Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/0xnE27_fCsdTcwm9NkOeyjUDvqQ.roa
File: 0xnE27_fCsdTcwm9NkOeyjUDvqQ.roa (raw, json)
Hash identifier: T1uXnzeTnqbZ7qh30DL2YwGxMWAuITYK7JzoxOQV0QM=
Subject key identifier: D3:19:C4:DB:BF:DF:0A:C7:53:73:09:BD:36:43:9E:CA:35:03:BE:A4
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019821A51DDBC8B4DA08C5DA71576B967CFC
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/0xnE27_fCsdTcwm9NkOeyjUDvqQ.roa
Signing time: Sat 19 Jul 2025 07:45:25 +0000
ROA not before: Sat 19 Jul 2025 07:45:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.95.226.0/24 maxlen: 24
45.140.58.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Jul 2025 09:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:21:a5:1d:db:c8:b4:da:08:c5:da:71:57:6b:96:7c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jul 19 07:45:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d319c4dbbfdf0ac7537309bd36439eca3503bea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:98:36:68:c5:9e:18:36:9a:21:51:8e:81:65:
e5:ba:b6:ce:5f:4e:1a:48:83:6f:0c:4a:71:43:1a:
dc:cb:25:b7:d8:94:0c:54:7c:fb:c5:d0:d3:16:c7:
47:b9:73:be:5a:d3:ba:23:2a:9d:28:b5:3e:03:d4:
a4:d1:c8:d4:52:aa:b9:f4:de:06:8b:6b:b4:30:1c:
60:48:c9:dc:ae:f4:f4:f7:cb:ce:18:5a:be:bd:de:
e0:92:54:29:9e:d9:ab:6e:51:f2:d8:31:66:c0:b6:
2f:93:1f:5a:12:5b:a1:5f:84:50:34:f0:bb:8d:99:
bd:43:59:75:d1:93:f4:d4:2d:62:70:5c:97:94:2c:
3d:47:a6:7a:77:4c:cc:26:0f:94:15:e2:29:1d:89:
76:fe:de:6a:ba:d5:13:c3:b9:26:8f:7b:f7:f1:82:
15:dc:65:b3:63:c8:12:3d:44:fb:85:d6:96:30:6d:
ea:57:09:cd:c7:e0:6b:8e:ef:1d:fb:88:a7:99:86:
55:0b:58:2d:f0:9f:58:bb:fe:a3:0d:38:e3:90:61:
22:1d:0e:2b:f1:88:3d:3b:28:53:54:78:74:86:87:
3a:5f:b2:48:7e:07:cc:16:f1:a5:d5:ec:87:61:85:
41:fe:f6:d9:15:f8:83:78:33:9c:a3:40:b7:e5:97:
b9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:19:C4:DB:BF:DF:0A:C7:53:73:09:BD:36:43:9E:CA:35:03:BE:A4
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/0xnE27_fCsdTcwm9NkOeyjUDvqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.226.0/24
45.140.58.0/24
212.81.45.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2d:de:6b:45:a0:93:e6:b1:ee:ad:e3:1d:2d:4c:de:6a:42:
40:5c:12:42:e2:46:f5:65:d2:5d:e4:e2:16:9f:83:96:5e:d5:
d6:5b:83:2e:39:ca:d4:ff:b2:b4:7f:31:16:59:34:c9:99:77:
c7:ff:88:09:9f:d7:f6:b2:67:4a:9e:34:c6:fe:fc:69:83:b9:
62:33:f3:4c:e5:0e:5e:09:ed:e2:30:05:16:5b:1e:bc:3c:c8:
6b:e9:51:c7:a5:0f:40:2b:a9:ea:17:47:f4:be:de:7a:66:71:
09:d7:39:56:2e:38:04:40:b8:d9:b6:7f:44:cb:bd:5e:3c:3e:
69:0b:33:1f:6a:84:de:3b:4a:16:6c:71:7c:11:6b:66:d8:1a:
49:47:8c:97:4f:e2:73:19:6c:1a:b3:17:d1:76:59:e1:b7:15:
11:0a:57:01:c6:94:7e:8c:1b:5b:d6:2d:c4:2c:16:3e:49:2c:
4a:a7:78:4b:e5:1a:d6:0f:73:83:6b:71:c1:bf:2d:43:83:4e:
7a:73:65:a3:f0:50:5b:94:47:be:ee:bf:fe:ca:48:0f:a1:57:
84:7d:fa:38:3d:66:c6:6e:7f:a8:b8:bd:3a:a8:bb:1e:ec:fc:
9e:0a:95:3b:d8:a9:5f:3e:12:98:89:02:04:81:d2:01:a4:fd:
5e:14:93:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZghpR3byLTaCMXacVdrlnz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwNzE5MDc0NTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzE5YzRkYmJmZGYwYWM3NTM3MzA5YmQzNjQzOWVjYTM1MDNiZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5g2aMWeGDaaIVGOgWXlurbOX04a
SINvDEpxQxrcyyW32JQMVHz7xdDTFsdHuXO+WtO6IyqdKLU+A9Sk0cjUUqq59N4G
i2u0MBxgSMncrvT098vOGFq+vd7gklQpntmrblHy2DFmwLYvkx9aEluhX4RQNPC7
jZm9Q1l10ZP01C1icFyXlCw9R6Z6d0zMJg+UFeIpHYl2/t5qutUTw7kmj3v38YIV
3GWzY8gSPUT7hdaWMG3qVwnNx+Brju8d+4inmYZVC1gt8J9Yu/6jDTjjkGEiHQ4r
8Yg9OyhTVHh0hoc6X7JIfgfMFvGl1eyHYYVB/vbZFfiDeDOco0C35Ze5EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNMZxNu/3wrHU3MJvTZDnso1A76kMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvMHhuRTI3X2ZDc2RUY3dtOU5rT2V5alVEdnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV/iAwQA
LYw6AwQA1FEtMA0GCSqGSIb3DQEBCwUAA4IBAQADLd5rRaCT5rHureMdLUzeakJA
XBJC4kb1ZdJd5OIWn4OWXtXWW4MuOcrU/7K0fzEWWTTJmXfH/4gJn9f2smdKnjTG
/vxpg7liM/NM5Q5eCe3iMAUWWx68PMhr6VHHpQ9AK6nqF0f0vt56ZnEJ1zlWLjgE
QLjZtn9Ey71ePD5pCzMfaoTeO0oWbHF8EWtm2BpJR4yXT+JzGWwasxfRdlnhtxUR
ClcBxpR+jBtb1i3ELBY+SSxKp3hL5RrWD3ODa3HBvy1Dg056c2Wj8FBblEe+7r/+
ykgPoVeEffo4PWbGbn+ouL06qLse7PyeCpU72KlfPhKYiQIEgdIBpP1eFJNa
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:44:06 2025 by rpki-client