Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/X39HqSEmkJZpBTc8FOnPAPn_1So.roa
File: X39HqSEmkJZpBTc8FOnPAPn_1So.roa (raw, json)
Hash identifier: GZUzVNpOK2/CRnbKLUrSeXJTVj2csgoYdPM4y5dU/Kw=
Subject key identifier: 5F:7F:47:A9:21:26:90:96:69:05:37:3C:14:E9:CF:00:F9:FF:D5:2A
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019683131F4197AAC511085F8920645FEA2B
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/X39HqSEmkJZpBTc8FOnPAPn_1So.roa
Signing time: Tue 29 Apr 2025 19:43:10 +0000
ROA not before: Tue 29 Apr 2025 19:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 45.157.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 12:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:13:1f:41:97:aa:c5:11:08:5f:89:20:64:5f:ea:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Apr 29 19:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f7f47a9212690966905373c14e9cf00f9ffd52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0e:c3:be:78:ae:d3:eb:c9:77:a0:09:e5:a9:
0a:82:71:8f:d7:8e:eb:fb:f8:54:c8:3c:48:0e:fa:
6d:80:cc:ca:37:57:f6:d0:b0:44:c7:36:41:04:05:
18:7e:a0:5e:f1:01:63:89:37:d2:b5:48:50:95:7a:
61:d1:d9:d8:03:be:95:ba:a9:17:13:e6:c9:fd:8a:
54:ad:26:c3:0a:a4:2b:0d:54:31:e2:8b:8d:d9:74:
20:90:a1:89:f0:fc:bf:ed:0d:cc:e6:57:d6:9d:15:
b2:7d:f4:79:33:3e:7a:9d:6f:d2:53:55:15:b1:7d:
08:08:68:b8:9f:eb:72:e7:df:7b:7d:00:06:a4:40:
a3:92:30:3e:59:2b:f0:64:60:2f:2a:28:1f:a4:e9:
1f:5c:2d:38:bc:dd:3c:aa:1f:ec:af:5f:f8:da:c7:
a5:b3:51:b3:89:8f:70:7d:d9:01:0a:9b:76:60:c1:
bf:d6:71:8e:60:ac:c8:ec:84:4e:be:9e:ec:2e:cd:
fc:ea:99:6c:3f:0d:26:ec:22:b3:d8:43:67:14:19:
70:89:93:0d:6f:ab:53:93:6a:31:c7:cf:02:d5:a3:
20:3b:41:87:97:e3:78:31:6f:1a:83:db:e6:1c:76:
01:1d:49:fa:98:cc:1b:95:e1:45:64:04:c1:05:6d:
41:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7F:47:A9:21:26:90:96:69:05:37:3C:14:E9:CF:00:F9:FF:D5:2A
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/X39HqSEmkJZpBTc8FOnPAPn_1So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.158.0/23
Signature Algorithm: sha256WithRSAEncryption
05:18:32:db:09:92:31:00:d8:a4:9d:a1:81:6e:e9:e0:ef:8f:
75:34:37:4d:e4:ed:2b:b9:0c:c5:d9:ec:0d:33:72:84:b8:51:
c4:05:61:57:27:af:3b:2b:ab:e8:5d:e3:4a:55:a7:01:da:86:
39:e7:88:57:22:3a:00:c0:ad:62:6b:6d:f0:c4:de:e8:74:b1:
bd:32:f0:86:50:7d:95:63:88:80:bf:88:64:91:13:85:63:6f:
16:e8:74:d6:e3:fc:7e:03:f4:aa:b5:db:8d:28:dd:7e:d6:4b:
e6:ff:7e:fe:bf:ef:3a:f0:ab:2b:2c:ee:53:55:3e:a3:91:90:
e6:22:56:ef:38:19:d0:cf:38:52:9d:23:fa:9a:3b:01:43:6d:
d3:23:fa:b5:50:42:6c:09:b3:7c:d9:2d:b7:5c:53:61:d8:be:
62:f5:29:06:77:53:87:5d:fb:ab:a7:c8:f9:85:fa:c9:85:24:
ec:28:bc:da:2a:bc:9a:e2:9d:c2:eb:ea:d5:10:b0:8b:e0:8b:
1e:f3:3b:48:2f:e6:92:eb:84:fd:61:20:2d:45:ff:7f:61:de:
a9:ca:84:9f:7c:aa:b9:bb:91:4f:8a:09:c0:48:16:c1:97:e4:
f3:b3:a9:09:23:44:6a:e8:bc:4e:40:4a:b3:c6:10:d6:bf:81:
77:3e:84:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaDEx9Bl6rFEQhfiSBkX+orMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNDI5MTk0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdmNDdhOTIxMjY5MDk2NjkwNTM3M2MxNGU5Y2YwMGY5ZmZkNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw7Dvniu0+vJd6AJ5akKgnGP147r
+/hUyDxIDvptgMzKN1f20LBExzZBBAUYfqBe8QFjiTfStUhQlXph0dnYA76VuqkX
E+bJ/YpUrSbDCqQrDVQx4ouN2XQgkKGJ8Py/7Q3M5lfWnRWyffR5Mz56nW/SU1UV
sX0ICGi4n+ty5997fQAGpECjkjA+WSvwZGAvKigfpOkfXC04vN08qh/sr1/42sel
s1GziY9wfdkBCpt2YMG/1nGOYKzI7IROvp7sLs386plsPw0m7CKz2ENnFBlwiZMN
b6tTk2oxx88C1aMgO0GHl+N4MW8ag9vmHHYBHUn6mMwbleFFZATBBW1BdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9/R6khJpCWaQU3PBTpzwD5/9UqMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvWDM5SHFTRW1rSlpwQlRjOEZPblBBUG5fMVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ2eMA0G
CSqGSIb3DQEBCwUAA4IBAQAFGDLbCZIxANiknaGBbung7491NDdN5O0ruQzF2ewN
M3KEuFHEBWFXJ687K6voXeNKVacB2oY554hXIjoAwK1ia23wxN7odLG9MvCGUH2V
Y4iAv4hkkROFY28W6HTW4/x+A/SqtduNKN1+1kvm/37+v+868KsrLO5TVT6jkZDm
IlbvOBnQzzhSnSP6mjsBQ23TI/q1UEJsCbN82S23XFNh2L5i9SkGd1OHXfurp8j5
hfrJhSTsKLzaKrya4p3C6+rVELCL4Ise8ztIL+aS64T9YSAtRf9/Yd6pyoSffKq5
u5FPignASBbBl+Tzs6kJI0Rq6LxOQEqzxhDWv4F3PoS6
-----END CERTIFICATE-----
Generated at Fri May 9 01:21:28 2025 by rpki-client