Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5LXVqixWocLZq_7jSaqBA9y5fDw.roa
File: 5LXVqixWocLZq_7jSaqBA9y5fDw.roa (raw, json)
Hash identifier: u+kFNInGFbRunQq+9Th9jxv4T7iPgy4tOFQgl2uHlH8=
Subject key identifier: E4:B5:D5:AA:2C:56:A1:C2:D9:AB:FE:E3:49:AA:81:03:DC:B9:7C:3C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195F25BFF35CE1BC1B9B4C21817C1D78892
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5LXVqixWocLZq_7jSaqBA9y5fDw.roa
Signing time: Tue 01 Apr 2025 17:17:50 +0000
ROA not before: Tue 01 Apr 2025 17:17:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 45.90.88.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Apr 2025 19:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f2:5b:ff:35:ce:1b:c1:b9:b4:c2:18:17:c1:d7:88:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 1 17:17:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4b5d5aa2c56a1c2d9abfee349aa8103dcb97c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:54:e5:c9:6d:f3:4c:b0:0f:71:58:98:dc:
e8:6d:ee:77:3c:4c:ab:0e:c8:1c:59:fa:3d:db:46:
08:b9:54:a1:23:2c:b7:70:2d:c2:33:e6:fc:38:84:
c0:49:6a:18:5e:0b:8b:c3:8e:c6:44:f3:09:0b:01:
ab:8d:9c:74:76:93:d0:cf:ff:59:c7:86:ef:55:29:
39:0c:53:0a:61:42:8c:ad:b5:90:06:0a:06:42:90:
93:83:a2:51:a5:38:99:52:af:95:01:6f:8b:8b:86:
f1:f2:cb:f3:24:5f:90:f2:cc:17:2a:85:34:10:a0:
5f:44:da:84:ff:93:a1:1d:96:1a:79:9c:fb:99:dc:
f1:5b:d8:2e:e0:8b:90:c1:ad:11:3a:a2:65:7b:be:
0f:98:c1:06:88:9a:f9:7f:5d:b6:9e:6c:c1:cf:f8:
36:f4:d4:1e:99:77:3f:27:c9:67:aa:97:84:a0:0a:
62:9f:de:82:71:a2:4d:1b:1a:b7:9e:1a:22:8e:89:
c1:f1:1f:7e:6e:21:db:5f:c9:0e:ed:04:19:13:1d:
99:f0:fe:2c:28:60:2e:79:5e:5e:47:b4:14:04:00:
c9:d0:b0:38:f3:2f:b5:b5:5c:2a:d9:31:44:70:35:
b5:f2:71:40:77:5c:ca:2d:a0:53:4c:21:87:f8:30:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B5:D5:AA:2C:56:A1:C2:D9:AB:FE:E3:49:AA:81:03:DC:B9:7C:3C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5LXVqixWocLZq_7jSaqBA9y5fDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.88.0/24
45.128.96.0/24
45.149.242.0/24
87.121.103.0-87.121.104.255
91.92.16.0/24
93.123.24.0/24
94.156.113.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d4:46:71:71:ff:7d:d1:97:8b:38:b4:0b:70:be:75:85:8d:
12:53:82:ac:57:41:c6:08:01:0b:76:9e:4c:1c:25:10:64:d5:
da:a6:9d:9b:ac:bb:05:24:c2:17:44:74:48:70:91:79:93:a5:
bf:a8:3e:7e:ee:6f:63:e1:cc:bd:4e:eb:83:5d:ea:52:52:ca:
60:02:07:f8:86:e2:69:d0:7a:74:63:c3:9e:a0:80:3a:40:15:
30:e7:66:9f:c4:31:8a:f9:e5:81:21:cf:98:31:54:0b:d7:ed:
a5:5b:d4:45:b2:ca:6d:39:b3:b2:16:37:a2:3a:49:47:a2:60:
d1:8f:12:6b:58:da:b1:36:2f:f4:e0:8d:c4:67:c0:2c:2a:3f:
cd:be:e2:5d:f4:28:06:1f:db:35:f3:a9:7c:91:33:aa:cd:a9:
fd:b2:b9:df:fc:f6:18:55:3c:d9:c5:74:0d:18:84:8a:2a:4b:
30:df:8d:d6:79:1a:2a:16:98:8e:80:ea:29:ac:c7:15:72:37:
d4:82:2c:76:20:77:53:6e:fd:b8:c4:13:6b:ce:d6:cf:45:b3:
08:9d:95:9e:97:be:7c:0f:6e:0f:7f:c3:56:8e:4c:ca:73:4b:
d8:e3:22:0d:8d:1b:21:88:90:e1:08:b8:ca:02:6b:fb:d8:19:
65:64:5f:4a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZXyW/81zhvBubTCGBfB14iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDAxMTcxNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI1ZDVhYTJjNTZhMWMyZDlhYmZlZTM0OWFhODEwM2RjYjk3YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbxU5clt80ywD3FYmNzobe53PEyr
DsgcWfo920YIuVShIyy3cC3CM+b8OITASWoYXguLw47GRPMJCwGrjZx0dpPQz/9Z
x4bvVSk5DFMKYUKMrbWQBgoGQpCTg6JRpTiZUq+VAW+Li4bx8svzJF+Q8swXKoU0
EKBfRNqE/5OhHZYaeZz7mdzxW9gu4IuQwa0ROqJle74PmMEGiJr5f122nmzBz/g2
9NQemXc/J8lnqpeEoApin96CcaJNGxq3nhoijonB8R9+biHbX8kO7QQZEx2Z8P4s
KGAueV5eR7QUBADJ0LA48y+1tVwq2TFEcDW18nFAd1zKLaBTTCGH+DCN5wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOS11aosVqHC2av+40mqgQPcuXw8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUxYVnFpeFdvY0xacV83alNhcUJBOXk1ZkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALVpYAwQA
LYBgAwQALZXyMAwDBABXeWcDBABXeWgDBABbXBADBABdexgDBABenHEwDQYJKoZI
hvcNAQELBQADggEBAJzURnFx/33Rl4s4tAtwvnWFjRJTgqxXQcYIAQt2nkwcJRBk
1dqmnZusuwUkwhdEdEhwkXmTpb+oPn7ub2PhzL1O64Nd6lJSymACB/iG4mnQenRj
w56ggDpAFTDnZp/EMYr55YEhz5gxVAvX7aVb1EWyym05s7IWN6I6SUeiYNGPEmtY
2rE2L/TgjcRnwCwqP82+4l30KAYf2zXzqXyRM6rNqf2yud/89hhVPNnFdA0YhIoq
SzDfjdZ5GioWmI6A6imsxxVyN9SCLHYgd1Nu/bjEE2vO1s9FswidlZ6XvnwPbg9/
w1aOTMpzS9jjIg2NGyGIkOEIuMoCa/vYGWVkX0o=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:35:03 2025 by rpki-client