Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RqpAIi6HUT7Pf-IubMV-2aCjwKM.roa
File: RqpAIi6HUT7Pf-IubMV-2aCjwKM.roa (raw, json)
Hash identifier: 2JwUZ0R7mh9wyDybbZwPH0LlpArAGyZnj5pkKyw66gg=
Subject key identifier: 46:AA:40:22:2E:87:51:3E:CF:7F:E2:2E:6C:C5:7E:D9:A0:A3:C0:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190833D1D2E75B5FF75BB0344120A1F9E3F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RqpAIi6HUT7Pf-IubMV-2aCjwKM.roa
Signing time: Fri 05 Jul 2024 14:12:18 +0000
ROA not before: Fri 05 Jul 2024 14:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 14:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:83:3d:1d:2e:75:b5:ff:75:bb:03:44:12:0a:1f:9e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 5 14:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46aa40222e87513ecf7fe22e6cc57ed9a0a3c0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:9d:f4:f1:76:72:b6:cf:e2:f9:31:8a:ab:
06:8c:32:ff:a3:bb:35:f1:de:71:2b:ef:15:19:f1:
f0:43:0c:38:19:6f:b8:2b:63:63:5e:4d:3d:d8:dd:
ba:a2:fe:b6:54:4e:cc:1a:a8:b3:47:96:79:16:44:
26:e2:db:fd:1d:d0:28:1b:62:42:e7:5f:9b:07:88:
95:93:86:03:07:8d:4e:4b:3d:ce:1c:b0:4c:fd:06:
9c:16:bf:05:12:73:2b:c1:14:44:91:22:9c:c9:83:
a1:d8:ae:aa:c7:8d:6e:20:36:05:f4:b2:81:55:33:
9a:8f:1a:0e:70:3b:29:62:3c:ae:ff:b1:2f:7a:7e:
36:7e:ea:72:ba:aa:eb:29:63:5b:7a:25:53:6d:0d:
d3:cb:98:45:b3:52:09:08:0a:a9:af:80:37:51:38:
66:27:2f:c0:cf:53:f9:16:c4:7c:4f:98:a4:8f:40:
e2:54:1c:a1:8f:1a:9d:2f:b6:58:e5:7a:1f:ab:c6:
6d:06:9b:c4:a4:5d:32:63:b8:05:ea:eb:bd:90:4e:
70:84:0a:49:ac:a4:2b:17:11:3b:52:4f:9c:b7:33:
0b:23:0d:52:f1:0a:18:d8:e2:94:5f:ef:32:ab:1b:
f7:96:17:ed:22:8f:0c:24:f2:9b:8c:8e:ed:f5:5d:
00:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AA:40:22:2E:87:51:3E:CF:7F:E2:2E:6C:C5:7E:D9:A0:A3:C0:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RqpAIi6HUT7Pf-IubMV-2aCjwKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.90.0/23
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
42:2b:cf:d5:b7:c0:8a:4d:37:c4:3c:cb:a2:23:6c:6b:d9:d4:
8a:6b:ce:cf:70:6e:70:a0:f6:95:ef:fa:15:17:11:2a:e3:a0:
e0:a5:af:59:7e:d3:c4:a7:aa:32:dd:ad:33:06:20:d5:67:d0:
6f:8c:57:24:05:ef:27:88:a1:1d:6a:34:ee:d2:df:9a:0c:71:
18:88:45:25:55:77:e7:0a:8c:ae:7e:75:27:d3:aa:9b:c0:ae:
aa:f4:01:5c:f4:1c:2f:26:91:ff:39:38:24:28:77:bf:da:e5:
ec:10:b8:85:ca:31:a7:ed:e1:1d:54:16:03:66:2e:03:f6:ab:
9a:d4:d4:91:88:54:10:33:0f:8d:f3:30:2c:fe:36:65:ce:78:
8f:8e:f9:ea:30:1d:fd:84:0e:66:87:ee:0d:aa:38:91:c5:05:
10:8c:87:76:7e:7d:9d:6b:e1:36:2c:6c:a1:6b:00:1b:ca:08:
f1:f9:d1:1c:19:ef:4f:29:fc:05:41:c7:b4:8e:56:6c:03:f8:
76:f7:74:18:e0:1c:4c:5e:f9:77:73:83:55:79:6d:9d:a2:61:
af:87:07:62:77:1b:3a:14:c7:fb:54:01:e1:e2:40:a0:97:e6:
43:2d:98:5f:ce:c2:d6:f2:35:54:21:3f:c9:f3:98:1b:8f:75:
d8:81:a6:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCDPR0udbX/dbsDRBIKH54/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA1MTQxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFhNDAyMjJlODc1MTNlY2Y3ZmUyMmU2Y2M1N2VkOWEwYTNjMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu52d9PF2crbP4vkxiqsGjDL/o7s1
8d5xK+8VGfHwQww4GW+4K2NjXk092N26ov62VE7MGqizR5Z5FkQm4tv9HdAoG2JC
51+bB4iVk4YDB41OSz3OHLBM/QacFr8FEnMrwRREkSKcyYOh2K6qx41uIDYF9LKB
VTOajxoOcDspYjyu/7Even42fupyuqrrKWNbeiVTbQ3Ty5hFs1IJCAqpr4A3UThm
Jy/Az1P5FsR8T5ikj0DiVByhjxqdL7ZY5Xofq8ZtBpvEpF0yY7gF6uu9kE5whApJ
rKQrFxE7Uk+ctzMLIw1S8QoY2OKUX+8yqxv3lhftIo8MJPKbjI7t9V0AWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEaqQCIuh1E+z3/iLmzFftmgo8CjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUnFwQUlpNkhVVDdQZi1JdWJNVi0yYUNqd0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZdaAwQA
ufbfMA0GCSqGSIb3DQEBCwUAA4IBAQBCK8/Vt8CKTTfEPMuiI2xr2dSKa87PcG5w
oPaV7/oVFxEq46Dgpa9ZftPEp6oy3a0zBiDVZ9BvjFckBe8niKEdajTu0t+aDHEY
iEUlVXfnCoyufnUn06qbwK6q9AFc9BwvJpH/OTgkKHe/2uXsELiFyjGn7eEdVBYD
Zi4D9qua1NSRiFQQMw+N8zAs/jZlzniPjvnqMB39hA5mh+4NqjiRxQUQjId2fn2d
a+E2LGyhawAbygjx+dEcGe9PKfwFQce0jlZsA/h293QY4BxMXvl3c4NVeW2domGv
hwdidxs6FMf7VAHh4kCgl+ZDLZhfzsLW8jVUIT/J85gbj3XYgaa8
-----END CERTIFICATE-----
Generated at Tue May 13 16:32:26 2025 by rpki-client