Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEIDoOFT2U5GPpsXvC98mfkFdpM.roa
File: bEIDoOFT2U5GPpsXvC98mfkFdpM.roa (raw, json)
Hash identifier: lRh9m577pSlaIJBXroTEmv5wgdH6emUbAuPt5cEJxhM=
Subject key identifier: 6C:42:03:A0:E1:53:D9:4E:46:3E:9B:17:BC:2F:7C:99:F9:05:76:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0196667F24A64147E2EABCEBF0A4572EE6F7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEIDoOFT2U5GPpsXvC98mfkFdpM.roa
Signing time: Thu 24 Apr 2025 06:32:10 +0000
ROA not before: Thu 24 Apr 2025 06:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210558
IP address blocks: 45.80.158.0/24 maxlen: 24
45.92.1.0/24 maxlen: 24
185.241.208.0/24 maxlen: 24
192.159.99.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 17:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:7f:24:a6:41:47:e2:ea:bc:eb:f0:a4:57:2e:e6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 24 06:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c4203a0e153d94e463e9b17bc2f7c99f9057693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6a:5d:a5:3a:8b:00:d8:fd:9b:8b:85:89:97:
83:58:0f:15:3d:da:c6:fd:ff:12:8a:59:d2:b3:fb:
75:40:08:3c:1e:dc:c9:eb:e8:48:3d:27:36:53:c6:
e3:17:54:01:cf:3d:fa:37:0a:a8:ee:7e:97:de:30:
15:78:36:58:4c:88:97:d6:a5:a6:c8:26:05:d5:7d:
91:90:b2:26:bf:ba:9b:73:07:6a:66:66:5b:9a:6b:
6e:e8:b5:41:6f:da:75:3e:38:ab:b0:6b:6c:ff:29:
41:80:25:98:9a:48:87:3f:03:16:3c:1a:e8:79:b3:
b2:3a:76:a7:07:18:57:64:c8:c7:e9:19:7f:b2:8e:
76:5b:6c:0d:f3:cb:f7:9f:7b:dd:ca:88:c4:79:bf:
a1:70:b1:42:fb:a8:6d:e9:9c:c4:d3:15:79:b3:bd:
95:40:8e:92:a5:e2:67:19:60:8a:07:7e:51:81:8f:
35:d2:d4:37:cf:5b:6c:c6:bd:03:46:9e:65:ce:1b:
aa:52:a8:32:35:5a:02:d0:38:02:13:32:38:3e:cc:
20:f6:8c:9d:83:e6:20:c9:25:47:fb:f8:e6:85:30:
44:fa:f3:d2:d8:25:59:53:d8:11:81:72:2d:24:fc:
f5:e3:36:e9:1a:39:c2:d0:1d:8a:24:e1:a3:ba:37:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:42:03:A0:E1:53:D9:4E:46:3E:9B:17:BC:2F:7C:99:F9:05:76:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEIDoOFT2U5GPpsXvC98mfkFdpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.158.0/24
45.92.1.0/24
185.241.208.0/24
192.159.99.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
13:95:97:29:e7:d4:5a:6f:47:65:73:b2:9d:65:c3:22:c6:28:
b8:ea:69:83:69:bb:8a:f7:67:19:79:db:5f:bc:dd:dd:fe:46:
cf:b7:7e:81:96:31:c6:d7:47:55:af:d5:88:d3:e5:30:7c:c8:
0d:92:94:13:9c:9a:b2:1d:db:95:58:c9:58:dc:74:bf:a1:9c:
15:a2:ff:a8:a5:93:8b:ec:7a:34:d5:1f:47:42:5b:57:6d:0d:
fd:de:f2:ee:35:70:62:3c:90:a4:ac:7c:59:a1:6c:bb:7e:f3:
cc:ae:26:1a:36:4a:3b:ee:32:5a:ea:ae:53:f7:10:3e:67:f1:
d6:8e:c2:70:07:9b:95:3a:79:e4:73:da:69:ce:2f:2d:00:49:
56:7f:fb:c2:81:97:1d:29:9e:9b:97:12:48:42:dd:70:2b:06:
af:f4:c6:a1:40:b8:24:47:ec:fd:70:4f:e3:b8:ad:12:78:fc:
f6:ab:67:f2:82:18:99:d6:a4:e9:2e:a0:58:e7:22:a2:99:78:
c2:5e:6b:d9:db:66:25:1d:c7:bc:03:65:6f:c5:eb:a3:1a:72:
b3:fe:ef:f7:28:f6:b1:fa:35:09:2c:eb:8b:04:71:49:3b:19:
13:4e:d1:24:4a:03:a9:42:34:29:48:b2:ea:1e:b4:50:b5:fa:
b3:30:d2:c7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZmfySmQUfi6rzr8KRXLub3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwNDI0MDYzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQyMDNhMGUxNTNkOTRlNDYzZTliMTdiYzJmN2M5OWY5MDU3NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGpdpTqLANj9m4uFiZeDWA8VPdrG
/f8SilnSs/t1QAg8HtzJ6+hIPSc2U8bjF1QBzz36Nwqo7n6X3jAVeDZYTIiX1qWm
yCYF1X2RkLImv7qbcwdqZmZbmmtu6LVBb9p1PjirsGts/ylBgCWYmkiHPwMWPBro
ebOyOnanBxhXZMjH6Rl/so52W2wN88v3n3vdyojEeb+hcLFC+6ht6ZzE0xV5s72V
QI6SpeJnGWCKB35RgY810tQ3z1tsxr0DRp5lzhuqUqgyNVoC0DgCEzI4Pswg9oyd
g+YgySVH+/jmhTBE+vPS2CVZU9gRgXItJPz14zbpGjnC0B2KJOGjujeIDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGxCA6DhU9lORj6bF7wvfJn5BXaTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYkVJRG9PRlQyVTVHUHBzWHZDOThtZmtGZHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCeAwQA
LVwBAwQAufHQAwQAwJ9jAwQAy59aMA0GCSqGSIb3DQEBCwUAA4IBAQATlZcp59Ra
b0dlc7KdZcMixii46mmDabuK92cZedtfvN3d/kbPt36BljHG10dVr9WI0+UwfMgN
kpQTnJqyHduVWMlY3HS/oZwVov+opZOL7Ho01R9HQltXbQ393vLuNXBiPJCkrHxZ
oWy7fvPMriYaNko77jJa6q5T9xA+Z/HWjsJwB5uVOnnkc9ppzi8tAElWf/vCgZcd
KZ6blxJIQt1wKwav9MahQLgkR+z9cE/juK0SePz2q2fyghiZ1qTpLqBY5yKimXjC
XmvZ22YlHce8A2VvxeujGnKz/u/3KPax+jUJLOuLBHFJOxkTTtEkSgOpQjQpSLLq
HrRQtfqzMNLH
-----END CERTIFICATE-----
Generated at Tue May 13 23:17:34 2025 by rpki-client