Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/8Nq49yuG5RMVweqK18RtplWL-0Y.roa
File: 8Nq49yuG5RMVweqK18RtplWL-0Y.roa (raw, json)
Hash identifier: miJm7F4ASj8lDW4p8xp5stZlsbfNZuvFK+mUH5+rsnU=
Subject key identifier: F0:DA:B8:F7:2B:86:E5:13:15:C1:EA:8A:D7:C4:6D:A6:55:8B:FB:46
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019589FF1489CC86D293BF8792029D080ACF
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/8Nq49yuG5RMVweqK18RtplWL-0Y.roa
Signing time: Wed 12 Mar 2025 10:55:50 +0000
ROA not before: Wed 12 Mar 2025 10:55:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.65.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 12:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:ff:14:89:cc:86:d2:93:bf:87:92:02:9d:08:0a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 12 10:55:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0dab8f72b86e51315c1ea8ad7c46da6558bfb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:20:47:2a:4a:9a:b2:87:b4:a8:90:77:89:1a:
f7:01:37:59:25:62:1e:e4:24:cc:9e:70:cf:83:2a:
d3:ba:d7:c3:c3:7b:24:0d:7e:d9:39:2d:c2:ba:12:
42:55:7d:fe:50:83:36:3a:20:e3:93:7a:c1:68:f5:
04:ee:be:68:13:26:35:a2:2e:b9:20:aa:41:30:f7:
19:ec:a5:a7:70:df:10:f4:8f:ea:3d:80:39:1f:31:
a1:80:71:f2:4b:42:86:e5:f2:7d:17:75:af:05:ea:
1d:84:89:03:76:7f:f3:4a:cf:7b:9c:95:71:b1:1d:
51:81:ec:69:c9:eb:7c:7a:cb:6e:95:bd:1d:21:87:
b8:2a:54:63:06:e2:ec:39:81:1d:b0:fc:6f:44:25:
7b:92:ac:aa:dd:a7:a4:23:1c:cd:60:61:1e:29:b5:
55:d0:47:70:0b:71:fe:d3:23:d7:42:18:7f:cb:b3:
45:73:22:c4:5d:05:d4:02:c3:d7:82:07:a5:2b:a2:
d3:01:2e:17:ed:43:49:b3:55:ba:c3:45:a7:09:ef:
23:5c:62:23:07:e0:de:66:9d:33:4b:d7:fc:34:18:
45:a0:ad:05:37:27:55:a7:0a:9d:75:30:2c:f8:6c:
d5:77:e6:9c:bb:dc:93:f8:30:8a:57:80:63:64:8c:
08:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DA:B8:F7:2B:86:E5:13:15:C1:EA:8A:D7:C4:6D:A6:55:8B:FB:46
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/8Nq49yuG5RMVweqK18RtplWL-0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:90:14:63:d9:f4:1d:fb:fd:22:ae:03:71:41:8d:a6:95:88:
cc:51:40:3b:27:95:45:91:b7:31:e6:61:7b:9d:7e:af:ee:51:
a1:bb:5c:b5:9d:dc:74:d7:b1:cc:84:de:88:be:28:86:ff:61:
b2:cd:40:2d:5d:aa:24:84:40:2b:6e:9c:3e:b3:19:af:7d:7f:
87:23:20:41:e8:b9:e3:1b:fb:f4:53:96:8f:f3:95:e0:1c:75:
fe:66:bb:ca:bb:55:e5:30:1c:67:91:b6:18:6d:5d:81:24:49:
63:e9:25:b3:4c:b7:8e:70:6d:c6:67:1d:73:c7:2c:20:f5:40:
34:5e:3e:f4:bb:da:f6:b7:67:6a:c7:ff:2f:b7:6b:dc:5e:8f:
30:62:85:19:e7:5c:71:96:e6:bc:57:99:59:e9:cf:12:fa:5f:
61:02:c6:77:ac:86:22:11:4e:29:84:49:4d:a8:31:16:64:aa:
2c:0d:5c:1d:72:78:31:39:28:52:d4:36:d8:67:e5:88:20:ec:
e8:fc:1e:e8:72:73:a9:24:14:c8:5c:5e:2b:5b:f9:e9:49:cf:
21:c2:0a:fa:82:ba:65:67:46:e4:eb:19:16:67:8d:f6:a8:f6:
9e:28:c2:38:70:ec:20:c0:fc:9a:aa:4f:53:37:21:f6:7d:be:
16:92:92:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWJ/xSJzIbSk7+HkgKdCArPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzEyMTA1NTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRhYjhmNzJiODZlNTEzMTVjMWVhOGFkN2M0NmRhNjU1OGJmYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iBHKkqasoe0qJB3iRr3ATdZJWIe
5CTMnnDPgyrTutfDw3skDX7ZOS3CuhJCVX3+UIM2OiDjk3rBaPUE7r5oEyY1oi65
IKpBMPcZ7KWncN8Q9I/qPYA5HzGhgHHyS0KG5fJ9F3WvBeodhIkDdn/zSs97nJVx
sR1Rgexpyet8estulb0dIYe4KlRjBuLsOYEdsPxvRCV7kqyq3aekIxzNYGEeKbVV
0EdwC3H+0yPXQhh/y7NFcyLEXQXUAsPXggelK6LTAS4X7UNJs1W6w0WnCe8jXGIj
B+DeZp0zS9f8NBhFoK0FNydVpwqddTAs+GzVd+acu9yT+DCKV4BjZIwINQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDauPcrhuUTFcHqitfEbaZVi/tGMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvOE5xNDl5dUc1Uk1Wd2VxSzE4UnRwbFdMLTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQCakBRj2fQd+/0irgNxQY2mlYjMUUA7J5VFkbcx5mF7
nX6v7lGhu1y1ndx017HMhN6IviiG/2GyzUAtXaokhEArbpw+sxmvfX+HIyBB6Lnj
G/v0U5aP85XgHHX+ZrvKu1XlMBxnkbYYbV2BJElj6SWzTLeOcG3GZx1zxywg9UA0
Xj70u9r2t2dqx/8vt2vcXo8wYoUZ51xxlua8V5lZ6c8S+l9hAsZ3rIYiEU4phElN
qDEWZKosDVwdcngxOShS1DbYZ+WIIOzo/B7ocnOpJBTIXF4rW/npSc8hwgr6grpl
Z0bk6xkWZ432qPaeKMI4cOwgwPyaqk9TNyH2fb4WkpIQ
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:35:39 2025 by rpki-client