Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ys61Ts-BrwBE4DAMk2wb40-5H8w.roa
File: ys61Ts-BrwBE4DAMk2wb40-5H8w.roa (raw, json)
Hash identifier: XP3yW+FFB7XZ0Zcmpx+shrCPx5LGpYdf5uJTjW+epIk=
Subject key identifier: CA:CE:B5:4E:CF:81:AF:00:44:E0:30:0C:93:6C:1B:E3:4F:B9:1F:CC
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01977516CCA5BCA835F32CDAA98C12157ADC
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ys61Ts-BrwBE4DAMk2wb40-5H8w.roa
Signing time: Sun 15 Jun 2025 19:35:17 +0000
ROA not before: Sun 15 Jun 2025 19:35:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.152.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jun 2025 15:26:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:16:cc:a5:bc:a8:35:f3:2c:da:a9:8c:12:15:7a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jun 15 19:35:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caceb54ecf81af0044e0300c936c1be34fb91fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:91:bd:08:23:6c:c1:66:8c:3d:99:ca:0b:64:
c4:fb:f0:8b:86:aa:a6:b8:e4:f8:b4:80:8f:82:8f:
2d:19:32:5a:9a:6d:84:84:7c:54:0d:80:d9:9c:33:
95:c3:11:7d:f7:38:f3:30:78:d9:b0:ef:d2:c5:e8:
bf:23:43:af:56:96:fa:e1:e7:1b:ba:80:ca:7c:ce:
17:fc:46:70:65:7a:f6:c0:19:b4:a6:5a:75:d8:62:
26:4d:be:11:4c:b0:55:c1:4c:f3:f7:c5:86:8c:0c:
7b:19:6e:5a:d6:03:de:ed:01:25:3a:21:db:50:0e:
e4:5b:c1:f7:b0:fc:fb:98:a8:48:e2:54:08:c4:68:
a7:c6:d9:1d:38:9a:b0:a6:15:0f:aa:c1:df:d4:ce:
32:fb:cb:19:9c:66:d4:de:03:d2:81:8f:78:f8:af:
10:d0:b8:56:de:a9:8a:6d:06:2b:8c:f1:7d:b6:4f:
28:a0:d1:15:2b:2a:fd:13:82:1f:1e:c1:3b:43:ff:
2e:db:0e:2a:17:81:bd:76:81:12:de:c9:07:2b:49:
51:30:ff:64:62:e6:59:59:a0:46:fb:87:97:91:2b:
83:de:4b:3b:05:1f:b9:2a:23:5f:67:44:46:20:c9:
55:29:d5:36:55:36:7c:0a:7d:2c:4c:46:9b:67:ce:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CE:B5:4E:CF:81:AF:00:44:E0:30:0C:93:6C:1B:E3:4F:B9:1F:CC
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ys61Ts-BrwBE4DAMk2wb40-5H8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.166.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:6c:f0:3b:24:5c:24:06:06:94:db:98:13:ea:2d:2f:ce:bf:
b2:94:e1:18:0c:bf:75:25:67:db:f6:05:a5:19:f7:cf:5c:85:
8a:90:3d:51:48:89:c1:88:fd:81:0c:50:64:a0:3e:68:73:d0:
f8:d0:1f:21:e4:b6:94:68:a9:6c:6b:67:e9:a4:ee:38:9a:8c:
35:2b:53:53:9e:85:92:6c:29:8b:66:f6:83:84:9d:18:33:6a:
de:82:9e:10:43:d6:31:cd:ae:55:be:58:08:a2:c4:f1:9f:37:
55:16:04:d9:9e:ad:eb:f1:19:fa:78:d0:1f:c7:08:c6:84:3f:
99:20:28:5e:b9:0b:21:e6:74:31:4b:f1:eb:aa:0b:cd:08:85:
28:49:19:e6:40:f3:f6:ed:d0:dd:55:49:e1:db:49:77:a5:e7:
01:b8:30:dc:88:c7:0c:67:d2:78:18:d2:8a:34:1f:da:1a:af:
cf:14:06:9b:fd:eb:2c:13:34:6c:af:3b:eb:41:24:10:cc:16:
a2:77:ae:53:bb:25:85:07:58:65:f8:d2:14:db:48:fe:ba:fd:
fb:ef:0d:a4:c6:a9:07:e1:34:c4:1f:5e:11:8c:5f:d5:26:cb:
75:3e:8b:af:fc:40:d6:03:db:b7:ba:f2:10:05:19:a4:c8:52:
5d:7a:5d:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd1FsylvKg18yzaqYwSFXrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNjE1MTkzNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNlYjU0ZWNmODFhZjAwNDRlMDMwMGM5MzZjMWJlMzRmYjkxZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspG9CCNswWaMPZnKC2TE+/CLhqqm
uOT4tICPgo8tGTJamm2EhHxUDYDZnDOVwxF99zjzMHjZsO/Sxei/I0OvVpb64ecb
uoDKfM4X/EZwZXr2wBm0plp12GImTb4RTLBVwUzz98WGjAx7GW5a1gPe7QElOiHb
UA7kW8H3sPz7mKhI4lQIxGinxtkdOJqwphUPqsHf1M4y+8sZnGbU3gPSgY94+K8Q
0LhW3qmKbQYrjPF9tk8ooNEVKyr9E4IfHsE7Q/8u2w4qF4G9doES3skHK0lRMP9k
YuZZWaBG+4eXkSuD3ks7BR+5KiNfZ0RGIMlVKdU2VTZ8Cn0sTEabZ87mOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrOtU7Pga8AROAwDJNsG+NPuR/MMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEveXM2MVRzLUJyd0JFNERBTWsyd2I0MC01SDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZimMA0G
CSqGSIb3DQEBCwUAA4IBAQCibPA7JFwkBgaU25gT6i0vzr+ylOEYDL91JWfb9gWl
GffPXIWKkD1RSInBiP2BDFBkoD5oc9D40B8h5LaUaKlsa2fppO44mow1K1NTnoWS
bCmLZvaDhJ0YM2regp4QQ9Yxza5VvlgIosTxnzdVFgTZnq3r8Rn6eNAfxwjGhD+Z
ICheuQsh5nQxS/HrqgvNCIUoSRnmQPP27dDdVUnh20l3pecBuDDciMcMZ9J4GNKK
NB/aGq/PFAab/essEzRsrzvrQSQQzBaid65TuyWFB1hl+NIU20j+uv377w2kxqkH
4TTEH14RjF/VJst1Pouv/EDWA9u3uvIQBRmkyFJdel0G
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:24:17 2025 by rpki-client