Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/T9AXM3C0PaBvc3QSlPfcKnYt8es.roa
File: T9AXM3C0PaBvc3QSlPfcKnYt8es.roa (raw, json)
Hash identifier: MSeDy7xRGSH7YTre9slnbH/oUOMbcpcSnc71kYRrlwY=
Subject key identifier: 4F:D0:17:33:70:B4:3D:A0:6F:73:74:12:94:F7:DC:2A:76:2D:F1:EB
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019503859D1C487B65DCAB478BB87AC8EBCA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/T9AXM3C0PaBvc3QSlPfcKnYt8es.roa
Signing time: Fri 14 Feb 2025 08:14:02 +0000
ROA not before: Fri 14 Feb 2025 08:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214114
IP address blocks: 45.144.173.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Feb 2025 10:14:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:85:9d:1c:48:7b:65:dc:ab:47:8b:b8:7a:c8:eb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 08:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd0173370b43da06f73741294f7dc2a762df1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c5:3a:42:12:d9:ab:36:f0:93:8d:30:c9:a2:
98:36:e9:c7:f8:73:14:b6:f3:b6:36:60:fd:90:a0:
77:7c:d6:23:e4:c6:47:ae:c4:c3:b3:a4:38:47:3d:
8e:2e:2d:54:07:25:5a:6a:34:eb:9c:e1:d5:59:cf:
eb:93:e1:00:ca:67:11:21:18:23:00:19:bf:33:60:
0c:72:08:24:60:65:9c:93:82:fd:a8:17:68:f8:a2:
00:db:c3:8f:8b:5a:17:c5:6e:80:ba:91:7d:ac:88:
fe:5c:d1:5d:b2:fe:c3:de:67:b3:fd:c0:dd:e9:fe:
66:8c:13:b6:06:74:78:b2:b7:69:05:8c:5b:e6:7f:
4e:f9:dd:77:27:62:84:05:3c:c1:2a:6a:33:35:d4:
3e:4c:c9:20:c9:10:d1:8b:b7:f4:3b:c2:27:6f:9d:
a2:27:31:72:ad:51:1e:d4:68:89:2a:45:a3:23:71:
97:52:33:8c:db:c6:e7:bd:0b:3f:74:cb:3b:0c:a2:
4f:8f:2a:10:a0:2b:7e:1d:8c:23:fb:b4:4a:57:0b:
ff:52:21:1b:63:7c:a5:1f:b5:2f:0b:e5:c5:8d:8f:
dd:e4:9d:96:a0:53:cf:38:60:e7:d9:a4:23:f3:cf:
32:0c:45:22:da:3b:e2:9f:19:3c:f4:7d:98:4d:5f:
b8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D0:17:33:70:B4:3D:A0:6F:73:74:12:94:F7:DC:2A:76:2D:F1:EB
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/T9AXM3C0PaBvc3QSlPfcKnYt8es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.173.0/24
188.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c1:30:db:90:ad:90:9d:55:bb:d4:74:1c:66:6a:4b:bf:6c:
60:ca:b2:e2:de:ef:f6:60:c0:36:94:33:a3:b8:95:3f:f3:1f:
b1:74:3e:e7:40:fd:c4:96:87:2a:59:e9:e6:5a:48:54:01:43:
f0:5d:2f:43:6c:5a:27:14:4b:e7:6d:fb:6e:e3:6d:4e:5e:ce:
ef:eb:5d:19:20:3a:8f:76:77:6d:f9:80:66:10:04:e2:52:d0:
d2:a9:f1:c1:71:81:75:4f:91:75:f4:ef:e7:af:5b:05:1e:23:
bc:43:af:8a:12:67:b5:49:8e:a0:a0:64:e6:f4:e7:b0:2d:13:
fc:9e:12:5d:96:90:4b:52:c8:67:67:c0:43:69:c0:cf:e6:a3:
28:7b:f0:fb:cc:4b:c7:ed:b1:88:16:f2:3f:dc:f7:e1:79:d9:
ab:a2:8f:36:3a:bb:e0:8a:98:43:3b:03:55:62:b1:80:1b:75:
94:a7:c1:a2:89:a5:ec:ef:2a:c0:0f:bc:fc:22:55:de:9a:ec:
cc:e5:96:24:ed:b4:55:ea:68:db:f1:e2:99:b7:f8:86:05:0b:
e9:1e:58:c2:3d:42:cc:10:fd:e7:59:e8:59:73:07:06:48:c5:
89:7c:bc:cc:7f:32:69:88:f7:fb:b5:7f:42:31:86:16:05:9b:
72:7c:15:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUDhZ0cSHtl3KtHi7h6yOvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjE0MDgxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQwMTczMzcwYjQzZGEwNmY3Mzc0MTI5NGY3ZGMyYTc2MmRmMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28U6QhLZqzbwk40wyaKYNunH+HMU
tvO2NmD9kKB3fNYj5MZHrsTDs6Q4Rz2OLi1UByVaajTrnOHVWc/rk+EAymcRIRgj
ABm/M2AMcggkYGWck4L9qBdo+KIA28OPi1oXxW6AupF9rIj+XNFdsv7D3mez/cDd
6f5mjBO2BnR4srdpBYxb5n9O+d13J2KEBTzBKmozNdQ+TMkgyRDRi7f0O8Inb52i
JzFyrVEe1GiJKkWjI3GXUjOM28bnvQs/dMs7DKJPjyoQoCt+HYwj+7RKVwv/UiEb
Y3ylH7UvC+XFjY/d5J2WoFPPOGDn2aQj888yDEUi2jvinxk89H2YTV+4twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE/QFzNwtD2gb3N0EpT33Cp2LfHrMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVDlBWE0zQzBQYUJ2YzNRU2xQZmNLbll0OGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZCtAwQA
vNBnMA0GCSqGSIb3DQEBCwUAA4IBAQAkwTDbkK2QnVW71HQcZmpLv2xgyrLi3u/2
YMA2lDOjuJU/8x+xdD7nQP3ElocqWenmWkhUAUPwXS9DbFonFEvnbftu421OXs7v
610ZIDqPdndt+YBmEATiUtDSqfHBcYF1T5F19O/nr1sFHiO8Q6+KEme1SY6goGTm
9OewLRP8nhJdlpBLUshnZ8BDacDP5qMoe/D7zEvH7bGIFvI/3Pfhedmroo82Orvg
iphDOwNVYrGAG3WUp8GiiaXs7yrAD7z8IlXemuzM5ZYk7bRV6mjb8eKZt/iGBQvp
HljCPULMEP3nWehZcwcGSMWJfLzMfzJpiPf7tX9CMYYWBZtyfBVy
-----END CERTIFICATE-----
Generated at Wed May 7 04:26:23 2025 by rpki-client