyZTZkODZhMGQzNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8eG+JXoYGM3WhplOo93s+W11SM5u
3p1DaUdKKdDl98V6e4ehJ7U2cVB6LMg/7w26KGJv6/L5+s7UF7FJKxq741syEqGJ
8DpVgrNWGV2+Jar7iZmShOpIWJf5CNFDIS2IVP7Sis0R1AO1IX6ft9gaeqV4xKdf
n6PcX7jj1B6JnShXlerQsrqqU9TPuuFgRzJUGIgk45RKOPELh5xz3wgNWJtJUqI5
agjzZAd4TSVUsxyYVwFbpbfH2oVmv7K2Jnd+pwiP/dZbf3+IxlRwPKW8YkMGym60
xM+mF8qQN3w9HXiOzXMoUV/WDD8eFb5cji5MWAHKHvU8GXkCchmWAUNDNwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFA7QANt3Dbie8tff3pNi5thqDTc3MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRHRBQTIzY051Sjd5MTlfZWsyTG0yR29OTnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBhwQCAAEwgYAwDAME
AC0JqQMEAi0JqAMEAS0OCgMEAC1YXQMEAE3ykAMEAE3ylAMEAE3ylwMEAE3ymgME
AFOJnQMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEAFjR2wMEAFjR9wME
A1w00AMEAFw02gMEA7L4yAMEAMGKfQMEAMIpLzAbBAIAAjAVAwUDKgAfQAMFAyoF
9cADBQMqDPHAMA0GCSqGSIb3DQEBCwUAA4IBAQAdKuD84lE0litXLSGaqtt7CuB7
Sdc860qSEY4ToWAZJXFjeRIFYd1wJZCOBFlh5W3G0tF/08UWc7Y2SId9BagOsQ0y
HiDMEVBuUmuuLMu7TILbaChK8ejoquzEikxIJRVqQuSpnjy6S8ms7FusI0ZKwjm+
HHx6D6Ul095ePtRRIR0jKj73MB3y4YBAspZR1S8eTDCDfzzSmFmBa6FCvJAGB+h0
o74pEwTgdI7pMS6R9fvfPFrFJnXNdTCzYT9qt66upWub3U2yiFTYMrOSxlSj3JTT
DIHmEyMj4YfR2iPGoMO25yV6dzw0P+dgvysTmw4doT8vHUlLm8hjfr875ebA
-----END CERTIFICATE-----
Generated at Tue Jun 17 14:31:26 2025 by rpki-client