Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/c0jpIqP1Q3sRS1w727ay-nIzqfw.roa
File: c0jpIqP1Q3sRS1w727ay-nIzqfw.roa (raw, json)
Hash identifier: RGIXUrr/0qT/+4KrNxBVyfK+FJT4a4FOFy2AgN1MaRc=
Subject key identifier: 73:48:E9:22:A3:F5:43:7B:11:4B:5C:3B:DB:B6:B2:FA:72:33:A9:FC
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01954E579E8F496434537E5A30ACEF351A7C
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/c0jpIqP1Q3sRS1w727ay-nIzqfw.roa
Signing time: Fri 28 Feb 2025 20:55:19 +0000
ROA not before: Fri 28 Feb 2025 20:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.188.0/22 maxlen: 24
45.65.114.0/24 maxlen: 24
45.154.156.0/22 maxlen: 24
185.83.200.0/22 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 18:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:57:9e:8f:49:64:34:53:7e:5a:30:ac:ef:35:1a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Feb 28 20:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7348e922a3f5437b114b5c3bdbb6b2fa7233a9fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2b:77:2f:13:45:f9:47:24:cd:9a:f4:d2:bc:
25:82:dd:25:9a:f5:91:11:35:88:09:88:3c:28:0d:
8e:7a:2a:ba:bb:84:5e:6f:3b:2c:89:ef:20:6b:43:
9f:c7:7f:e6:9f:ce:79:d7:63:cc:07:2a:de:30:28:
da:27:84:40:63:f7:85:bf:c0:0e:b2:c9:ed:41:76:
2a:ea:c5:a8:6a:8c:db:20:33:e9:a4:b6:59:16:0b:
17:d0:4b:7d:d7:44:e7:64:36:8a:1e:ca:f7:af:98:
1e:03:c0:48:e0:7d:16:b4:65:51:7c:d8:0f:81:3b:
65:e8:08:61:28:6e:6b:63:1e:06:69:57:8d:3f:09:
87:8a:63:51:a0:db:86:80:57:da:ec:a8:b9:2d:73:
bf:48:7e:05:88:71:8e:22:6d:90:57:d1:aa:b9:b7:
15:64:ba:4d:ed:e8:e9:65:f7:34:8a:37:d4:7d:ae:
8b:a7:53:5a:3b:59:ff:72:58:8a:51:ef:50:2d:73:
6d:04:cf:c9:33:5c:f8:f8:bd:f1:37:17:30:d1:75:
7b:75:f2:eb:cf:14:3a:47:86:3b:0d:a3:2e:f1:74:
62:dd:2f:0b:9b:f2:b4:30:14:34:55:6a:f9:33:6a:
a2:81:eb:33:d2:c2:f9:a4:fd:db:12:94:1e:c6:60:
14:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:48:E9:22:A3:F5:43:7B:11:4B:5C:3B:DB:B6:B2:FA:72:33:A9:FC
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/c0jpIqP1Q3sRS1w727ay-nIzqfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/22
45.65.114.0/24
45.154.156.0/22
185.83.200.0/22
188.209.131.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
03:da:09:d2:36:c1:b4:6e:28:14:25:d5:57:10:7c:d5:00:90:
47:81:9b:d1:f3:07:8b:e7:2f:86:dc:05:b1:16:cb:ca:b2:32:
2b:a2:65:85:f3:93:f9:b8:1b:04:cf:dd:e6:e0:f9:fb:56:56:
19:34:06:2b:d9:65:01:22:8f:66:d9:4f:50:c0:3a:b8:31:5b:
f2:9b:6b:8a:1f:5f:e3:2b:57:8d:82:43:98:4a:87:73:31:2d:
3e:db:f5:06:58:b9:95:ce:a5:6d:65:b0:0a:98:49:3e:4d:dd:
af:e9:db:09:7c:87:2e:36:d2:54:84:eb:da:81:fc:81:5c:62:
fb:ef:70:89:6c:b0:66:dc:0d:b9:5d:3c:6c:74:cd:fe:f1:00:
81:3e:33:17:ec:c9:a5:ad:c9:b3:aa:7e:aa:db:5d:15:a9:97:
85:2d:64:d5:60:e7:7b:4b:5d:f5:26:7c:2e:78:ab:d2:e8:bc:
16:87:60:42:1c:f4:55:26:73:0f:d0:b1:98:03:76:3a:5c:b3:
f7:15:a1:75:a0:0c:6b:63:8f:72:04:14:7d:e3:ca:44:de:df:
ff:15:c0:ed:b6:be:e6:f9:47:ba:8e:29:3c:7f:3f:69:af:bf:
d0:f1:05:e5:07:8b:f0:4c:1c:d4:52:22:3e:ac:93:0d:84:29:
69:b4:2c:91
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVOV56PSWQ0U35aMKzvNRp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMjI4MjA1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ4ZTkyMmEzZjU0MzdiMTE0YjVjM2JkYmI2YjJmYTcyMzNhOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyt3LxNF+UckzZr00rwlgt0lmvWR
ETWICYg8KA2Oeiq6u4Rebzssie8ga0Ofx3/mn85512PMByreMCjaJ4RAY/eFv8AO
ssntQXYq6sWoaozbIDPppLZZFgsX0Et910TnZDaKHsr3r5geA8BI4H0WtGVRfNgP
gTtl6AhhKG5rYx4GaVeNPwmHimNRoNuGgFfa7Ki5LXO/SH4FiHGOIm2QV9GqubcV
ZLpN7ejpZfc0ijfUfa6Lp1NaO1n/cliKUe9QLXNtBM/JM1z4+L3xNxcw0XV7dfLr
zxQ6R4Y7DaMu8XRi3S8Lm/K0MBQ0VWr5M2qigesz0sL5pP3bEpQexmAUUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHNI6SKj9UN7EUtcO9u2svpyM6n8MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvYzBqcElxUDFRM3NSUzF3NzI3YXktbkl6cWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQu8AwQA
LUFyAwQCLZqcAwQCuVPIAwQAvNGDAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQAD
2gnSNsG0bigUJdVXEHzVAJBHgZvR8weL5y+G3AWxFsvKsjIromWF85P5uBsEz93m
4Pn7VlYZNAYr2WUBIo9m2U9QwDq4MVvym2uKH1/jK1eNgkOYSodzMS0+2/UGWLmV
zqVtZbAKmEk+Td2v6dsJfIcuNtJUhOvagfyBXGL773CJbLBm3A25XTxsdM3+8QCB
PjMX7Mmlrcmzqn6q210VqZeFLWTVYOd7S131JnwueKvS6LwWh2BCHPRVJnMP0LGY
A3Y6XLP3FaF1oAxrY49yBBR948pE3t//FcDttr7m+Ue6jik8fz9pr7/Q8QXlB4vw
TBzUUiI+rJMNhClptCyR
-----END CERTIFICATE-----
Generated at Sun May 11 10:26:34 2025 by rpki-client