Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/Skh45qt0mwLkLianAPiF0nGQdp0.roa
File: Skh45qt0mwLkLianAPiF0nGQdp0.roa (raw, json)
Hash identifier: j8lXmnRqMuu7jslnuJKjGuNSSaw2iP485xGI1Z2mLg8=
Subject key identifier: 4A:48:78:E6:AB:74:9B:02:E4:2E:26:A7:00:F8:85:D2:71:90:76:9D
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 0195B3A1A442A6BC62F47C5CE6FF8D36D0D5
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/Skh45qt0mwLkLianAPiF0nGQdp0.roa
Signing time: Thu 20 Mar 2025 12:57:49 +0000
ROA not before: Thu 20 Mar 2025 12:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.202.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.200.238.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Mar 2025 07:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:a1:a4:42:a6:bc:62:f4:7c:5c:e6:ff:8d:36:d0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Mar 20 12:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a4878e6ab749b02e42e26a700f885d27190769d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b3:18:7e:a7:b6:0c:f0:bd:ac:49:a9:9b:d1:
51:f8:aa:00:d1:7c:11:23:8e:0d:4c:45:50:ca:e7:
ed:15:cf:33:ba:d9:b0:e1:9d:40:e5:db:5d:c3:ee:
de:0d:03:17:c0:05:2c:5f:3c:59:c1:b3:96:28:c7:
c4:33:ba:cb:03:8c:4a:76:a1:56:95:19:e5:96:66:
d5:e2:f6:0c:33:3f:7e:e5:56:2b:05:14:3b:3d:0d:
0b:4e:2f:90:d1:fa:d9:0f:a8:90:bb:b8:f3:e2:d6:
ff:1f:6d:89:12:71:73:23:45:b4:41:0f:65:0d:64:
82:b4:8e:30:7e:65:94:0b:90:97:8f:52:fe:b6:67:
6e:fc:d5:bb:c3:32:d7:7b:1c:d9:f0:2a:9e:ec:04:
1c:61:d5:05:11:6b:e5:3b:0b:b5:0f:9f:dd:5b:8b:
ab:a9:5b:1d:81:ea:b5:06:5c:de:d7:d1:73:cc:4f:
07:58:51:ed:a6:55:fd:49:64:55:0e:5b:32:bd:9a:
d0:81:c8:5e:db:a3:80:f1:5a:ea:e4:0c:b5:a6:af:
49:bf:db:d5:b6:a4:4e:8e:3e:c3:37:d2:f3:27:44:
f2:4a:05:69:08:b4:12:2f:34:65:6b:0c:52:1a:dd:
8d:ed:4e:b9:6f:45:5a:5e:8a:31:f8:18:c3:38:ef:
76:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:48:78:E6:AB:74:9B:02:E4:2E:26:A7:00:F8:85:D2:71:90:76:9D
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/Skh45qt0mwLkLianAPiF0nGQdp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0-45.88.202.255
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.200.238.0/24
193.243.189.0/24
194.32.107.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
0a:01:73:47:0a:f9:a5:4e:72:a3:01:84:fd:c9:21:c1:f7:ce:
6d:4e:06:63:22:cd:58:6d:2b:16:7e:c0:15:4c:6c:38:32:c5:
c9:d5:51:86:44:9b:60:6b:4b:66:a3:96:aa:f9:eb:49:a4:0d:
70:d4:cf:a2:a7:8a:72:ee:b4:7d:e9:c6:a2:7f:57:19:81:b8:
d9:81:b7:fb:2a:dd:1b:90:34:f0:ad:3f:9e:42:b5:0c:c2:4f:
aa:95:c2:ae:d6:85:53:e4:df:0a:66:0d:33:62:2b:ea:97:29:
4b:52:be:14:48:48:90:07:83:5d:2f:aa:7c:9c:fd:90:57:3a:
d7:45:5b:33:7e:10:2d:bd:fd:64:32:e6:cb:33:e5:4d:ae:26:
9f:d7:7f:f3:da:86:5d:50:7e:44:27:79:49:dd:f6:c0:28:b9:
b5:5e:46:64:76:40:ee:8e:a3:f3:7d:5a:07:6b:e3:7f:32:77:
0f:2c:dd:41:9b:79:44:b0:4e:36:25:3f:0e:83:2a:5b:d7:72:
d0:67:7c:9c:5f:29:e9:8b:2f:05:58:42:59:13:d8:0b:8d:f6:
19:9a:fb:5f:b3:1c:87:2b:27:47:6c:73:6a:09:54:f4:d2:46:
d2:35:99:77:c3:c2:33:a6:f3:38:15:72:e5:49:b3:68:44:5c:
02:6a:c4:9a
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZWzoaRCprxi9Hxc5v+NNtDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjUwMzIwMTI1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQ4NzhlNmFiNzQ5YjAyZTQyZTI2YTcwMGY4ODVkMjcxOTA3NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17MYfqe2DPC9rEmpm9FR+KoA0XwR
I44NTEVQyuftFc8zutmw4Z1A5dtdw+7eDQMXwAUsXzxZwbOWKMfEM7rLA4xKdqFW
lRnllmbV4vYMMz9+5VYrBRQ7PQ0LTi+Q0frZD6iQu7jz4tb/H22JEnFzI0W0QQ9l
DWSCtI4wfmWUC5CXj1L+tmdu/NW7wzLXexzZ8Cqe7AQcYdUFEWvlOwu1D5/dW4ur
qVsdgeq1Blze19FzzE8HWFHtplX9SWRVDlsyvZrQgche26OA8Vrq5Ay1pq9Jv9vV
tqROjj7DN9LzJ0TySgVpCLQSLzRlawxSGt2N7U65b0VaXoox+BjDOO92jQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFEpIeOardJsC5C4mpwD4hdJxkHadMB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvU2toNDVxdDBtd0xrTGlhbkFQaUYwbkdRZHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAwDBAMtWMgD
BAAtWMoDBAC5DmEDBAK5fagDBAK5tTwwDAMEA7nz2AMEALnz2gMEAMHI7gMEAMHz
vQMEAMIgawMEAMMQSQMEAMaMjTANBAIAAjAHAwUCKgOU4DANBgkqhkiG9w0BAQsF
AAOCAQEACgFzRwr5pU5yowGE/ckhwffObU4GYyLNWG0rFn7AFUxsODLFydVRhkSb
YGtLZqOWqvnrSaQNcNTPoqeKcu60fenGon9XGYG42YG3+yrdG5A08K0/nkK1DMJP
qpXCrtaFU+TfCmYNM2Ir6pcpS1K+FEhIkAeDXS+qfJz9kFc610VbM34QLb39ZDLm
yzPlTa4mn9d/89qGXVB+RCd5Sd32wCi5tV5GZHZA7o6j831aB2vjfzJ3DyzdQZt5
RLBONiU/DoMqW9dy0Gd8nF8p6YsvBVhCWRPYC432GZr7X7MchysnR2xzaglU9NJG
0jWZd8PCM6bzOBVy5UmzaERcAmrEmg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:17:33 2025 by rpki-client