Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hF9AKszfMZenJ-ytUUuXxgCe1Sc.roa
File: hF9AKszfMZenJ-ytUUuXxgCe1Sc.roa (raw, json)
Hash identifier: JVbiuifuc6gv+t4zyUhVO7Y+5ujs7Tb6yQwlZGyHbxw=
Subject key identifier: 84:5F:40:2A:CC:DF:31:97:A7:27:EC:AD:51:4B:97:C6:00:9E:D5:27
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019498432D3ABC0C4CE3D16FD52CBC8A2E1E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hF9AKszfMZenJ-ytUUuXxgCe1Sc.roa
Signing time: Fri 24 Jan 2025 12:22:06 +0000
ROA not before: Fri 24 Jan 2025 12:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.128.96.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 12:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:43:2d:3a:bc:0c:4c:e3:d1:6f:d5:2c:bc:8a:2e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 24 12:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=845f402accdf3197a727ecad514b97c6009ed527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c0:5f:06:f2:e4:83:bf:92:fd:72:20:e8:00:
1f:0b:81:2b:ea:f6:1c:eb:41:37:43:94:44:4d:16:
c3:b5:fd:54:ed:20:ea:a3:09:54:0e:22:cd:39:a8:
06:30:bc:73:d8:67:47:cc:64:1a:20:18:ce:6b:e5:
e5:5c:7b:3d:bf:4a:2c:e1:49:3c:7f:57:d7:ef:96:
74:0e:ac:b3:33:ea:5b:00:0d:ac:8d:ca:ff:70:94:
37:c5:3f:34:65:78:df:c4:e2:8e:2b:d6:65:e1:fb:
9a:18:51:21:ca:93:41:73:ae:59:a5:c6:c1:41:8b:
29:67:d6:cc:1a:01:d5:4d:bb:2a:e4:e4:40:e0:03:
03:5c:4e:47:77:8e:61:c1:8f:a0:cf:e1:59:95:eb:
ea:94:21:f4:a2:f7:5f:69:38:61:9e:7d:bb:bf:f5:
fe:8c:67:6f:91:26:af:ac:ae:14:32:df:5e:00:69:
f1:b7:d5:34:96:a3:3c:74:08:1c:96:9e:2f:67:f0:
5f:ee:df:21:93:f9:56:aa:39:9c:41:f1:e9:60:fe:
ad:d2:f4:58:9c:41:fb:75:95:a7:9a:2e:a7:e2:ad:
14:62:7c:7c:d9:25:24:99:6e:6b:ca:0b:40:89:7b:
83:11:4c:ca:b3:33:a3:fa:1d:3c:00:00:4b:e1:63:
dc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5F:40:2A:CC:DF:31:97:A7:27:EC:AD:51:4B:97:C6:00:9E:D5:27
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hF9AKszfMZenJ-ytUUuXxgCe1Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
87.120.33.0/24
87.121.38.0/24
87.121.58.0/24
94.103.127.0/24
94.156.2.0/24
94.156.79.0/24
94.156.113.0/24
141.98.4.0/24
Signature Algorithm: sha256WithRSAEncryption
79:14:03:2c:59:7f:a1:90:06:36:c0:5c:d7:a7:61:0e:03:b7:
32:8f:35:1f:5c:23:10:14:07:eb:3a:97:6a:52:62:a6:77:e0:
2c:af:da:59:65:b0:14:2d:ce:07:25:a2:52:b0:84:e1:32:cf:
4b:c7:ec:e7:19:08:5d:4d:35:a1:b2:2a:b8:e0:fe:6c:cc:45:
d8:3e:42:99:f8:89:d8:bb:2e:74:5e:08:df:68:cb:00:06:50:
be:03:a0:09:dd:55:e6:0e:8c:40:50:26:65:e7:21:11:d1:0d:
bd:bf:f4:d6:e3:82:f7:cd:e9:63:a6:ce:db:4f:4d:3c:44:77:
58:2e:1d:12:2a:38:6a:90:19:a9:6a:df:9b:31:7f:75:18:52:
ef:9f:b0:b7:df:af:91:3b:ba:9e:19:52:8a:a9:dd:23:97:ee:
02:82:0c:57:9a:25:76:b5:43:14:6d:f6:87:91:67:cb:be:2d:
34:0e:b6:9e:bb:be:3a:ab:a5:7d:2c:d3:f1:71:52:67:75:39:
ca:e1:a6:c9:1f:35:c8:28:5a:69:e1:75:6e:01:ce:a1:6c:21:
a0:17:83:a7:12:ad:2d:f9:02:84:c2:76:87:66:6e:d0:33:53:
cb:cb:4f:27:36:ab:90:68:9c:0b:ab:65:fa:bb:2f:e8:49:ef:
c3:d3:e1:30
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZSYQy06vAxM49Fv1Sy8ii4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTI0MTIyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDVmNDAyYWNjZGYzMTk3YTcyN2VjYWQ1MTRiOTdjNjAwOWVkNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcBfBvLkg7+S/XIg6AAfC4Er6vYc
60E3Q5RETRbDtf1U7SDqowlUDiLNOagGMLxz2GdHzGQaIBjOa+XlXHs9v0os4Uk8
f1fX75Z0DqyzM+pbAA2sjcr/cJQ3xT80ZXjfxOKOK9Zl4fuaGFEhypNBc65ZpcbB
QYspZ9bMGgHVTbsq5ORA4AMDXE5Hd45hwY+gz+FZlevqlCH0ovdfaThhnn27v/X+
jGdvkSavrK4UMt9eAGnxt9U0lqM8dAgclp4vZ/Bf7t8hk/lWqjmcQfHpYP6t0vRY
nEH7dZWnmi6n4q0UYnx82SUkmW5rygtAiXuDEUzKszOj+h08AABL4WPcVwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIRfQCrM3zGXpyfsrVFLl8YAntUnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaEY5QUtzemZNWmVuSi15dFVVdVh4Z0NlMVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALYBgAwQA
V3ghAwQAV3kmAwQAV3k6AwQAXmd/AwQAXpwCAwQAXpxPAwQAXpxxAwQAjWIEMA0G
CSqGSIb3DQEBCwUAA4IBAQB5FAMsWX+hkAY2wFzXp2EOA7cyjzUfXCMQFAfrOpdq
UmKmd+Asr9pZZbAULc4HJaJSsIThMs9Lx+znGQhdTTWhsiq44P5szEXYPkKZ+InY
uy50XgjfaMsABlC+A6AJ3VXmDoxAUCZl5yER0Q29v/TW44L3zeljps7bT008RHdY
Lh0SKjhqkBmpat+bMX91GFLvn7C336+RO7qeGVKKqd0jl+4CggxXmiV2tUMUbfaH
kWfLvi00Draeu746q6V9LNPxcVJndTnK4abJHzXIKFpp4XVuAc6hbCGgF4OnEq0t
+QKEwnaHZm7QM1PLy08nNquQaJwLq2X6uy/oSe/D0+Ew
-----END CERTIFICATE-----
Generated at Tue May 13 18:02:41 2025 by rpki-client