Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AS09MNl6Tx0DcuI9DjHHCD6vM6w.roa
File: AS09MNl6Tx0DcuI9DjHHCD6vM6w.roa (raw, json)
Hash identifier: KIeU3oyPcAGbSm5Ab6PMp7YjzUFLMYh/jtzUCBkv2K0=
Subject key identifier: 01:2D:3D:30:D9:7A:4F:1D:03:72:E2:3D:0E:31:C7:08:3E:AF:33:AC
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0194EF6A7C3FCAD34D29D1E9DF251AEA43E1
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AS09MNl6Tx0DcuI9DjHHCD6vM6w.roa
Signing time: Mon 10 Feb 2025 10:32:00 +0000
ROA not before: Mon 10 Feb 2025 10:32:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.209.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.58.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 07:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:6a:7c:3f:ca:d3:4d:29:d1:e9:df:25:1a:ea:43:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Feb 10 10:32:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=012d3d30d97a4f1d0372e23d0e31c7083eaf33ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:cf:a2:7a:ab:71:36:33:8e:a9:f0:c8:41:
0a:00:57:45:d4:41:08:b7:35:38:ac:24:5f:a2:da:
3c:aa:d2:68:ff:93:bb:48:ac:89:57:33:60:d9:3e:
95:78:ae:ad:7f:4a:3f:d7:41:57:82:b7:40:85:d1:
1b:52:41:8e:d4:a5:91:d5:ea:cf:62:2f:81:3e:41:
a4:8f:26:62:ae:7c:97:f3:a2:75:74:6b:b4:26:0f:
68:ce:08:66:8e:ce:17:e6:56:fd:7e:64:80:28:e4:
f6:78:ab:98:db:45:3a:2f:51:9f:3d:fb:3f:be:17:
f4:5f:90:a3:8f:b4:33:1b:d6:0f:6d:0a:07:bf:38:
bd:7d:89:4f:67:c9:ac:c3:3e:3a:da:0a:a1:33:9b:
c0:28:0a:79:44:ab:7c:39:40:5b:7e:37:26:27:03:
9f:c6:32:3e:be:c9:43:32:e0:69:06:6c:71:4e:f6:
b8:41:ef:42:28:a8:1a:41:9e:dd:15:a5:6a:a9:bb:
fa:7c:98:bb:e3:b7:8a:40:e2:8e:fb:79:60:b8:df:
19:0e:07:5c:af:a3:4f:cf:33:67:9d:51:7e:45:4b:
69:68:9f:19:19:05:05:dd:b0:8a:2e:1e:24:7d:7c:
31:56:38:94:2a:b0:3e:1c:78:f8:e2:a8:58:32:0e:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2D:3D:30:D9:7A:4F:1D:03:72:E2:3D:0E:31:C7:08:3E:AF:33:AC
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AS09MNl6Tx0DcuI9DjHHCD6vM6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0/24
194.143.209.0/24
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.197.0-195.114.198.255
213.220.3.0/24
213.220.19.0/24
213.220.58.0-213.220.60.255
Signature Algorithm: sha256WithRSAEncryption
7a:14:ff:99:56:c0:90:a0:36:43:c5:82:af:f0:dd:cb:c9:b4:
88:44:d2:1a:82:d6:62:0a:c7:12:45:f2:e1:65:b3:a5:73:9e:
b6:14:5d:55:7b:8d:2d:9f:6a:1b:f6:78:a0:bb:8d:d1:03:99:
ba:40:99:41:9a:17:e2:b5:71:1b:bf:6b:fe:79:9f:5c:e2:09:
5b:12:e2:39:43:48:67:63:32:e5:67:f6:53:f4:bf:23:84:71:
f4:bd:1e:99:2d:81:92:d9:d8:4a:60:84:3d:7d:6d:7a:e7:2f:
cc:ff:29:0d:32:be:0e:75:b9:98:e8:02:00:63:24:38:5e:2d:
71:b0:ac:3a:6d:f4:e9:a8:c2:8d:21:52:d3:ec:ff:dc:8e:35:
45:d0:8b:dc:29:b0:5b:1c:50:84:7a:c6:5f:1f:bd:c0:46:de:
9c:2c:a7:a5:c1:7a:97:dc:a2:59:b1:f6:2c:80:5f:53:7a:bd:
af:42:d5:e7:84:32:cb:19:80:87:ca:5a:66:fe:9a:64:77:3f:
78:3b:d9:f5:3b:cc:dc:b5:37:14:cb:ca:20:21:55:b8:d8:fb:
0a:47:0b:cb:4d:31:14:5e:fd:ed:5a:fa:7b:33:68:88:dd:ff:
3b:b6:2d:d7:f7:19:c5:32:73:33:4f:d4:c5:a6:fd:01:44:b5:
1a:ff:fe:8f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZTvanw/ytNNKdHp3yUa6kPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMjEwMTAzMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJkM2QzMGQ5N2E0ZjFkMDM3MmUyM2QwZTMxYzcwODNlYWYzM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7XPonqrcTYzjqnwyEEKAFdF1EEI
tzU4rCRfoto8qtJo/5O7SKyJVzNg2T6VeK6tf0o/10FXgrdAhdEbUkGO1KWR1erP
Yi+BPkGkjyZirnyX86J1dGu0Jg9ozghmjs4X5lb9fmSAKOT2eKuY20U6L1GfPfs/
vhf0X5Cjj7QzG9YPbQoHvzi9fYlPZ8mswz462gqhM5vAKAp5RKt8OUBbfjcmJwOf
xjI+vslDMuBpBmxxTva4Qe9CKKgaQZ7dFaVqqbv6fJi747eKQOKO+3lguN8ZDgdc
r6NPzzNnnVF+RUtpaJ8ZGQUF3bCKLh4kfXwxVjiUKrA+HHj44qhYMg4J1wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAEtPTDZek8dA3LiPQ4xxwg+rzOsMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvQVMwOU1ObDZUeDBEY3VJOURqSEhDRDZ2TTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQALZvwAwQA
LZvyAwQAwo/NAwQAwo/RAwQAwo/ZAwQAwo/dAwQAw3LAMAwDBADDcsUDBADDcsYD
BADV3AMDBADV3BMwDAMEAdXcOgMEANXcPDANBgkqhkiG9w0BAQsFAAOCAQEAehT/
mVbAkKA2Q8WCr/Ddy8m0iETSGoLWYgrHEkXy4WWzpXOethRdVXuNLZ9qG/Z4oLuN
0QOZukCZQZoX4rVxG79r/nmfXOIJWxLiOUNIZ2My5Wf2U/S/I4Rx9L0emS2BktnY
SmCEPX1teucvzP8pDTK+DnW5mOgCAGMkOF4tcbCsOm306ajCjSFS0+z/3I41RdCL
3CmwWxxQhHrGXx+9wEbenCynpcF6l9yiWbH2LIBfU3q9r0LV54QyyxmAh8paZv6a
ZHc/eDvZ9TvM3LU3FMvKICFVuNj7CkcLy00xFF797Vr6ezNoiN3/O7Yt1/cZxTJz
M0/Uxab9AUS1Gv/+jw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:00:02 2025 by rpki-client