Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/45MjEczypzcmpsuwD_kc820Gyu0.roa
File: 45MjEczypzcmpsuwD_kc820Gyu0.roa (raw, json)
Hash identifier: iXaKvHDgQ1ou7M727DT11UzA7lkIDNliM60JMDTKgXo=
Subject key identifier: E3:93:23:11:CC:F2:A7:37:26:A6:CB:B0:0F:F9:1C:F3:6D:06:CA:ED
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019695A39FA1926799F65DE44BC686946D91
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/45MjEczypzcmpsuwD_kc820Gyu0.roa
Signing time: Sat 03 May 2025 10:14:10 +0000
ROA not before: Sat 03 May 2025 10:14:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.8.196.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
45.9.5.0/24 maxlen: 24
85.208.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 18:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:a3:9f:a1:92:67:99:f6:5d:e4:4b:c6:86:94:6d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 3 10:14:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3932311ccf2a73726a6cbb00ff91cf36d06caed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7b:2d:7e:d0:c7:c9:db:3d:b7:af:a0:81:9c:
ec:a6:4e:92:0e:59:a8:bf:22:7e:3f:ec:ff:fd:0f:
ca:52:04:4a:9c:cc:6a:b3:11:49:a4:73:6e:03:3c:
57:cf:98:16:78:9b:ba:6d:8e:70:14:39:1f:4c:3b:
36:22:6d:60:ec:7e:b4:51:f7:e5:15:9a:5b:e1:ab:
d4:da:8a:cc:a5:bc:df:a7:0a:b9:74:a2:80:dc:eb:
b5:e4:09:1c:5c:00:4b:00:39:b1:c8:7f:4b:84:1a:
b1:dd:4b:78:73:8e:85:6f:16:2c:fd:e3:d9:ee:2e:
67:fd:62:36:20:59:42:ab:4e:91:8f:96:35:2d:fa:
1c:1f:24:38:c5:54:ac:9d:30:fd:30:12:93:04:2a:
40:53:ee:60:d3:80:7c:62:9e:0f:0e:cd:2b:12:43:
1c:86:45:df:c5:58:5f:f7:cd:c6:a5:3b:a5:a3:78:
64:1a:4b:a0:be:ac:a1:c5:76:c2:5d:0b:6b:12:69:
11:8e:30:c7:09:0e:a3:74:10:3e:5e:88:6c:9a:a4:
00:c5:ac:90:20:d8:cc:e8:0c:97:9d:77:30:e9:dc:
76:da:31:ae:41:f7:cb:16:c7:e4:f7:d0:30:50:d6:
24:59:9e:0c:d9:32:fa:69:5d:2c:14:53:95:1f:65:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:93:23:11:CC:F2:A7:37:26:A6:CB:B0:0F:F9:1C:F3:6D:06:CA:ED
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/45MjEczypzcmpsuwD_kc820Gyu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.196.0/24
45.8.205.0/24
45.9.5.0/24
85.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e3:a5:67:ad:39:ed:11:94:66:c2:e1:34:b4:71:6f:3e:f0:
a9:e4:15:0c:92:95:67:2f:37:75:f0:2f:76:4d:1e:86:5b:ce:
04:29:4c:a4:5f:c9:89:c4:43:df:57:f8:76:28:8b:3c:9a:55:
22:ec:31:d6:33:49:eb:8d:23:da:0c:02:df:5a:b2:3d:c2:87:
79:36:a6:6f:bf:95:5b:67:c3:dc:8a:29:b0:a8:36:d8:ef:b7:
a6:6f:e5:ef:87:04:11:70:b8:e4:65:ec:97:7a:5a:13:02:3a:
f5:df:e3:ad:c1:9b:e9:10:96:6b:f4:2c:bc:ed:7d:27:b9:b0:
09:c9:ea:9c:47:33:1c:e9:91:42:25:04:3e:37:49:83:71:12:
07:ce:75:5b:b1:51:60:e9:42:b0:ac:02:2b:14:da:3e:6d:e3:
f4:de:c7:c5:e8:b6:22:1a:00:0c:de:fd:48:32:c3:eb:76:be:
cd:cf:e1:9f:02:8c:3f:cb:12:6e:8a:85:90:bc:59:80:52:5b:
06:3a:76:46:df:7c:97:48:04:dc:dd:a6:79:fd:74:1d:30:c5:
ac:9f:08:db:06:60:4f:13:97:9b:db:7e:fa:cd:23:f3:76:68:
fa:eb:ab:4c:d6:93:b8:8c:2c:65:12:67:d0:d1:a4:a0:8f:80:
89:a4:18:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaVo5+hkmeZ9l3kS8aGlG2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNTAzMTAxNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkzMjMxMWNjZjJhNzM3MjZhNmNiYjAwZmY5MWNmMzZkMDZjYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HstftDHyds9t6+ggZzspk6SDlmo
vyJ+P+z//Q/KUgRKnMxqsxFJpHNuAzxXz5gWeJu6bY5wFDkfTDs2Im1g7H60Uffl
FZpb4avU2orMpbzfpwq5dKKA3Ou15AkcXABLADmxyH9LhBqx3Ut4c46FbxYs/ePZ
7i5n/WI2IFlCq06Rj5Y1LfocHyQ4xVSsnTD9MBKTBCpAU+5g04B8Yp4PDs0rEkMc
hkXfxVhf983GpTulo3hkGkugvqyhxXbCXQtrEmkRjjDHCQ6jdBA+XohsmqQAxayQ
INjM6AyXnXcw6dx22jGuQffLFsfk99AwUNYkWZ4M2TL6aV0sFFOVH2W6xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOOTIxHM8qc3JqbLsA/5HPNtBsrtMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNDVNakVjenlwemNtcHN1d0Rfa2M4MjBHeXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQjEAwQA
LQjNAwQALQkFAwQAVdBqMA0GCSqGSIb3DQEBCwUAA4IBAQCw46VnrTntEZRmwuE0
tHFvPvCp5BUMkpVnLzd18C92TR6GW84EKUykX8mJxEPfV/h2KIs8mlUi7DHWM0nr
jSPaDALfWrI9wod5NqZvv5VbZ8PciimwqDbY77emb+XvhwQRcLjkZeyXeloTAjr1
3+OtwZvpEJZr9Cy87X0nubAJyeqcRzMc6ZFCJQQ+N0mDcRIHznVbsVFg6UKwrAIr
FNo+beP03sfF6LYiGgAM3v1IMsPrdr7Nz+GfAow/yxJuioWQvFmAUlsGOnZG33yX
SATc3aZ5/XQdMMWsnwjbBmBPE5eb2376zSPzdmj666tM1pO4jCxlEmfQ0aSgj4CJ
pBgc
-----END CERTIFICATE-----
Generated at Wed May 14 07:08:11 2025 by rpki-client