Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/eraGLmyQ9EaqtTunmUXcZtEmnh8.roa
File: eraGLmyQ9EaqtTunmUXcZtEmnh8.roa (raw, json)
Hash identifier: +QCYlrhrZiL9pK9WH6gncsNbKQYyZKGu1Ex+c8Nrs0o=
Subject key identifier: 7A:B6:86:2E:6C:90:F4:46:AA:B5:3B:A7:99:45:DC:66:D1:26:9E:1F
Certificate issuer: /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial: 01978725FD75F7EFAA90F29A6924EFA61338
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/eraGLmyQ9EaqtTunmUXcZtEmnh8.roa
Signing time: Thu 19 Jun 2025 07:45:03 +0000
ROA not before: Thu 19 Jun 2025 07:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.145.234.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 20 Jun 2025 14:36:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:25:fd:75:f7:ef:aa:90:f2:9a:69:24:ef:a6:13:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Validity
Not Before: Jun 19 07:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ab6862e6c90f446aab53ba79945dc66d1269e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9a:83:d9:23:57:0b:2a:d4:16:ec:df:c5:fe:
30:db:e2:b6:a2:fc:6a:0d:a7:c6:c1:25:7b:4b:5b:
69:68:6b:7f:79:3f:3b:19:e1:49:96:51:81:d6:cf:
a1:df:8d:75:e1:f0:cf:31:9a:7e:76:73:e0:ff:a0:
0f:6d:e7:91:50:99:56:c4:33:3e:a3:96:89:f3:71:
bb:6c:b0:12:9e:7f:c0:f3:ba:08:b9:99:79:aa:be:
53:3f:f0:3c:84:08:50:5a:7e:50:3b:b1:cf:6a:b7:
c1:d9:67:92:7b:07:c9:86:a5:dd:fb:50:af:03:6f:
74:56:4e:88:4d:f7:57:90:66:d8:a2:40:bd:2e:1e:
6e:a1:10:ab:76:74:20:91:a6:14:0a:f7:aa:fd:97:
19:c7:49:23:74:22:33:85:08:b5:4d:14:7b:50:5a:
60:fd:92:81:a7:55:c0:4c:2f:61:fa:bb:48:d6:03:
14:b5:87:c5:81:51:94:24:7c:08:90:2a:a7:6f:09:
22:f5:82:59:ce:93:5b:2f:2a:79:91:88:25:df:e3:
c3:5a:39:74:4e:09:37:2a:25:90:45:43:57:ef:51:
e4:1f:6c:24:a1:07:c5:a2:0b:48:3b:8a:49:bd:f6:
44:9b:22:86:98:d3:b3:71:be:aa:81:e8:53:f5:1a:
fc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B6:86:2E:6C:90:F4:46:AA:B5:3B:A7:99:45:DC:66:D1:26:9E:1F
X509v3 Authority Key Identifier:
keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/eraGLmyQ9EaqtTunmUXcZtEmnh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.234.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:8b:92:5a:4a:cd:60:a2:31:2d:37:41:91:77:3a:ee:ce:55:
8e:ff:ac:b9:31:c6:10:c9:da:8b:06:cb:88:02:55:0b:59:25:
c8:30:7b:73:62:dd:dd:64:f4:d2:71:b8:23:b8:be:a7:55:a2:
f7:06:be:9b:43:4a:16:ad:d9:dc:fb:97:8d:32:93:14:33:0a:
5b:4f:e7:3a:f4:fe:e0:55:91:72:2b:38:f5:1c:37:0d:ee:4c:
07:4b:e8:56:85:11:fe:71:18:34:91:d6:5e:aa:91:e1:f7:4a:
05:f2:6c:fd:40:02:02:39:ff:56:ff:91:7a:c3:4e:e2:7c:aa:
29:28:3a:04:cb:51:bd:92:f2:1e:f9:fc:61:2b:91:84:0f:14:
99:a9:53:3f:c2:b8:d6:8a:d8:e3:9c:30:0f:ff:df:7c:fb:14:
84:d1:d8:47:1d:b3:7b:e2:08:11:8b:6e:39:39:7a:8b:02:2c:
8d:42:4c:2c:e1:8f:27:11:d5:54:df:8c:d0:b3:5a:38:fb:8e:
28:5b:d6:8e:75:aa:df:af:1b:5b:90:08:c6:26:5d:61:48:ac:
e8:91:a1:12:ff:d0:cc:c8:e0:6a:40:ec:2f:48:7f:c6:ab:93:
fa:18:30:bd:0c:3f:9a:03:98:56:cb:03:9f:22:36:93:fe:56:
d5:96:cc:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeHJf119++qkPKaaSTvphM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzY4MDBkNzRiYzQxMDViNDBlNzdlYTA4NWJhMDI2ZGJl
ZWMzNWYwHhcNMjUwNjE5MDc0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWI2ODYyZTZjOTBmNDQ2YWFiNTNiYTc5OTQ1ZGM2NmQxMjY5ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpqD2SNXCyrUFuzfxf4w2+K2ovxq
DafGwSV7S1tpaGt/eT87GeFJllGB1s+h34114fDPMZp+dnPg/6APbeeRUJlWxDM+
o5aJ83G7bLASnn/A87oIuZl5qr5TP/A8hAhQWn5QO7HParfB2WeSewfJhqXd+1Cv
A290Vk6ITfdXkGbYokC9Lh5uoRCrdnQgkaYUCveq/ZcZx0kjdCIzhQi1TRR7UFpg
/ZKBp1XATC9h+rtI1gMUtYfFgVGUJHwIkCqnbwki9YJZzpNbLyp5kYgl3+PDWjl0
Tgk3KiWQRUNX71HkH2wkoQfFogtIO4pJvfZEmyKGmNOzcb6qgehT9Rr8ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHq2hi5skPRGqrU7p5lF3GbRJp4fMB8GA1UdIwQY
MBaAFCjGgA10vEEFtA536ghboCbb7sNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTIt
NDkzOWJiZmRmYjg2LzEvZXJhR0xteVE5RWFxdFR1bm1VWGNadEVtbmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTItNDkzOWJiZmRmYjg2
LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZHqMA0G
CSqGSIb3DQEBCwUAA4IBAQB+i5JaSs1gojEtN0GRdzruzlWO/6y5McYQydqLBsuI
AlULWSXIMHtzYt3dZPTScbgjuL6nVaL3Br6bQ0oWrdnc+5eNMpMUMwpbT+c69P7g
VZFyKzj1HDcN7kwHS+hWhRH+cRg0kdZeqpHh90oF8mz9QAICOf9W/5F6w07ifKop
KDoEy1G9kvIe+fxhK5GEDxSZqVM/wrjWitjjnDAP/998+xSE0dhHHbN74ggRi245
OXqLAiyNQkws4Y8nEdVU34zQs1o4+44oW9aOdarfrxtbkAjGJl1hSKzokaES/9DM
yOBqQOwvSH/Gq5P6GDC9DD+aA5hWywOfIjaT/lbVlsxO
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:29:36 2025 by rpki-client