Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/Y4PU_O3kRs7kM2RAx5IOVIkCs48.roa
File: Y4PU_O3kRs7kM2RAx5IOVIkCs48.roa (raw, json)
Hash identifier: dOcjxJi2NUvz+osGu5HcaGITDMBOeHb4QszPW4PnCYQ=
Subject key identifier: 63:83:D4:FC:ED:E4:46:CE:E4:33:64:40:C7:92:0E:54:89:02:B3:8F
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 01958F01BB4A97131E26B1C176CC60F8CCA0
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/Y4PU_O3kRs7kM2RAx5IOVIkCs48.roa
Signing time: Thu 13 Mar 2025 10:16:49 +0000
ROA not before: Thu 13 Mar 2025 10:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206844
IP address blocks: 45.156.32.0/22 maxlen: 24
45.158.54.0/23 maxlen: 25
185.125.241.0/24 maxlen: 32
185.174.160.0/22 maxlen: 24
2a07:1280::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Mar 2025 10:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:01:bb:4a:97:13:1e:26:b1:c1:76:cc:60:f8:cc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Mar 13 10:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6383d4fcede446cee4336440c7920e548902b38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:83:f8:36:2f:16:40:b0:87:8f:f1:e6:23:
bc:4d:9e:8f:a2:e6:fa:77:d4:6b:7d:2f:72:72:dd:
41:ba:2b:80:55:ff:87:d4:67:92:78:cd:0f:43:68:
b4:d5:33:4c:d2:2f:27:89:73:05:a2:73:7a:62:b3:
2b:1d:67:a1:b8:ed:05:5f:1a:22:15:88:a5:1f:9d:
ab:0b:45:f4:ad:6d:5e:15:23:34:79:77:55:8d:90:
04:d0:59:f2:e3:e7:a0:36:66:50:10:3f:d7:74:20:
18:17:2e:0b:18:af:3c:e5:38:8e:38:29:07:6d:95:
2e:bc:7a:e4:0e:11:b6:f7:4c:52:2b:fc:57:48:9a:
b1:47:8c:4e:1d:46:80:ec:24:1d:17:c4:12:f8:8a:
bc:a4:6b:84:28:2d:fd:22:0e:ee:0f:f8:d1:68:4a:
46:b0:c9:73:b3:28:9c:8c:21:1c:27:ba:64:a3:e5:
13:ba:c4:e7:bc:31:b9:27:c5:7d:2f:0b:70:7a:19:
71:13:51:fb:3e:eb:5e:f1:da:f9:20:23:97:d0:a5:
15:c9:b1:0c:da:34:18:b8:cc:a1:d5:18:6d:59:4c:
43:d6:c4:d1:80:1c:f0:ed:43:76:90:23:8b:0f:11:
b0:76:66:b0:98:81:31:22:96:67:3b:95:d1:4a:db:
a1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:83:D4:FC:ED:E4:46:CE:E4:33:64:40:C7:92:0E:54:89:02:B3:8F
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/Y4PU_O3kRs7kM2RAx5IOVIkCs48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
45.158.54.0/23
185.125.241.0/24
185.174.160.0/22
IPv6:
2a07:1280::/32
Signature Algorithm: sha256WithRSAEncryption
7f:7d:ac:58:69:d5:ba:f3:8b:e5:e4:8b:c4:e4:62:1d:3a:ca:
ae:42:66:e8:16:95:a1:43:00:68:ca:06:a6:cc:8c:e8:12:8d:
73:bc:c1:b6:4f:e7:ae:12:3e:36:ee:0a:3b:0a:72:42:af:b1:
02:e0:65:ca:a2:24:dd:5e:9b:41:1b:b5:e6:1d:9e:c6:80:51:
3a:b0:cb:87:aa:c3:64:04:79:88:20:ab:8f:5d:b0:83:2e:82:
9d:b5:66:14:21:e6:27:12:04:0b:46:7f:ff:54:7f:63:03:7b:
ad:82:39:c0:93:07:f3:98:ad:8b:e5:5d:cd:d1:ee:94:c0:4d:
17:5c:31:44:94:9e:29:ef:09:bf:fc:c7:86:9e:c2:8f:91:c9:
db:28:9e:79:26:2e:1e:45:89:b1:91:eb:22:e6:d9:51:9e:63:
e6:59:1b:79:97:1e:36:72:b6:1a:1d:44:4f:18:6a:35:de:56:
10:f9:a5:81:2c:d7:c8:7c:b1:a1:cc:a7:74:52:28:30:7d:20:
76:aa:c3:de:2e:ae:f7:cf:c0:45:f8:83:b7:1e:5c:61:91:87:
ec:98:11:27:84:34:ce:59:5f:88:6f:85:70:4c:f1:38:41:f3:
5d:b7:3c:c6:a7:e1:31:4d:7c:20:e7:62:b8:6f:d7:f6:32:a1:
a7:c0:69:de
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZWPAbtKlxMeJrHBdsxg+MygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjUwMzEzMTAxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzgzZDRmY2VkZTQ0NmNlZTQzMzY0NDBjNzkyMGU1NDg5MDJiMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZGD+DYvFkCwh4/x5iO8TZ6Poub6
d9RrfS9yct1BuiuAVf+H1GeSeM0PQ2i01TNM0i8niXMFonN6YrMrHWehuO0FXxoi
FYilH52rC0X0rW1eFSM0eXdVjZAE0Fny4+egNmZQED/XdCAYFy4LGK885TiOOCkH
bZUuvHrkDhG290xSK/xXSJqxR4xOHUaA7CQdF8QS+Iq8pGuEKC39Ig7uD/jRaEpG
sMlzsyicjCEcJ7pko+UTusTnvDG5J8V9LwtwehlxE1H7Pute8dr5ICOX0KUVybEM
2jQYuMyh1RhtWUxD1sTRgBzw7UN2kCOLDxGwdmawmIExIpZnO5XRStuhNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGOD1Pzt5EbO5DNkQMeSDlSJArOPMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvWTRQVV9PM2tSczdrTTJSQXg1SU9WSWtDczQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZwgAwQB
LZ42AwQAuX3xAwQCua6gMA0EAgACMAcDBQAqBxKAMA0GCSqGSIb3DQEBCwUAA4IB
AQB/faxYadW684vl5IvE5GIdOsquQmboFpWhQwBoygamzIzoEo1zvMG2T+euEj42
7go7CnJCr7EC4GXKoiTdXptBG7XmHZ7GgFE6sMuHqsNkBHmIIKuPXbCDLoKdtWYU
IeYnEgQLRn//VH9jA3utgjnAkwfzmK2L5V3N0e6UwE0XXDFElJ4p7wm//MeGnsKP
kcnbKJ55Ji4eRYmxkesi5tlRnmPmWRt5lx42crYaHURPGGo13lYQ+aWBLNfIfLGh
zKd0UigwfSB2qsPeLq73z8BF+IO3HlxhkYfsmBEnhDTOWV+Ib4VwTPE4QfNdtzzG
p+ExTXwg52K4b9f2MqGnwGne
-----END CERTIFICATE-----
Generated at Sat May 10 07:00:35 2025 by rpki-client