Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SsOPtj_idupMp8JryoDVq7t515w.roa
File: SsOPtj_idupMp8JryoDVq7t515w.roa (raw, json)
Hash identifier: pMFvWmR/XTNhzNdQDIIMt5tBAp04/PoKun5j6OoP3EI=
Subject key identifier: 4A:C3:8F:B6:3F:E2:76:EA:4C:A7:C2:6B:CA:80:D5:AB:BB:79:D7:9C
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01982241ABFE519574319623E0604922EA5C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SsOPtj_idupMp8JryoDVq7t515w.roa
Signing time: Sat 19 Jul 2025 10:36:25 +0000
ROA not before: Sat 19 Jul 2025 10:36:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.208.0/23 maxlen: 23
45.157.211.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 08:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:22:41:ab:fe:51:95:74:31:96:23:e0:60:49:22:ea:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 19 10:36:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ac38fb63fe276ea4ca7c26bca80d5abbb79d79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:60:97:08:4d:5a:a8:ca:f2:46:05:fa:75:7e:
4e:7f:ee:e6:9e:f5:20:7c:0d:9f:9c:18:5b:23:27:
e6:95:f5:e7:eb:01:a4:79:75:ae:09:28:cb:00:53:
bd:b8:88:23:2a:6e:17:d8:b8:e6:63:a2:72:c3:58:
2d:29:71:34:04:d5:a5:c8:43:a3:80:a4:30:ca:5f:
78:41:0e:32:1b:6b:c2:c0:59:a2:b9:a4:15:10:3b:
e8:fa:94:75:58:1d:a5:e8:89:74:26:d3:81:ea:07:
5a:7a:c5:83:44:19:58:de:b6:77:78:dc:12:bf:52:
90:41:da:e1:0e:1d:b1:b2:fa:03:75:18:4b:28:72:
14:3a:7a:cc:a8:7d:59:50:49:46:6b:8e:52:ce:9e:
94:ae:8b:e1:01:d2:36:22:30:e8:d1:a5:f6:2d:a9:
c7:b7:da:41:35:9b:f7:c9:47:7d:bc:a6:35:29:c8:
32:9b:66:58:bd:bf:b1:22:23:b3:32:c6:35:2f:0b:
a7:ec:5d:87:88:f0:a3:ae:14:e8:de:f8:71:37:0f:
43:1f:1d:55:44:cd:6f:02:3a:87:70:a9:81:60:a3:
4f:2a:35:2c:4d:53:de:3b:81:6c:77:3e:c7:b9:be:
aa:72:bd:87:85:34:c1:f9:39:39:02:28:0d:b5:6f:
a1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C3:8F:B6:3F:E2:76:EA:4C:A7:C2:6B:CA:80:D5:AB:BB:79:D7:9C
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SsOPtj_idupMp8JryoDVq7t515w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.208.0/23
45.157.211.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.221.25.0-185.221.26.255
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d2:01:4c:09:5c:d9:42:83:11:8d:96:e5:84:6e:10:38:ca:
96:80:6d:ee:3e:ba:b3:80:70:ac:1e:66:45:6a:a1:5b:6a:79:
49:b0:4a:10:83:d1:dd:73:bd:3d:be:33:6b:db:a6:0b:fd:7a:
4e:cc:9a:03:22:bd:2f:0a:30:a6:80:91:7b:80:e0:4f:8b:de:
61:d4:8c:2e:ef:bd:24:0c:dd:05:0a:89:01:89:19:76:ff:5a:
0f:b2:0d:ac:ef:f0:6b:a1:be:e1:b6:35:21:9a:82:73:0a:7b:
68:1e:c2:37:ed:da:cb:57:4a:bd:9e:1c:a2:56:df:ba:59:cd:
4c:4a:6f:e7:ca:46:97:08:8a:53:55:2b:59:d0:b7:c0:9e:c8:
c5:f7:c6:18:3b:be:c9:7c:90:c4:64:26:b9:c5:6f:e3:2c:d2:
2c:7b:da:f8:ac:3f:2b:22:a1:c6:ac:84:5c:74:71:03:0d:2b:
f3:f4:33:57:84:24:6c:48:c9:11:be:8a:9b:c8:93:89:cf:02:
e2:de:ac:23:14:65:66:79:31:73:f9:5f:56:53:f0:f3:3d:06:
41:7f:88:21:4f:eb:52:9d:85:8b:bc:b1:18:0b:33:61:a1:55:
1f:15:4d:35:fa:ae:a2:55:3a:cd:39:e3:30:92:da:f3:58:cf:
69:53:2b:84
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZgiQav+UZV0MZYj4GBJIupcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNzE5MTAzNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMzOGZiNjNmZTI3NmVhNGNhN2MyNmJjYTgwZDVhYmJiNzlkNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GCXCE1aqMryRgX6dX5Of+7mnvUg
fA2fnBhbIyfmlfXn6wGkeXWuCSjLAFO9uIgjKm4X2LjmY6Jyw1gtKXE0BNWlyEOj
gKQwyl94QQ4yG2vCwFmiuaQVEDvo+pR1WB2l6Il0JtOB6gdaesWDRBlY3rZ3eNwS
v1KQQdrhDh2xsvoDdRhLKHIUOnrMqH1ZUElGa45Szp6UrovhAdI2IjDo0aX2LanH
t9pBNZv3yUd9vKY1Kcgym2ZYvb+xIiOzMsY1Lwun7F2HiPCjrhTo3vhxNw9DHx1V
RM1vAjqHcKmBYKNPKjUsTVPeO4Fsdz7Hub6qcr2HhTTB+Tk5AigNtW+hTwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFErDj7Y/4nbqTKfCa8qA1au7edecMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvU3NPUHRqX2lkdXBNcDhKcnlvRFZxN3Q1MTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAAtm/0D
BAAtm/4DBAEtndADBAAtndMDBACwffsDBAC5x5cDBAC5x9UwDAMEALndGQMEALnd
GgMEALn6GjANBgkqhkiG9w0BAQsFAAOCAQEARNIBTAlc2UKDEY2W5YRuEDjKloBt
7j66s4BwrB5mRWqhW2p5SbBKEIPR3XO9Pb4za9umC/16TsyaAyK9LwowpoCRe4Dg
T4veYdSMLu+9JAzdBQqJAYkZdv9aD7INrO/wa6G+4bY1IZqCcwp7aB7CN+3ay1dK
vZ4colbfulnNTEpv58pGlwiKU1UrWdC3wJ7IxffGGDu+yXyQxGQmucVv4yzSLHva
+Kw/KyKhxqyEXHRxAw0r8/QzV4QkbEjJEb6Km8iTic8C4t6sIxRlZnkxc/lfVlPw
8z0GQX+IIU/rUp2Fi7yxGAszYaFVHxVNNfquolU6zTnjMJLa81jPaVMrhA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:38:36 2025 by rpki-client