Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/HcRj3OqHgySRdSf1T2xJXjqxt0U.roa
File: HcRj3OqHgySRdSf1T2xJXjqxt0U.roa (raw, json)
Hash identifier: hX95TXfTgFnK4RyyHLF0zhhz7NwcFq/bb32jvC6DNZ0=
Subject key identifier: 1D:C4:63:DC:EA:87:83:24:91:75:27:F5:4F:6C:49:5E:3A:B1:B7:45
Certificate issuer: /CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Certificate serial: 01982D2F84C678697887D42BC6BAB2E01970
Authority key identifier: 46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/HcRj3OqHgySRdSf1T2xJXjqxt0U.roa
Signing time: Mon 21 Jul 2025 13:32:25 +0000
ROA not before: Mon 21 Jul 2025 13:32:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215044
IP address blocks: 45.157.48.0/22 maxlen: 24
45.157.48.0/24 maxlen: 24
2a07:9840::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Jul 2025 09:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:2f:84:c6:78:69:78:87:d4:2b:c6:ba:b2:e0:19:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Validity
Not Before: Jul 21 13:32:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc463dcea878324917527f54f6c495e3ab1b745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:6d:5c:1f:6c:b6:e1:82:80:35:49:e0:e0:
d3:7d:f4:cb:c7:be:d4:46:24:d8:fa:33:e3:0c:95:
19:7d:8d:4c:9f:43:92:e3:f2:02:d0:58:7a:cf:1c:
33:3a:f8:7a:1e:30:70:e7:86:8b:61:b4:9f:3e:f9:
e4:8b:f7:b8:fe:af:7e:7e:fe:df:08:88:05:39:16:
32:94:3e:33:6c:d5:99:02:54:d2:34:a9:82:bd:58:
87:9e:40:ea:78:ab:87:c7:c5:05:00:ed:4f:6f:b9:
81:9f:ee:f9:ed:5a:95:02:5d:75:b5:f7:17:15:f7:
17:e8:a1:45:da:b3:04:c5:d8:02:4d:af:db:8c:60:
86:f6:5e:5c:d1:9e:c0:85:6a:b2:cb:7b:1e:48:54:
4a:56:0d:93:1e:fe:06:83:eb:dd:83:b5:97:6f:d4:
e8:4a:be:7b:ca:6b:f6:55:0a:42:9b:39:47:c9:f2:
ea:5f:5c:ae:e1:6b:73:5f:6a:e4:7c:4e:d2:d9:ca:
6b:97:e5:c4:e9:52:d2:85:9a:44:28:73:de:88:7a:
e1:49:82:04:69:d3:38:9e:58:fe:66:89:da:d6:0b:
ff:27:9c:b6:dd:c8:ac:61:3c:3e:a8:b8:06:3f:fa:
87:e3:f0:9d:47:0f:99:5d:cb:01:ff:07:d3:cd:d0:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C4:63:DC:EA:87:83:24:91:75:27:F5:4F:6C:49:5E:3A:B1:B7:45
X509v3 Authority Key Identifier:
keyid:46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/HcRj3OqHgySRdSf1T2xJXjqxt0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.48.0/22
IPv6:
2a07:9840::/29
Signature Algorithm: sha256WithRSAEncryption
40:c9:cf:ed:9c:89:98:fc:21:83:80:44:da:bb:d9:94:53:4c:
b9:05:a3:76:04:68:f0:06:e2:87:b4:7c:e0:7f:8e:7a:dc:3f:
8b:f2:37:d3:0b:b4:1e:18:3a:1a:c1:be:9b:36:7d:39:13:9f:
a2:d5:ff:98:d5:82:9a:a4:87:bf:08:8f:58:e6:75:c8:f9:0c:
c2:28:30:9b:9d:75:6b:1f:3b:49:1a:e4:67:35:42:74:53:af:
5a:35:31:eb:f1:52:9c:4e:23:c7:5c:77:53:e6:2c:a4:82:19:
59:51:5d:ef:b6:e3:b2:6d:59:4f:49:6f:12:54:fc:df:e0:32:
c8:a0:ac:0f:df:fc:ce:1a:62:dd:66:b1:90:fc:ca:df:ef:6e:
23:ff:fc:91:ac:51:5c:21:bf:c8:6d:78:69:93:8d:8d:28:50:
35:25:bc:80:2a:f0:cc:fc:ee:fe:6a:0e:39:ba:69:43:3b:56:
c3:0c:d9:ee:23:51:02:28:4d:54:a2:0b:a4:e0:94:30:32:5a:
91:bf:ab:7d:20:ac:11:9f:52:23:e7:6a:65:c9:6b:b8:38:9a:
57:90:57:04:45:e8:35:ec:c3:9e:2a:94:6c:32:56:37:56:b3:
fe:3c:4e:31:3a:07:af:f2:6e:be:08:29:32:f7:e1:b5:1f:15:
e1:71:fe:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgtL4TGeGl4h9Qrxrqy4BlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MzhiZjY4YjY2NzVlMmE1YTNhNzkyMmY2NDc3ZDJhZmIz
NTdmYWMwHhcNMjUwNzIxMTMzMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM0NjNkY2VhODc4MzI0OTE3NTI3ZjU0ZjZjNDk1ZTNhYjFiNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvARtXB9stuGCgDVJ4ODTffTLx77U
RiTY+jPjDJUZfY1Mn0OS4/IC0Fh6zxwzOvh6HjBw54aLYbSfPvnki/e4/q9+fv7f
CIgFORYylD4zbNWZAlTSNKmCvViHnkDqeKuHx8UFAO1Pb7mBn+757VqVAl11tfcX
FfcX6KFF2rMExdgCTa/bjGCG9l5c0Z7AhWqyy3seSFRKVg2THv4Gg+vdg7WXb9To
Sr57ymv2VQpCmzlHyfLqX1yu4WtzX2rkfE7S2cprl+XE6VLShZpEKHPeiHrhSYIE
adM4nlj+Zona1gv/J5y23cisYTw+qLgGP/qH4/CdRw+ZXcsB/wfTzdD7EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3EY9zqh4MkkXUn9U9sSV46sbdFMB8GA1UdIwQY
MBaAFEY4v2i2Z14qWjp5IvZHfSr7NX+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMt
ODcwNzNmNDM0YjAzLzEvSGNSajNPcUhneVNSZFNmMVQyeEpYanF4dDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMtODcwNzNmNDM0YjAz
LzEvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ0wMA0E
AgACMAcDBQMqB5hAMA0GCSqGSIb3DQEBCwUAA4IBAQBAyc/tnImY/CGDgETau9mU
U0y5BaN2BGjwBuKHtHzgf4563D+L8jfTC7QeGDoawb6bNn05E5+i1f+Y1YKapIe/
CI9Y5nXI+QzCKDCbnXVrHztJGuRnNUJ0U69aNTHr8VKcTiPHXHdT5iykghlZUV3v
tuOybVlPSW8SVPzf4DLIoKwP3/zOGmLdZrGQ/Mrf724j//yRrFFcIb/IbXhpk42N
KFA1JbyAKvDM/O7+ag45umlDO1bDDNnuI1ECKE1Uoguk4JQwMlqRv6t9IKwRn1Ij
52plyWu4OJpXkFcEReg17MOeKpRsMlY3VrP+PE4xOgev8m6+CCky9+G1HxXhcf6v
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:39:13 2025 by rpki-client