Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/CFS0bclDNQUfuekSXQhmJtL62O8.roa
File: CFS0bclDNQUfuekSXQhmJtL62O8.roa (raw, json)
Hash identifier: It8lFrOVamIj18RrHRiLQVNoOCVAda9kJvkTYdyl2QM=
Subject key identifier: 08:54:B4:6D:C9:43:35:05:1F:B9:E9:12:5D:08:66:26:D2:FA:D8:EF
Certificate issuer: /CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Certificate serial: 019662A1B0B954514445D3B1BE035B860228
Authority key identifier: 8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/CFS0bclDNQUfuekSXQhmJtL62O8.roa
Signing time: Wed 23 Apr 2025 12:31:25 +0000
ROA not before: Wed 23 Apr 2025 12:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208327
IP address blocks: 45.145.92.0/22 maxlen: 24
2a0c:4d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Apr 2025 13:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:a1:b0:b9:54:51:44:45:d3:b1:be:03:5b:86:02:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Validity
Not Before: Apr 23 12:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0854b46dc94335051fb9e9125d086626d2fad8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f0:20:9e:31:e0:33:62:9e:a9:1e:74:74:d7:
59:3f:6f:43:1b:f7:8e:97:4c:eb:46:0f:71:fb:9a:
86:30:41:4e:36:42:de:7a:8c:3b:e2:68:e7:cb:10:
ad:04:e0:3a:22:26:6e:7c:68:d1:14:a8:3a:e8:b1:
08:f0:53:eb:15:0f:0e:39:43:0d:a4:19:b0:15:6a:
22:06:1e:a5:61:50:0d:a8:0c:dc:d6:c3:37:9f:23:
a2:63:28:58:e9:17:dc:98:09:27:b1:83:f2:d2:36:
4f:e3:69:0b:47:bc:53:1c:9a:9b:0c:56:57:b8:03:
4f:85:9e:db:28:f7:2b:19:14:e4:95:be:6e:34:95:
9e:0f:7f:a5:e8:16:fa:08:31:82:ae:8d:78:ed:65:
4c:aa:a1:13:c3:aa:26:83:5d:01:7a:4e:f3:76:a5:
3d:43:7f:70:7c:bf:b1:32:e2:73:a8:96:db:ec:31:
21:23:c9:7e:54:47:74:18:c9:54:f1:09:e7:4b:2c:
de:45:8e:70:5f:b1:5b:86:72:5a:f0:f3:98:59:ca:
c8:d4:bc:6f:cf:8b:5c:84:8b:9d:69:86:72:a7:17:
6a:2a:49:8a:1e:cf:6e:77:d0:b6:4f:19:50:c0:e7:
04:6a:9a:1e:b7:41:eb:4a:e8:3a:62:53:9c:9d:c7:
09:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:54:B4:6D:C9:43:35:05:1F:B9:E9:12:5D:08:66:26:D2:FA:D8:EF
X509v3 Authority Key Identifier:
keyid:8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/CFS0bclDNQUfuekSXQhmJtL62O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/jaYOkADHWnXWfjf-B7FOB7IsWIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.92.0/22
IPv6:
2a0c:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
9f:72:66:4c:9b:29:4d:d7:37:9f:4b:51:09:d0:f1:e9:96:3e:
8d:96:8e:04:b7:8e:18:c3:6c:57:f6:36:55:66:b7:b6:72:2e:
4b:d9:6c:23:00:b3:5f:9a:72:cf:e0:b9:ff:d1:50:c8:5f:b1:
63:5f:f9:54:47:90:59:55:7c:2d:ae:84:d6:21:3d:8e:27:95:
9a:06:f1:5f:2f:b9:e8:98:b2:f2:60:57:64:f9:cd:80:6b:e0:
96:0b:ec:74:f0:b9:d1:84:89:ae:e2:08:3e:be:41:df:2e:c9:
43:a3:49:0c:58:b4:e3:23:ab:07:24:9b:e9:99:aa:aa:fa:4c:
ba:00:ca:d8:59:27:78:17:a5:9a:45:f2:de:71:2c:b4:f5:e8:
73:9e:cc:88:c5:eb:5c:d5:df:d5:21:75:5a:e9:db:86:82:76:
a3:d3:81:ff:46:54:24:49:47:61:85:45:70:f1:f6:fc:4c:87:
43:12:5f:d5:49:79:7c:a3:eb:df:ac:77:0f:f6:b5:73:19:a3:
65:2d:6d:b5:da:f9:e7:f9:69:c3:e7:7d:30:3e:d8:83:48:06:
fb:e9:d4:91:5a:88:30:3d:bb:b4:8a:ac:5b:c5:70:1e:de:66:
9a:33:ae:b3:0d:34:46:1a:b0:76:f5:a7:3c:27:8e:9a:f1:d5:
36:46:d1:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZiobC5VFFERdOxvgNbhgIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTYwZTkwMDBjNzVhNzVkNjdlMzdmZTA3YjE0ZTA3YjIy
YzU4ODcwHhcNMjUwNDIzMTIzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU0YjQ2ZGM5NDMzNTA1MWZiOWU5MTI1ZDA4NjYyNmQyZmFkOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/AgnjHgM2KeqR50dNdZP29DG/eO
l0zrRg9x+5qGMEFONkLeeow74mjnyxCtBOA6IiZufGjRFKg66LEI8FPrFQ8OOUMN
pBmwFWoiBh6lYVANqAzc1sM3nyOiYyhY6RfcmAknsYPy0jZP42kLR7xTHJqbDFZX
uANPhZ7bKPcrGRTklb5uNJWeD3+l6Bb6CDGCro147WVMqqETw6omg10Bek7zdqU9
Q39wfL+xMuJzqJbb7DEhI8l+VEd0GMlU8QnnSyzeRY5wX7FbhnJa8POYWcrI1Lxv
z4tchIudaYZypxdqKkmKHs9ud9C2TxlQwOcEapoet0HrSug6YlOcnccJfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhUtG3JQzUFH7npEl0IZibS+tjvMB8GA1UdIwQY
MBaAFI2mDpAAx1p11n43/gexTgeyLFiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQt
YjViOGQwMjQ0OGI4LzEvQ0ZTMGJjbEROUVVmdWVrU1hRaG1KdEw2Mk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQtYjViOGQwMjQ0OGI4
LzEvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZFcMA0E
AgACMAcDBQMqDE2AMA0GCSqGSIb3DQEBCwUAA4IBAQCfcmZMmylN1zefS1EJ0PHp
lj6Nlo4Et44Yw2xX9jZVZre2ci5L2WwjALNfmnLP4Ln/0VDIX7FjX/lUR5BZVXwt
roTWIT2OJ5WaBvFfL7nomLLyYFdk+c2Aa+CWC+x08LnRhImu4gg+vkHfLslDo0kM
WLTjI6sHJJvpmaqq+ky6AMrYWSd4F6WaRfLecSy09ehznsyIxetc1d/VIXVa6duG
gnaj04H/RlQkSUdhhUVw8fb8TIdDEl/VSXl8o+vfrHcP9rVzGaNlLW212vnn+WnD
530wPtiDSAb76dSRWogwPbu0iqxbxXAe3maaM66zDTRGGrB29ac8J46a8dU2RtGU
-----END CERTIFICATE-----
Generated at Sat May 10 13:51:20 2025 by rpki-client