Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/63107c-b560-4116-b478-b5c3d24efdcd/1/nVCEIgMVrRWxD3Lj-x9ZZ4M47EA.roa
File: nVCEIgMVrRWxD3Lj-x9ZZ4M47EA.roa (raw, json)
Hash identifier: lbiOCQjoU98UehWqI7PxxZra+HIPgKrrpKKhRdrLAKc=
Subject key identifier: 9D:50:84:22:03:15:AD:15:B1:0F:72:E3:FB:1F:59:67:83:38:EC:40
Certificate issuer: /CN=177921336911a5688d78e93ffe5e472113bb19be
Certificate serial: 018CFE69441F009BD57E4DB4EFCC82752FC0
Authority key identifier: 17:79:21:33:69:11:A5:68:8D:78:E9:3F:FE:5E:47:21:13:BB:19:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3khM2kRpWiNeOk__l5HIRO7Gb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/63107c-b560-4116-b478-b5c3d24efdcd/1/nVCEIgMVrRWxD3Lj-x9ZZ4M47EA.roa
Signing time: Fri 12 Jan 2024 16:02:40 +0000
ROA not before: Fri 12 Jan 2024 16:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205498
IP address blocks: 185.215.140.0/22 maxlen: 22
45.85.16.0/24 maxlen: 24
45.85.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 12 Jan 2024 16:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:69:44:1f:00:9b:d5:7e:4d:b4:ef:cc:82:75:2f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=177921336911a5688d78e93ffe5e472113bb19be
Validity
Not Before: Jan 12 16:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5084220315ad15b10f72e3fb1f59678338ec40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fd:fe:d8:66:d3:af:9d:a4:eb:78:ec:b7:a8:
2c:8e:4f:7b:f9:94:2d:61:79:ac:57:af:9f:8c:45:
78:88:9c:66:9b:d0:89:98:33:b4:8e:5c:07:b2:55:
8e:05:aa:77:68:d8:21:79:24:ed:fc:28:6b:7c:75:
56:b4:b4:20:e0:87:33:87:4c:4d:03:3e:62:77:65:
c2:a2:88:21:fd:b2:e1:31:5c:b0:33:3e:fa:bc:f2:
3b:2a:16:cb:79:32:f8:33:2c:a7:3b:70:3e:20:e3:
05:77:21:c3:ae:3e:87:6e:f3:95:01:2f:ce:b2:a3:
b0:62:f5:f9:c8:10:a8:16:46:f7:15:6f:9a:cf:06:
23:c5:ce:65:d3:91:8d:3a:a8:10:09:f2:8c:e7:89:
ca:82:40:b8:61:00:7b:35:1c:bf:83:7d:ed:80:7f:
c6:16:6d:70:62:32:e7:66:78:a7:d3:1f:b2:90:90:
3d:6d:94:14:5f:fb:a3:84:cd:fd:81:cd:a9:cc:a5:
86:31:25:06:14:47:47:20:b0:62:95:ec:18:13:38:
d6:66:d2:78:e8:ff:a6:84:42:e1:32:07:54:6c:3a:
22:ff:43:31:86:90:b3:8c:07:4e:7a:ef:6d:49:aa:
54:80:b0:26:9d:3e:e4:3f:dd:0f:4f:6a:74:4e:04:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:50:84:22:03:15:AD:15:B1:0F:72:E3:FB:1F:59:67:83:38:EC:40
X509v3 Authority Key Identifier:
keyid:17:79:21:33:69:11:A5:68:8D:78:E9:3F:FE:5E:47:21:13:BB:19:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3khM2kRpWiNeOk__l5HIRO7Gb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/63107c-b560-4116-b478-b5c3d24efdcd/1/nVCEIgMVrRWxD3Lj-x9ZZ4M47EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/63107c-b560-4116-b478-b5c3d24efdcd/1/F3khM2kRpWiNeOk__l5HIRO7Gb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.16.0/22
