Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ra3K6wrykjl-sNaLr3QdDUkaFE.roa
File: 1-ra3K6wrykjl-sNaLr3QdDUkaFE.roa (raw, json)
Hash identifier: BPFlkY36Yo/paSCOyVriKVVvXGO/voS3BcGjw0wPM7c=
Subject key identifier: FA:B6:B7:2B:AC:2B:CA:48:E5:FA:C3:5A:2E:BD:D0:74:35:24:68:51
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824CC445F00DEE767BBFDA81883B509
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ra3K6wrykjl-sNaLr3QdDUkaFE.roa
Signing time: Thu 02 Jan 2025 17:51:27 +0000
ROA not before: Thu 02 Jan 2025 17:51:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215316
IP address blocks: 45.14.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 07:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:cc:44:5f:00:de:e7:67:bb:fd:a8:18:83:b5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fab6b72bac2bca48e5fac35a2ebdd07435246851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:df:aa:6f:73:ca:a3:e1:92:2e:34:7d:52:e3:
ff:09:85:91:24:52:7a:ed:f6:1c:af:3b:4d:38:af:
b3:1a:5a:e5:38:2d:93:43:25:09:ae:22:bc:c8:2a:
12:68:33:4b:15:bd:2a:b2:a0:2d:b7:65:34:df:1d:
32:4d:0d:18:ec:12:5d:57:42:c6:03:9c:4d:45:f1:
ab:02:1e:9c:03:11:af:55:79:f9:b8:46:8e:ff:b8:
a6:df:05:28:b4:1c:d5:98:d6:1e:b0:f1:28:0e:90:
70:67:e2:d0:a2:6a:ee:d1:2e:76:9c:bd:be:dc:a1:
8b:c2:e2:e0:ea:c7:ee:ce:99:99:cc:d6:7b:ab:c7:
18:31:09:97:d8:b4:11:26:e5:7e:80:c8:b9:36:f0:
da:4b:43:0a:89:a0:2d:4c:4d:2d:c0:20:41:bf:75:
3b:11:33:cc:09:5f:0c:a7:8a:eb:ab:12:2a:6a:c9:
c3:e0:9d:08:b8:85:3c:7c:95:b8:78:9f:9b:17:6c:
85:0a:de:f6:c6:88:71:a0:66:3a:8b:d8:7e:77:11:
3a:4a:81:44:f3:35:8d:b9:b8:e5:a5:fa:b1:cd:20:
b4:4a:2a:46:02:fc:77:d3:66:da:c5:3f:3a:ac:0d:
cf:50:64:28:bb:7f:ad:1b:02:55:6d:44:45:67:7c:
c0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B6:B7:2B:AC:2B:CA:48:E5:FA:C3:5A:2E:BD:D0:74:35:24:68:51
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ra3K6wrykjl-sNaLr3QdDUkaFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.164.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:68:d1:59:dd:f8:5f:fd:aa:31:de:38:19:18:3a:02:2c:f1:
48:10:0b:34:d8:4b:51:52:95:28:a3:49:e0:d8:5f:e2:26:c8:
ef:e0:04:e6:10:a0:b0:2a:a8:90:91:ea:ec:ed:1b:39:cc:25:
53:a4:65:26:d3:3a:be:ba:94:08:96:f0:cf:6c:e8:83:62:6a:
d3:10:4e:16:3f:67:25:da:b7:89:71:22:76:de:6d:3b:ee:38:
77:c4:c9:c6:81:51:05:cd:93:db:8e:6a:3b:82:2c:57:4b:60:
5a:08:b1:62:ae:a9:fb:db:67:0b:66:ea:cd:21:d3:22:95:77:
0f:1f:16:eb:74:ca:9c:09:2a:c5:dd:7c:3f:4e:e8:ed:49:9e:
1f:2e:d3:8e:ce:c7:06:5e:25:a7:75:96:7a:fb:85:f4:dc:72:
b5:20:83:4b:39:36:b0:f7:73:a6:a3:9b:ef:05:ec:aa:20:a7:
21:85:be:79:6b:ed:ca:9b:77:b1:e5:11:8c:70:7a:4e:59:69:
ce:c9:14:66:9e:ba:78:91:78:ab:55:95:fe:2b:09:26:45:3f:
20:fd:92:d2:83:30:fa:c2:53:34:37:e5:00:89:18:66:a2:f9:
8f:10:27:f8:a8:e4:c3:fa:8f:d4:a0:f8:a5:cc:4f:5f:61:b9:
10:e8:1f:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJMxEXwDe52e7/agYg7UJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI2YjcyYmFjMmJjYTQ4ZTVmYWMzNWEyZWJkZDA3NDM1MjQ2ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t+qb3PKo+GSLjR9UuP/CYWRJFJ6
7fYcrztNOK+zGlrlOC2TQyUJriK8yCoSaDNLFb0qsqAtt2U03x0yTQ0Y7BJdV0LG
A5xNRfGrAh6cAxGvVXn5uEaO/7im3wUotBzVmNYesPEoDpBwZ+LQomru0S52nL2+
3KGLwuLg6sfuzpmZzNZ7q8cYMQmX2LQRJuV+gMi5NvDaS0MKiaAtTE0twCBBv3U7
ETPMCV8Mp4rrqxIqasnD4J0IuIU8fJW4eJ+bF2yFCt72xohxoGY6i9h+dxE6SoFE
8zWNubjlpfqxzSC0SipGAvx302baxT86rA3PUGQou3+tGwJVbURFZ3zAZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPq2tyusK8pI5frDWi690HQ1JGhRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1yYTNLNndyeWtqbC1zTmFMcjNRZERVa2FGRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0OpDAN
BgkqhkiG9w0BAQsFAAOCAQEAqGjRWd34X/2qMd44GRg6AizxSBALNNhLUVKVKKNJ
4Nhf4ibI7+AE5hCgsCqokJHq7O0bOcwlU6RlJtM6vrqUCJbwz2zog2Jq0xBOFj9n
Jdq3iXEidt5tO+44d8TJxoFRBc2T245qO4IsV0tgWgixYq6p+9tnC2bqzSHTIpV3
Dx8W63TKnAkqxd18P07o7UmeHy7Tjs7HBl4lp3WWevuF9NxytSCDSzk2sPdzpqOb
7wXsqiCnIYW+eWvtypt3seURjHB6TllpzskUZp66eJF4q1WV/isJJkU/IP2S0oMw
+sJTNDflAIkYZqL5jxAn+Kjkw/qP1KD4pcxPX2G5EOgfGA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:33:11 2025 by rpki-client