Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/SnI5cDwLAS_wklp-Ut6LrAqH0jc.roa
File: SnI5cDwLAS_wklp-Ut6LrAqH0jc.roa (raw, json)
Hash identifier: eRslM8e99xL9zdvWsQABYOVany7GLcNO5LOSpqYwaLA=
Subject key identifier: 4A:72:39:70:3C:0B:01:2F:F0:92:5A:7E:52:DE:8B:AC:0A:87:D2:37
Certificate issuer: /CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Certificate serial: 01955B8297765DFF137895DA8818C7111277
Authority key identifier: 7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/SnI5cDwLAS_wklp-Ut6LrAqH0jc.roa
Signing time: Mon 03 Mar 2025 10:17:19 +0000
ROA not before: Mon 03 Mar 2025 10:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 394144
IP address blocks: 45.82.236.0/22 maxlen: 22
2a0e:7580::/29 maxlen: 48
2a0e:7581::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Mar 2025 01:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:82:97:76:5d:ff:13:78:95:da:88:18:c7:11:12:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Validity
Not Before: Mar 3 10:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a7239703c0b012ff0925a7e52de8bac0a87d237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:43:3b:73:66:de:7a:ab:46:17:b3:b2:f7:
65:90:78:b6:22:e0:34:31:17:b1:75:70:fc:1f:63:
a0:01:a4:df:58:7c:50:87:bc:45:f5:c3:ad:cc:07:
27:5e:53:27:87:96:76:f1:6d:dc:1c:9d:34:ec:df:
ba:d6:70:1d:5a:26:e3:7c:4f:0b:4b:16:91:57:e5:
a0:35:94:70:6f:7d:69:f0:0c:e2:c3:51:7b:92:da:
12:d1:ce:08:ee:6b:89:fa:56:ff:bf:e4:94:f2:79:
25:64:00:f2:58:d9:1f:33:07:0b:a9:15:89:a8:57:
db:13:ac:6f:68:c1:ae:f3:74:8b:76:66:90:ab:36:
96:4d:80:b7:54:ab:97:97:03:9c:75:33:1a:ac:12:
c0:70:cb:fb:be:dc:22:07:8a:8b:01:ce:1f:af:6f:
de:03:46:8c:07:15:29:01:33:cd:c7:b7:92:88:b6:
ad:61:bc:ed:06:dd:db:25:71:2b:fd:a7:c1:7e:cd:
f2:65:c5:32:b2:22:3c:3f:d6:2d:78:99:2a:7a:4f:
fc:5c:32:d1:ca:0f:25:2f:27:3f:7a:42:bd:b9:71:
23:e3:91:55:31:6e:fd:af:fc:0f:52:fc:3b:df:29:
e6:74:d9:a6:9c:24:4b:82:27:3f:02:5d:fe:4b:7e:
d9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:72:39:70:3C:0B:01:2F:F0:92:5A:7E:52:DE:8B:AC:0A:87:D2:37
X509v3 Authority Key Identifier:
keyid:7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/SnI5cDwLAS_wklp-Ut6LrAqH0jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/e6K-mEOLmO5ooNG4xBRFIL0KYj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.236.0/22
IPv6:
2a0e:7580::/29
Signature Algorithm: sha256WithRSAEncryption
66:46:90:c3:18:ff:08:e7:bc:ba:5e:17:d5:82:d0:13:84:4f:
b7:96:95:93:9b:4e:d9:c6:c1:b3:49:0b:28:91:b8:4c:ab:8e:
e8:f4:95:ea:3c:80:ec:85:0e:cb:f8:a4:fe:bc:e1:8d:b3:bc:
be:cb:8f:8f:9d:63:f0:1e:b4:f8:11:fa:10:61:e3:f8:41:ac:
d6:aa:2a:9e:0b:d3:7c:bf:19:e5:60:a9:de:ab:e1:5c:53:96:
e9:98:82:7e:a3:c4:6c:58:3e:31:4a:dd:3e:2e:c9:7f:bf:ac:
b6:57:09:37:46:b1:51:fc:2f:95:3a:b2:fd:41:a6:f4:2e:c0:
1e:a8:49:96:55:9e:69:6d:16:30:74:3d:f5:57:16:ca:14:8a:
af:d8:04:be:4c:2c:c6:4e:f0:71:2a:09:fd:25:65:fb:5c:13:
44:76:db:72:21:10:ce:a5:d3:c4:11:99:3c:28:2a:d7:b8:44:
10:4e:9f:77:1f:64:06:08:2b:2c:1f:3b:9b:06:9f:fe:90:f1:
64:e1:1d:c9:d7:bf:2f:f8:e2:24:b4:14:32:79:49:45:38:f9:
cd:52:be:48:90:0c:c2:72:6a:60:3a:bb:1e:fd:93:15:d0:71:
df:9e:62:b0:67:cb:00:0e:d7:ed:f1:2f:4b:58:27:f4:3c:27:
54:d8:a4:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVbgpd2Xf8TeJXaiBjHERJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTJiZTk4NDM4Yjk4ZWU2OGEwZDFiOGM0MTQ0NTIwYmQw
YTYyM2QwHhcNMjUwMzAzMTAxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcyMzk3MDNjMGIwMTJmZjA5MjVhN2U1MmRlOGJhYzBhODdkMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpFDO3Nm3nqrRhezsvdlkHi2IuA0
MRexdXD8H2OgAaTfWHxQh7xF9cOtzAcnXlMnh5Z28W3cHJ007N+61nAdWibjfE8L
SxaRV+WgNZRwb31p8Aziw1F7ktoS0c4I7muJ+lb/v+SU8nklZADyWNkfMwcLqRWJ
qFfbE6xvaMGu83SLdmaQqzaWTYC3VKuXlwOcdTMarBLAcMv7vtwiB4qLAc4fr2/e
A0aMBxUpATPNx7eSiLatYbztBt3bJXEr/afBfs3yZcUysiI8P9YteJkqek/8XDLR
yg8lLyc/ekK9uXEj45FVMW79r/wPUvw73ynmdNmmnCRLgic/Al3+S37Z4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEpyOXA8CwEv8JJaflLei6wKh9I3MB8GA1UdIwQY
MBaAFHuivphDi5juaKDRuMQURSC9CmI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYt
NDkzNWIzZjVjMjA5LzEvU25JNWNEd0xBU193a2xwLVV0NkxyQXFIMGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYtNDkzNWIzZjVjMjA5
LzEvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVLsMA0E
AgACMAcDBQMqDnWAMA0GCSqGSIb3DQEBCwUAA4IBAQBmRpDDGP8I57y6XhfVgtAT
hE+3lpWTm07ZxsGzSQsokbhMq47o9JXqPIDshQ7L+KT+vOGNs7y+y4+PnWPwHrT4
EfoQYeP4QazWqiqeC9N8vxnlYKneq+FcU5bpmIJ+o8RsWD4xSt0+Lsl/v6y2Vwk3
RrFR/C+VOrL9Qab0LsAeqEmWVZ5pbRYwdD31VxbKFIqv2AS+TCzGTvBxKgn9JWX7
XBNEdttyIRDOpdPEEZk8KCrXuEQQTp93H2QGCCssHzubBp/+kPFk4R3J178v+OIk
tBQyeUlFOPnNUr5IkAzCcmpgOrse/ZMV0HHfnmKwZ8sADtft8S9LWCf0PCdU2KRD
-----END CERTIFICATE-----
Generated at Sat May 10 23:10:44 2025 by rpki-client