Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xCWZ6iW797rMWEjyUp-PvJKoilg.roa
File: xCWZ6iW797rMWEjyUp-PvJKoilg.roa (raw, json)
Hash identifier: 7gVcvipQ0JkBnsJledY1Qms+tBRg3B+UOG5TiXnKPdU=
Subject key identifier: C4:25:99:EA:25:BB:F7:BA:CC:58:48:F2:52:9F:8F:BC:92:A8:8A:58
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01960EDE92D78B8EB3363EE410EE5B1A8645
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xCWZ6iW797rMWEjyUp-PvJKoilg.roa
Signing time: Mon 07 Apr 2025 06:09:49 +0000
ROA not before: Mon 07 Apr 2025 06:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.58.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
213.220.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 06:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0e:de:92:d7:8b:8e:b3:36:3e:e4:10:ee:5b:1a:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 7 06:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c42599ea25bbf7bacc5848f2529f8fbc92a88a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:72:14:fb:8f:b9:10:ae:d9:32:25:ea:9f:93:
1a:98:78:ae:05:69:5a:f8:e4:4d:21:53:61:7c:17:
18:f9:10:f7:b5:ec:b0:f8:24:ae:95:1f:b8:02:75:
56:e1:20:bf:c5:01:97:74:9d:14:bc:a9:2e:94:fb:
8e:79:15:2d:8b:91:8b:fd:82:d0:2e:e7:81:82:07:
eb:93:be:b9:62:37:60:06:67:8f:47:35:83:82:59:
18:26:49:e1:23:f3:38:3f:98:10:09:48:d4:dd:31:
d5:f7:d5:d7:29:09:62:f1:db:95:7f:14:8c:38:09:
2f:99:74:87:7f:f9:d5:d9:97:c8:d4:0d:68:31:bb:
78:9d:ba:47:0a:7d:b4:ad:e3:a2:5d:82:03:ed:b0:
a9:f9:2d:d9:59:46:93:5f:ae:9a:28:44:09:0d:67:
4b:01:42:83:bf:42:05:96:47:8e:d9:51:63:b0:4c:
c9:60:5f:88:a3:48:66:7d:56:32:72:62:48:3b:85:
f7:a6:66:d8:be:0d:f8:c5:d4:86:fe:b4:aa:26:fc:
d4:97:a1:f1:66:bb:c5:3a:bc:ca:76:65:b7:fc:3c:
f5:bc:3c:4f:ce:0a:3d:3d:22:3a:9a:87:99:60:04:
cf:c4:72:6d:5d:db:34:2b:54:3d:00:77:e3:4b:1d:
f1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:25:99:EA:25:BB:F7:BA:CC:58:48:F2:52:9F:8F:BC:92:A8:8A:58
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/xCWZ6iW797rMWEjyUp-PvJKoilg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0-195.114.198.255
213.220.19.0/24
213.220.58.0-213.220.60.255
213.220.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:50:6f:c0:5d:36:ce:17:ea:51:ce:e9:a2:0b:d0:5e:1c:4e:
cd:38:5b:6d:60:60:e1:94:7a:f2:ba:3c:f5:23:90:27:5d:7c:
5e:bc:28:e3:8f:10:57:7d:ae:5b:19:69:25:63:48:35:33:cc:
6b:80:f9:9a:e5:f6:52:24:a3:a4:0e:fd:64:1b:41:2b:f0:a3:
9a:f6:ab:c4:d6:05:9e:2c:4b:5a:f7:9e:a7:a5:d8:0f:74:7b:
07:3a:0f:32:e3:34:f1:31:90:07:d2:c4:75:12:d2:49:26:14:
9e:d2:cf:32:18:ba:73:b5:b0:03:c0:b9:7c:f8:2d:5e:4c:85:
10:8f:d6:57:7a:61:ed:4c:55:ed:5d:03:e3:6a:50:48:5d:32:
54:46:75:b5:80:53:53:7b:c3:a7:10:5a:d6:34:53:3a:88:e4:
06:09:22:d5:bf:bf:e8:69:ba:6a:9d:7f:5a:1a:7a:3a:0e:ad:
20:50:c7:6a:81:85:4e:1f:7f:4e:fc:f5:d2:6b:20:ba:29:64:
e4:8b:0a:da:79:a5:2e:e5:9c:b4:91:3d:66:c4:9d:6f:cc:b3:
66:2f:79:bc:7c:83:42:b8:93:82:be:d5:a3:3d:6c:db:88:77:
74:ce:2c:23:44:c1:0d:44:df:b3:98:e8:f1:e3:13:27:16:b3:
6b:83:38:4c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZYO3pLXi46zNj7kEO5bGoZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDA3MDYwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI1OTllYTI1YmJmN2JhY2M1ODQ4ZjI1MjlmOGZiYzkyYTg4YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33IU+4+5EK7ZMiXqn5MamHiuBWla
+ORNIVNhfBcY+RD3teyw+CSulR+4AnVW4SC/xQGXdJ0UvKkulPuOeRUti5GL/YLQ
LueBggfrk765YjdgBmePRzWDglkYJknhI/M4P5gQCUjU3THV99XXKQli8duVfxSM
OAkvmXSHf/nV2ZfI1A1oMbt4nbpHCn20reOiXYID7bCp+S3ZWUaTX66aKEQJDWdL
AUKDv0IFlkeO2VFjsEzJYF+Io0hmfVYycmJIO4X3pmbYvg34xdSG/rSqJvzUl6Hx
ZrvFOrzKdmW3/Dz1vDxPzgo9PSI6moeZYATPxHJtXds0K1Q9AHfjSx3xxQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMQlmeolu/e6zFhI8lKfj7ySqIpYMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEveENXWjZpVzc5N3JNV0VqeVVwLVB2SktvaWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8ADBADCj9kDBADCj90DBADDcsADBADDcsMwDAMEAMNy
xQMEAMNyxgMEANXcEzAMAwQB1dw6AwQA1dw8AwQA1dw/MA0GCSqGSIb3DQEBCwUA
A4IBAQClUG/AXTbOF+pRzumiC9BeHE7NOFttYGDhlHryujz1I5AnXXxevCjjjxBX
fa5bGWklY0g1M8xrgPma5fZSJKOkDv1kG0Er8KOa9qvE1gWeLEta956npdgPdHsH
Og8y4zTxMZAH0sR1EtJJJhSe0s8yGLpztbADwLl8+C1eTIUQj9ZXemHtTFXtXQPj
alBIXTJURnW1gFNTe8OnEFrWNFM6iOQGCSLVv7/oabpqnX9aGno6Dq0gUMdqgYVO
H39O/PXSayC6KWTkiwraeaUu5Zy0kT1mxJ1vzLNmL3m8fINCuJOCvtWjPWzbiHd0
ziwjRMENRN+zmOjx4xMnFrNrgzhM
-----END CERTIFICATE-----
Generated at Mon Jun 16 17:08:40 2025 by rpki-client