Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2E-DHWtlFr-seNjH14p4Cqk_tIY.roa
File: 2E-DHWtlFr-seNjH14p4Cqk_tIY.roa (raw, json)
Hash identifier: jmih0Us+SnzkS2fj1Ca8kYlF0FBkDE9wMutYfteEJyM=
Subject key identifier: D8:4F:83:1D:6B:65:16:BF:AC:78:D8:C7:D7:8A:78:0A:A9:3F:B4:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824C2362FB32201EC9F130C1ABEA056
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2E-DHWtlFr-seNjH14p4Cqk_tIY.roa
Signing time: Thu 02 Jan 2025 17:51:25 +0000
ROA not before: Thu 02 Jan 2025 17:51:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214111
IP address blocks: 45.9.156.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 18:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:c2:36:2f:b3:22:01:ec:9f:13:0c:1a:be:a0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d84f831d6b6516bfac78d8c7d78a780aa93fb486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:81:c3:c3:89:ba:90:09:6d:b4:74:7b:ac:6b:
f8:e2:a3:fe:0f:ae:92:64:1b:09:e8:73:ad:e8:ca:
5c:d4:f4:c2:39:97:e1:b5:3f:80:b8:d2:fb:8d:ae:
f9:10:9c:e0:21:2a:f7:18:ce:e1:d6:24:67:d1:fb:
bc:b9:5f:9f:7a:19:9e:77:98:92:ba:e1:6f:50:c0:
8f:79:07:80:96:c1:6c:14:40:09:e0:aa:0e:89:f7:
07:9f:1c:93:15:0d:02:78:cc:ca:66:a8:35:f0:ed:
c9:ac:1d:01:c0:f6:a5:92:f6:39:77:69:58:54:b8:
63:db:82:aa:a5:de:19:44:86:fe:a6:ee:d7:8a:9b:
75:5d:55:0e:bd:7c:44:35:b8:44:0a:d5:f6:5d:e7:
5b:f0:93:77:73:9b:5a:55:a3:fa:d7:aa:45:18:f8:
5a:a9:70:77:30:06:4f:73:de:e0:06:8f:ad:20:4e:
85:55:70:c7:74:46:95:06:80:1f:61:45:c6:64:11:
52:a0:58:d2:48:be:77:b5:6b:d7:06:17:6b:85:2f:
c5:9d:7d:b5:f6:7c:56:4f:6d:4e:75:b3:6b:2e:f5:
04:ed:c8:e4:b0:87:0e:4b:5b:1c:d8:4b:f4:1e:eb:
9c:a9:4d:c8:f4:44:fc:35:ca:1e:13:ad:d0:9a:31:
20:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4F:83:1D:6B:65:16:BF:AC:78:D8:C7:D7:8A:78:0A:A9:3F:B4:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2E-DHWtlFr-seNjH14p4Cqk_tIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c7:fd:4d:71:77:89:51:7c:0a:13:8e:0e:05:9e:93:31:97:
ab:c9:99:2a:29:6d:67:06:3f:17:d4:6f:ee:e9:6f:99:24:94:
07:9a:f1:bd:99:9e:03:43:2e:31:50:4b:c5:8a:d2:66:3b:d1:
0b:8a:68:39:58:fa:d7:4b:4b:c6:11:2d:b8:c9:38:18:d8:88:
e0:dd:0f:f5:4f:b2:f2:07:6e:46:2a:91:21:72:f5:b5:a9:c6:
ae:0b:17:f0:f4:76:8f:0d:28:59:66:ba:36:f0:1b:92:cb:26:
b0:6c:a5:e5:fd:2f:ed:9c:d5:92:05:1a:2b:40:21:7f:6b:7d:
ec:b7:83:15:86:11:e7:ff:15:f8:1e:4d:4a:3e:f7:aa:a6:2c:
e0:6a:b9:fc:48:b7:68:d9:25:5b:62:8e:17:4d:cb:9d:ed:31:
4c:81:ff:53:be:01:ee:11:3d:c5:5d:45:55:b0:94:64:b9:5d:
bf:8b:49:0f:21:7c:31:76:f1:44:7f:6c:c4:3f:9b:ce:c2:4b:
85:2a:df:97:1a:fa:2c:f5:34:c5:83:20:e2:eb:e2:ad:8a:4c:
f9:58:b5:2d:35:69:10:d5:85:6a:97:b1:fc:1c:c4:c3:c6:fd:
71:30:47:73:11:48:af:da:51:3f:78:57:b4:35:d3:1c:20:a5:
4f:13:92:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJMI2L7MiAeyfEwwavqBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRmODMxZDZiNjUxNmJmYWM3OGQ4YzdkNzhhNzgwYWE5M2ZiNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44HDw4m6kAlttHR7rGv44qP+D66S
ZBsJ6HOt6Mpc1PTCOZfhtT+AuNL7ja75EJzgISr3GM7h1iRn0fu8uV+fehmed5iS
uuFvUMCPeQeAlsFsFEAJ4KoOifcHnxyTFQ0CeMzKZqg18O3JrB0BwPalkvY5d2lY
VLhj24Kqpd4ZRIb+pu7Xipt1XVUOvXxENbhECtX2Xedb8JN3c5taVaP616pFGPha
qXB3MAZPc97gBo+tIE6FVXDHdEaVBoAfYUXGZBFSoFjSSL53tWvXBhdrhS/FnX21
9nxWT21OdbNrLvUE7cjksIcOS1sc2Ev0HuucqU3I9ET8NcoeE63QmjEgWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhPgx1rZRa/rHjYx9eKeAqpP7SGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMkUtREhXdGxGci1zZU5qSDE0cDRDcWtfdElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQmcAwQA
wd5gMA0GCSqGSIb3DQEBCwUAA4IBAQCWx/1NcXeJUXwKE44OBZ6TMZeryZkqKW1n
Bj8X1G/u6W+ZJJQHmvG9mZ4DQy4xUEvFitJmO9ELimg5WPrXS0vGES24yTgY2Ijg
3Q/1T7LyB25GKpEhcvW1qcauCxfw9HaPDShZZro28BuSyyawbKXl/S/tnNWSBRor
QCF/a33st4MVhhHn/xX4Hk1KPveqpizgarn8SLdo2SVbYo4XTcud7TFMgf9TvgHu
ET3FXUVVsJRkuV2/i0kPIXwxdvFEf2zEP5vOwkuFKt+XGvos9TTFgyDi6+Ktikz5
WLUtNWkQ1YVql7H8HMTDxv1xMEdzEUiv2lE/eFe0NdMcIKVPE5Kj
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:22:15 2025 by rpki-client