185.215.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:bc:96:5a:f4:09:1a:26:2e:99:25:c2:6b:e3:09:84:6c:80:
ce:56:c9:e0:7c:02:37:21:ad:86:c7:22:88:6e:b1:6f:c7:43:
06:3b:32:58:e8:f4:ed:3c:f3:85:73:30:a8:91:50:06:fe:62:
57:04:55:2b:0c:23:fe:ab:9d:f5:07:b3:2d:67:bf:b6:b1:f5:
33:4f:7b:6e:9a:5b:1d:c0:28:c4:3e:e1:b7:80:af:37:6a:a7:
b8:53:90:fa:75:32:22:1a:46:3f:9f:39:4d:4a:45:19:0d:6a:
db:15:8e:ec:3f:95:2c:a3:7e:3f:44:58:c6:50:fc:37:26:3b:
df:82:b4:3b:25:a4:39:37:88:98:29:b4:a1:1d:6d:28:bf:3f:
1a:e8:11:cc:ef:05:b3:bb:17:74:94:3f:65:0d:a6:b9:c9:32:
0a:0d:0f:5c:b4:de:77:7f:f4:6d:5e:34:f3:41:e9:b5:70:d8:
3d:9f:df:d6:78:d4:85:1e:6d:11:80:67:c8:0f:b7:40:f8:0e:
fc:28:46:f2:0e:41:c0:06:c3:15:4b:3a:5b:49:a1:fb:41:9f:
51:15:b3:13:60:19:b3:4d:b0:20:58:41:14:75:ae:96:f6:d9:
34:83:33:b2:1b:9b:08:98:2c:30:e8:e7:be:54:26:09:1c:03:
53:fb:80:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz+aUQfAJvVfk2078yCdS/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzkyMTMzNjkxMWE1Njg4ZDc4ZTkzZmZlNWU0NzIxMTNi
YjE5YmUwHhcNMjQwMTEyMTYwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUwODQyMjAzMTVhZDE1YjEwZjcyZTNmYjFmNTk2NzgzMzhlYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P3+2GbTr52k63jst6gsjk97+ZQt
YXmsV6+fjEV4iJxmm9CJmDO0jlwHslWOBap3aNgheSTt/ChrfHVWtLQg4Iczh0xN
Az5id2XCoogh/bLhMVywMz76vPI7KhbLeTL4MyynO3A+IOMFdyHDrj6HbvOVAS/O
sqOwYvX5yBCoFkb3FW+azwYjxc5l05GNOqgQCfKM54nKgkC4YQB7NRy/g33tgH/G
Fm1wYjLnZnin0x+ykJA9bZQUX/ujhM39gc2pzKWGMSUGFEdHILBilewYEzjWZtJ4
6P+mhELhMgdUbDoi/0MxhpCzjAdOeu9tSapUgLAmnT7kP90PT2p0TgRWIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ1QhCIDFa0VsQ9y4/sfWWeDOOxAMB8GA1UdIwQY
MBaAFBd5ITNpEaVojXjpP/5eRyETuxm+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNraE0ya1JwV2lOZU9rX19sNUhJUk83R2I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82MzEwN2MtYjU2MC00MTE2LWI0Nzgt
YjVjM2QyNGVmZGNkLzEvblZDRUlnTVZyUld4RDNMai14OVpaNE00N0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82MzEwN2MtYjU2MC00MTE2LWI0NzgtYjVjM2QyNGVmZGNk
LzEvRjNraE0ya1JwV2lOZU9rX19sNUhJUk83R2I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVUQAwQC
udeMMA0GCSqGSIb3DQEBCwUAA4IBAQCyvJZa9AkaJi6ZJcJr4wmEbIDOVsngfAI3
Ia2GxyKIbrFvx0MGOzJY6PTtPPOFczCokVAG/mJXBFUrDCP+q531B7MtZ7+2sfUz
T3tumlsdwCjEPuG3gK83aqe4U5D6dTIiGkY/nzlNSkUZDWrbFY7sP5Uso34/RFjG
UPw3JjvfgrQ7JaQ5N4iYKbShHW0ovz8a6BHM7wWzuxd0lD9lDaa5yTIKDQ9ctN53
f/RtXjTzQem1cNg9n9/WeNSFHm0RgGfID7dA+A78KEbyDkHABsMVSzpbSaH7QZ9R
FbMTYBmzTbAgWEEUda6W9tk0gzOyG5sImCww6Oe+VCYJHANT+4CD
-----END CERTIFICATE-----
Generated at Mon May 12 09:11:23 2025 by rpki-client