Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uucH6UZ830ojz6nZxv5hbt4UIrw.roa
File: uucH6UZ830ojz6nZxv5hbt4UIrw.roa (raw, json)
Hash identifier: a4Y/Yi5SIslefcg3EsE+heSqYZER99SlEtxt7JI6/G4=
Subject key identifier: BA:E7:07:E9:46:7C:DF:4A:23:CF:A9:D9:C6:FE:61:6E:DE:14:22:BC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428245BF7483E329799CF3F70BB6B9228
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uucH6UZ830ojz6nZxv5hbt4UIrw.roa
Signing time: Thu 02 Jan 2025 17:50:58 +0000
ROA not before: Thu 02 Jan 2025 17:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9028
IP address blocks: 45.144.155.0/24 maxlen: 24
93.123.16.0/24 maxlen: 24
93.123.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 13:52:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:5b:f7:48:3e:32:97:99:cf:3f:70:bb:6b:92:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bae707e9467cdf4a23cfa9d9c6fe616ede1422bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ae:b6:34:6e:78:b9:9a:0c:d1:2a:13:57:2b:
82:1f:0e:f4:a1:c3:8b:8f:e1:7e:fc:8f:3d:ed:0a:
7e:46:cb:81:a6:70:6e:88:2f:34:fd:7f:0b:d7:89:
98:15:a5:a1:e6:bc:24:81:af:2e:4b:b3:37:a8:55:
d0:2f:b8:32:e4:57:81:9d:af:70:37:16:e0:1f:e2:
3b:c6:9e:51:48:c5:16:66:79:15:be:0a:4f:00:6a:
40:96:70:91:ec:0d:a3:23:d1:e6:5e:f4:2d:5c:66:
d6:45:a6:04:89:84:42:28:14:d9:08:bf:fb:0d:98:
82:4f:e1:4e:8a:8b:02:65:ae:74:ca:80:e5:00:10:
bb:6a:58:32:e1:04:bc:cb:c8:d6:9b:68:57:10:cf:
88:e3:9b:1d:17:fc:80:f9:97:a4:92:56:94:24:97:
5f:e1:42:ed:ea:a7:9b:66:5b:ce:c2:23:3a:95:6a:
38:ec:4f:7b:de:e9:5f:c6:22:91:e4:0c:2e:9a:f2:
73:9b:c1:cb:48:a6:4e:7a:46:97:d2:01:a5:cb:cf:
2a:c7:30:a3:12:b1:6c:ea:b4:da:74:2d:6e:05:fd:
e2:7d:0f:39:02:b4:8f:07:57:93:b3:ed:e4:66:40:
14:a9:ea:ec:7a:d1:db:0c:81:e6:97:7f:2c:2f:68:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E7:07:E9:46:7C:DF:4A:23:CF:A9:D9:C6:FE:61:6E:DE:14:22:BC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uucH6UZ830ojz6nZxv5hbt4UIrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.155.0/24
93.123.16.0/24
93.123.22.0/24
Signature Algorithm: sha256WithRSAEncryption
69:55:d5:f7:f6:a7:53:1d:e1:a1:42:be:55:c7:0f:50:9c:d8:
9d:4c:09:1d:cb:00:53:fc:db:f9:88:14:80:ef:b8:28:b9:d7:
8f:ec:ce:86:74:59:c8:0f:93:21:28:83:e8:92:55:45:49:f6:
38:6f:a9:16:60:e8:6b:1e:b8:86:93:d4:51:c2:f2:96:42:24:
e6:75:7c:0e:9d:95:70:96:6f:a8:5a:4a:80:8d:21:90:76:e6:
4a:8b:71:45:ee:d5:b6:f9:09:81:d1:77:45:48:9e:92:5c:ee:
c1:54:b2:57:1e:74:26:a3:4b:90:24:2e:44:7c:94:ba:e7:80:
c6:b5:c8:7f:84:a1:98:da:c9:b3:09:a7:f9:60:ae:cf:6d:e7:
b7:da:e3:85:e4:18:81:a9:01:0f:c4:b1:7e:30:8d:be:c1:2d:
a2:20:ed:d5:5d:c6:24:a6:44:80:dd:77:57:8e:9e:13:de:8f:
d0:64:c5:c3:a1:25:4a:f1:f4:d3:f2:2e:51:e5:6e:ef:2d:c9:
97:4a:22:91:b9:f5:91:e5:26:a6:dc:b4:31:8c:e7:bc:f8:41:
05:c4:27:e6:e5:c9:2d:dd:14:0c:61:77:9e:05:b0:40:52:c7:
da:6f:32:d6:3d:1e:eb:46:61:12:40:06:f3:a3:2f:1a:2b:8e:
71:7f:b1:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJFv3SD4yl5nPP3C7a5IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU3MDdlOTQ2N2NkZjRhMjNjZmE5ZDljNmZlNjE2ZWRlMTQyMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja62NG54uZoM0SoTVyuCHw70ocOL
j+F+/I897Qp+RsuBpnBuiC80/X8L14mYFaWh5rwkga8uS7M3qFXQL7gy5FeBna9w
NxbgH+I7xp5RSMUWZnkVvgpPAGpAlnCR7A2jI9HmXvQtXGbWRaYEiYRCKBTZCL/7
DZiCT+FOiosCZa50yoDlABC7algy4QS8y8jWm2hXEM+I45sdF/yA+ZekklaUJJdf
4ULt6qebZlvOwiM6lWo47E973ulfxiKR5AwumvJzm8HLSKZOekaX0gGly88qxzCj
ErFs6rTadC1uBf3ifQ85ArSPB1eTs+3kZkAUqersetHbDIHml38sL2gAUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrnB+lGfN9KI8+p2cb+YW7eFCK8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdXVjSDZVWjgzMG9qejZuWnh2NWhidDRVSXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZCbAwQA
XXsQAwQAXXsWMA0GCSqGSIb3DQEBCwUAA4IBAQBpVdX39qdTHeGhQr5Vxw9QnNid
TAkdywBT/Nv5iBSA77goudeP7M6GdFnID5MhKIPoklVFSfY4b6kWYOhrHriGk9RR
wvKWQiTmdXwOnZVwlm+oWkqAjSGQduZKi3FF7tW2+QmB0XdFSJ6SXO7BVLJXHnQm
o0uQJC5EfJS654DGtch/hKGY2smzCaf5YK7Pbee32uOF5BiBqQEPxLF+MI2+wS2i
IO3VXcYkpkSA3XdXjp4T3o/QZMXDoSVK8fTT8i5R5W7vLcmXSiKRufWR5Sam3LQx
jOe8+EEFxCfm5ckt3RQMYXeeBbBAUsfabzLWPR7rRmESQAbzoy8aK45xf7E7
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:34:56 2025 by rpki-client