Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/b4u3gXaI9MMnHrXfjg2u-5GfUGo.roa
File: b4u3gXaI9MMnHrXfjg2u-5GfUGo.roa (raw, json)
Hash identifier: 7/nyZ0K97xnBkjwLXiQt/O68x5Qz4UqyzEB+jwOG/rU=
Subject key identifier: 6F:8B:B7:81:76:88:F4:C3:27:1E:B5:DF:8E:0D:AE:FB:91:9F:50:6A
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 019619A95D8A565E29BE63DBD33FDA296B5D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/b4u3gXaI9MMnHrXfjg2u-5GfUGo.roa
Signing time: Wed 09 Apr 2025 08:27:31 +0000
ROA not before: Wed 09 Apr 2025 08:27:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33993
IP address blocks: 45.67.230.0/24 maxlen: 24
185.235.242.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 13:44:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:a9:5d:8a:56:5e:29:be:63:db:d3:3f:da:29:6b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 9 08:27:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f8bb7817688f4c3271eb5df8e0daefb919f506a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d3:ab:a9:1e:3f:fc:ba:91:87:ce:a5:4d:3b:
7a:de:0b:c4:4b:3a:1b:56:e8:cd:e0:3d:6e:86:33:
56:d3:32:99:12:6b:13:e9:bd:77:22:42:8c:0c:68:
0a:3a:a5:50:eb:36:3b:fd:dc:f9:f1:53:93:72:80:
3c:b8:c4:a4:96:ba:ca:38:0b:8e:4b:01:fe:02:0e:
fd:a1:b6:a8:6b:d2:78:bc:df:b8:7b:96:5a:9e:ee:
eb:45:dc:5c:45:2c:1d:0f:b0:b3:25:1e:73:f7:e3:
23:05:22:c6:23:34:c4:4d:19:d5:50:fd:ab:a1:6d:
b0:0b:37:13:f4:b0:bd:b5:6d:b9:fc:f6:38:61:dd:
9d:8d:4b:2f:93:53:60:61:c2:99:6b:9b:55:8d:48:
4b:4c:b7:c9:1f:6a:02:25:b7:29:73:a8:2e:47:60:
17:42:89:14:e5:3f:38:12:5e:6e:5f:ef:ab:24:4d:
28:92:5b:c3:1e:d6:77:df:25:a9:a6:02:01:3b:ae:
0d:6c:2d:79:d0:e1:6a:69:64:0e:e6:73:56:16:6d:
17:9c:fe:58:01:14:7b:76:cb:9b:6d:c1:d9:2b:12:
45:4d:ec:ea:8f:8b:64:c5:bc:c1:3c:a4:d6:00:ca:
9e:3a:d6:61:9f:6e:7e:1c:c3:19:23:10:c7:b1:81:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8B:B7:81:76:88:F4:C3:27:1E:B5:DF:8E:0D:AE:FB:91:9F:50:6A
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/b4u3gXaI9MMnHrXfjg2u-5GfUGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.230.0/24
185.235.242.0/24
185.250.149.0/24
Signature Algorithm: sha256WithRSAEncryption
80:57:fc:fd:94:91:b1:e9:47:27:f2:9d:4f:ee:2a:51:ce:8f:
10:d7:80:dd:8a:26:91:8f:55:02:3a:8d:e4:1b:d6:1f:17:fd:
58:82:96:5c:39:ee:90:83:4b:60:73:b6:56:1d:d0:a0:b3:3e:
25:28:63:79:a7:c8:c4:37:0f:f4:c4:14:64:2c:21:32:3f:32:
7a:e2:9b:91:4c:fa:d6:3c:39:1c:a6:1c:e7:d1:8e:a7:9e:1d:
68:c5:a4:1b:53:fd:cd:72:e7:80:3b:b5:84:31:dc:21:c2:cf:
4a:b7:9d:df:b9:ed:c5:c7:33:0f:c6:14:e0:1e:68:82:cf:a5:
dc:85:bf:3b:fa:34:b3:3a:31:57:43:1a:7c:2a:2b:1b:ed:74:
c5:c8:9c:05:ba:6b:f2:a7:fe:28:d7:e8:13:02:4f:f6:dd:b4:
b5:21:5c:3a:07:83:6e:0e:f8:98:c7:07:7c:f7:62:b6:e7:82:
10:24:cc:9d:10:ec:55:76:eb:a8:30:83:36:0a:cd:7a:1c:fb:
6b:b7:ea:3d:3e:8e:cb:a7:d8:99:6e:51:18:58:65:bd:a3:5b:
9a:2c:ba:74:6c:86:1d:e2:c2:75:17:3b:f2:e5:d8:e7:c1:d8:
d8:05:16:d0:76:c4:28:c6:39:66:fa:b5:2f:c2:41:f0:70:5f:
57:0c:0a:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYZqV2KVl4pvmPb0z/aKWtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNDA5MDgyNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhiYjc4MTc2ODhmNGMzMjcxZWI1ZGY4ZTBkYWVmYjkxOWY1MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNOrqR4//LqRh86lTTt63gvESzob
VujN4D1uhjNW0zKZEmsT6b13IkKMDGgKOqVQ6zY7/dz58VOTcoA8uMSklrrKOAuO
SwH+Ag79obaoa9J4vN+4e5Zanu7rRdxcRSwdD7CzJR5z9+MjBSLGIzTETRnVUP2r
oW2wCzcT9LC9tW25/PY4Yd2djUsvk1NgYcKZa5tVjUhLTLfJH2oCJbcpc6guR2AX
QokU5T84El5uX++rJE0oklvDHtZ33yWppgIBO64NbC150OFqaWQO5nNWFm0XnP5Y
ARR7dsubbcHZKxJFTezqj4tkxbzBPKTWAMqeOtZhn25+HMMZIxDHsYGW+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG+Lt4F2iPTDJx61344NrvuRn1BqMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvYjR1M2dYYUk5TU1uSHJYZmpnMnUtNUdmVUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUPmAwQA
uevyAwQAufqVMA0GCSqGSIb3DQEBCwUAA4IBAQCAV/z9lJGx6Ucn8p1P7ipRzo8Q
14DdiiaRj1UCOo3kG9YfF/1YgpZcOe6Qg0tgc7ZWHdCgsz4lKGN5p8jENw/0xBRk
LCEyPzJ64puRTPrWPDkcphzn0Y6nnh1oxaQbU/3NcueAO7WEMdwhws9Kt53fue3F
xzMPxhTgHmiCz6Xchb87+jSzOjFXQxp8Kisb7XTFyJwFumvyp/4o1+gTAk/23bS1
IVw6B4NuDviYxwd892K254IQJMydEOxVduuoMIM2Cs16HPtrt+o9Po7Lp9iZblEY
WGW9o1uaLLp0bIYd4sJ1Fzvy5djnwdjYBRbQdsQoxjlm+rUvwkHwcF9XDApS
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:48:00 2025 by rpki-client