Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/f9kZXhaoOMkFvM0ia7gNyhzqUW4.roa
File: f9kZXhaoOMkFvM0ia7gNyhzqUW4.roa (raw, json)
Hash identifier: ZlCccBaHJDiyGutmwbR4QPyhKckER1cUqnRPPd5E2JE=
Subject key identifier: 7F:D9:19:5E:16:A8:38:C9:05:BC:CD:22:6B:B8:0D:CA:1C:EA:51:6E
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0195EBEEC9E0EE335420929FC38CB238CC56
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/f9kZXhaoOMkFvM0ia7gNyhzqUW4.roa
Signing time: Mon 31 Mar 2025 11:20:49 +0000
ROA not before: Mon 31 Mar 2025 11:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
93.88.20.0/24 maxlen: 24
93.88.21.0/24 maxlen: 24
185.152.61.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:ee:c9:e0:ee:33:54:20:92:9f:c3:8c:b2:38:cc:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 31 11:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fd9195e16a838c905bccd226bb80dca1cea516e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:93:5c:3b:35:4e:01:ec:6b:8c:52:57:93:fb:
ae:9f:3d:5c:47:c9:92:99:41:42:c4:bd:3b:59:80:
8b:eb:40:2e:90:24:f3:54:06:91:17:b3:a1:f0:cd:
d8:17:6a:71:21:43:7d:c8:17:b4:55:99:fb:4d:7f:
cd:ec:cb:e9:cf:f4:06:d6:4d:ba:8a:9d:c2:24:33:
8c:a0:b8:d1:47:e5:99:40:8b:3c:2d:f0:1e:8b:c6:
ae:80:97:ed:2a:0d:df:39:75:c1:e9:20:e8:d5:f8:
11:4f:82:0a:ff:bb:e6:04:5f:c2:71:d3:1d:fa:3c:
aa:a7:67:5d:0e:88:9c:4f:cb:7e:13:54:e6:bb:e8:
1c:52:41:54:72:0a:04:2c:a5:aa:31:74:b2:84:89:
91:65:0a:86:68:3e:2c:95:88:b0:41:69:77:3a:40:
d1:40:71:db:9f:0c:05:99:9d:9e:6b:79:94:68:1f:
47:10:c2:cf:91:f7:78:a8:f8:ad:97:ba:b2:93:24:
53:e7:5d:15:69:0b:e4:75:dc:ee:a0:0d:1f:12:37:
3c:b9:3e:b9:be:73:ed:c6:61:11:1a:3d:b0:6d:2c:
97:f9:55:60:31:f9:15:57:21:85:33:65:d6:04:10:
3a:91:05:e6:55:ef:02:c4:70:12:6b:66:25:4e:13:
7c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D9:19:5E:16:A8:38:C9:05:BC:CD:22:6B:B8:0D:CA:1C:EA:51:6E
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/f9kZXhaoOMkFvM0ia7gNyhzqUW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
93.88.20.0/23
185.152.61.0/24
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
72:e4:39:72:91:32:5b:98:d4:1c:c5:ef:3c:ac:0f:7d:b4:77:
db:8f:2e:1f:03:67:d0:eb:91:01:56:de:55:32:ac:f2:a8:53:
b7:e5:7a:a3:c7:0e:28:11:30:78:5c:f9:8a:14:2d:62:d3:f4:
cf:ab:73:e6:a7:de:60:71:eb:f7:fa:67:58:88:b0:70:2f:68:
fd:0f:91:cb:05:05:c1:32:e6:b1:c3:82:87:78:ff:80:7d:4e:
7b:94:2b:49:fc:e6:27:01:23:4f:54:1d:4f:13:0f:60:09:ff:
a0:d3:87:6f:5a:11:45:70:c0:02:40:d4:33:8a:be:f2:d3:72:
e3:bc:a4:2a:0c:57:6d:54:73:ac:ae:c5:9c:55:e3:f1:1a:aa:
12:27:88:13:3d:e2:66:24:e5:55:9f:79:1a:62:47:8a:d3:ac:
08:2b:c7:6d:32:77:ad:21:88:91:21:fb:e4:c3:2d:60:32:d4:
8b:f9:02:e0:04:1c:73:53:cf:f1:37:35:37:32:0c:c6:f5:ff:
a4:45:d1:8e:2b:ab:64:9c:01:91:f4:f6:80:c7:75:61:74:a6:
08:08:17:b4:21:fc:15:ad:91:ce:43:63:39:06:c7:8c:49:83:
94:9e:4c:bb:a9:67:2d:fd:67:00:2d:6a:16:64:8a:71:51:be:
63:02:d8:e6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXr7sng7jNUIJKfw4yyOMxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMzMxMTEyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ5MTk1ZTE2YTgzOGM5MDViY2NkMjI2YmI4MGRjYTFjZWE1MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pNcOzVOAexrjFJXk/uunz1cR8mS
mUFCxL07WYCL60AukCTzVAaRF7Oh8M3YF2pxIUN9yBe0VZn7TX/N7Mvpz/QG1k26
ip3CJDOMoLjRR+WZQIs8LfAei8augJftKg3fOXXB6SDo1fgRT4IK/7vmBF/CcdMd
+jyqp2ddDoicT8t+E1Tmu+gcUkFUcgoELKWqMXSyhImRZQqGaD4slYiwQWl3OkDR
QHHbnwwFmZ2ea3mUaB9HEMLPkfd4qPitl7qykyRT510VaQvkddzuoA0fEjc8uT65
vnPtxmERGj2wbSyX+VVgMfkVVyGFM2XWBBA6kQXmVe8CxHASa2YlThN8gQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH/ZGV4WqDjJBbzNImu4Dcoc6lFuMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvZjlrWlhoYW9PTWtGdk0waWE3Z055aHpxVVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ2rAwQB
XVgUAwQAuZg9AwQAub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBy
5DlykTJbmNQcxe88rA99tHfbjy4fA2fQ65EBVt5VMqzyqFO35Xqjxw4oETB4XPmK
FC1i0/TPq3Pmp95gcev3+mdYiLBwL2j9D5HLBQXBMuaxw4KHeP+AfU57lCtJ/OYn
ASNPVB1PEw9gCf+g04dvWhFFcMACQNQzir7y03LjvKQqDFdtVHOsrsWcVePxGqoS
J4gTPeJmJOVVn3kaYkeK06wIK8dtMnetIYiRIfvkwy1gMtSL+QLgBBxzU8/xNzU3
MgzG9f+kRdGOK6tknAGR9PaAx3VhdKYICBe0IfwVrZHOQ2M5BseMSYOUnky7qWct
/WcALWoWZIpxUb5jAtjm
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:40:38 2025 by rpki-client