Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/54dFoxM1OD-6UZ8RwHt1-54jO-g.roa
File: 54dFoxM1OD-6UZ8RwHt1-54jO-g.roa (raw, json)
Hash identifier: eSdew90PB/PNQqWjWAgjM761sotFyjgEdQ1AClA/lpM=
Subject key identifier: E7:87:45:A3:13:35:38:3F:BA:51:9F:11:C0:7B:75:FB:9E:23:3B:E8
Certificate issuer: /CN=9248f131b1e1207fb49082b0e0642fd1a63e1aa6
Certificate serial: 019688313CBBB5E90DD078B60355AAAD991C
Authority key identifier: 92:48:F1:31:B1:E1:20:7F:B4:90:82:B0:E0:64:2F:D1:A6:3E:1A:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkjxMbHhIH-0kIKw4GQv0aY-GqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/54dFoxM1OD-6UZ8RwHt1-54jO-g.roa
Signing time: Wed 30 Apr 2025 19:34:10 +0000
ROA not before: Wed 30 Apr 2025 19:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30286
IP address blocks: 185.32.240.0/23 maxlen: 24
185.32.241.0/24 maxlen: 24
185.32.242.0/23 maxlen: 24
185.32.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 19:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:31:3c:bb:b5:e9:0d:d0:78:b6:03:55:aa:ad:99:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9248f131b1e1207fb49082b0e0642fd1a63e1aa6
Validity
Not Before: Apr 30 19:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e78745a31335383fba519f11c07b75fb9e233be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:83:fb:28:5d:08:dd:65:c6:18:01:4a:86:55:
a3:12:d5:57:ef:60:b2:54:10:36:77:9c:43:7d:4f:
cb:a8:46:0c:0f:1c:e4:30:ac:65:b6:5e:30:48:8e:
16:97:81:6e:11:7f:31:48:04:0c:79:c7:d7:bf:34:
00:96:23:5e:06:b8:18:be:a2:71:5c:d7:36:a8:28:
97:15:50:57:d2:df:9d:96:e0:67:d5:59:a7:b2:dc:
ba:f8:89:f6:f7:ac:ed:e1:71:c3:75:78:d8:74:ce:
c1:34:04:c0:e0:7a:c1:1f:5d:4b:07:ec:57:4b:88:
cf:5d:29:13:b0:b5:f3:49:70:63:e7:e6:34:f3:02:
c8:37:fe:72:a3:e4:9c:24:aa:05:8d:5b:59:82:a6:
cf:68:72:76:f3:c8:49:57:c1:61:17:88:ba:ac:12:
a0:66:64:ad:5a:f1:aa:9e:63:1f:4d:c8:b4:62:37:
ff:e8:ce:ab:2c:ea:83:28:e1:6c:58:80:53:d4:3f:
db:c3:35:f1:9c:9b:7e:5b:b4:e3:35:9b:f5:0b:37:
79:cc:cb:a4:06:03:ed:69:ed:dd:a1:4f:fb:a4:64:
d3:0a:b0:10:84:7c:4a:d9:c9:e6:da:2f:ee:f4:f7:
3b:3f:e1:70:28:c4:86:bf:0d:0b:1a:8c:a5:d8:9c:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:87:45:A3:13:35:38:3F:BA:51:9F:11:C0:7B:75:FB:9E:23:3B:E8
X509v3 Authority Key Identifier:
keyid:92:48:F1:31:B1:E1:20:7F:B4:90:82:B0:E0:64:2F:D1:A6:3E:1A:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkjxMbHhIH-0kIKw4GQv0aY-GqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/54dFoxM1OD-6UZ8RwHt1-54jO-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/kkjxMbHhIH-0kIKw4GQv0aY-GqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.240.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:66:19:12:c2:ff:0b:89:8b:55:e6:24:f9:e3:b1:75:27:cd:
c7:c2:79:39:74:72:7f:07:1c:f4:be:8b:52:32:bd:96:98:94:
56:8f:ac:ab:80:e3:61:df:90:b5:a8:51:86:a4:39:77:71:6f:
70:4a:b5:6f:c3:b7:d8:f3:b4:c6:17:c4:e1:0a:17:08:52:6c:
57:03:07:83:46:f9:53:c6:23:9d:27:af:86:4c:83:ac:42:e1:
fd:a0:23:6f:ff:40:bb:13:5b:6c:56:4b:13:99:53:3b:e8:0a:
99:6e:ab:61:7e:65:08:e0:c6:95:a8:dc:7c:15:7f:a5:3c:ab:
02:46:9a:4a:ed:82:7f:93:6f:0c:6f:c7:45:f0:4e:f7:bf:9a:
d7:52:38:05:22:c1:04:62:e8:41:af:57:97:5e:cf:33:6f:d4:
59:9c:d8:1e:8c:80:71:15:60:e0:1f:8d:34:d9:93:dc:3f:b6:
21:ba:12:66:5c:a2:ad:32:13:94:46:65:3c:5f:bc:8f:33:7d:
bb:48:43:40:3f:b6:bb:6e:d6:11:40:da:e1:31:04:53:f8:c8:
89:a7:ad:8e:42:8e:3e:59:f6:5f:27:46:dd:f0:b6:ec:b2:ac:
66:1f:55:9a:a6:0b:73:e5:26:21:a5:58:b5:a5:77:af:fe:cd:
81:6b:39:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaIMTy7tekN0Hi2A1WqrZkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDhmMTMxYjFlMTIwN2ZiNDkwODJiMGUwNjQyZmQxYTYz
ZTFhYTYwHhcNMjUwNDMwMTkzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzg3NDVhMzEzMzUzODNmYmE1MTlmMTFjMDdiNzVmYjllMjMzYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIP7KF0I3WXGGAFKhlWjEtVX72Cy
VBA2d5xDfU/LqEYMDxzkMKxltl4wSI4Wl4FuEX8xSAQMecfXvzQAliNeBrgYvqJx
XNc2qCiXFVBX0t+dluBn1Vmnsty6+In296zt4XHDdXjYdM7BNATA4HrBH11LB+xX
S4jPXSkTsLXzSXBj5+Y08wLIN/5yo+ScJKoFjVtZgqbPaHJ288hJV8FhF4i6rBKg
ZmStWvGqnmMfTci0Yjf/6M6rLOqDKOFsWIBT1D/bwzXxnJt+W7TjNZv1Czd5zMuk
BgPtae3doU/7pGTTCrAQhHxK2cnm2i/u9Pc7P+FwKMSGvw0LGoyl2Jz9lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOeHRaMTNTg/ulGfEcB7dfueIzvoMB8GA1UdIwQY
MBaAFJJI8TGx4SB/tJCCsOBkL9GmPhqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tqeE1iSGhJSC0wa0lLdzRHUXYwYVktR3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83NzUzNWYtNDczYi00M2QzLWFmNDMt
ZTQ4MTc1MWQ2ODRmLzEvNTRkRm94TTFPRC02VVo4UndIdDEtNTRqTy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83NzUzNWYtNDczYi00M2QzLWFmNDMtZTQ4MTc1MWQ2ODRm
LzEva2tqeE1iSGhJSC0wa0lLdzRHUXYwYVktR3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSDwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvZhkSwv8LiYtV5iT547F1J83Hwnk5dHJ/Bxz0votS
Mr2WmJRWj6yrgONh35C1qFGGpDl3cW9wSrVvw7fY87TGF8ThChcIUmxXAweDRvlT
xiOdJ6+GTIOsQuH9oCNv/0C7E1tsVksTmVM76AqZbqthfmUI4MaVqNx8FX+lPKsC
RppK7YJ/k28Mb8dF8E73v5rXUjgFIsEEYuhBr1eXXs8zb9RZnNgejIBxFWDgH400
2ZPcP7YhuhJmXKKtMhOURmU8X7yPM327SENAP7a7btYRQNrhMQRT+MiJp62OQo4+
WfZfJ0bd8LbssqxmH1Wapgtz5SYhpVi1pXev/s2Bazk0
-----END CERTIFICATE-----
Generated at Wed May 14 00:45:17 2025 by rpki-client