Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/XNZg4lhMy0d6rnMj8UeavPVBXFI.roa
File: XNZg4lhMy0d6rnMj8UeavPVBXFI.roa (raw, json)
Hash identifier: /iwusy28qyJM6/QuSV+M1vVR0UFLwh16DNXTwRO/Fjo=
Subject key identifier: 5C:D6:60:E2:58:4C:CB:47:7A:AE:73:23:F1:47:9A:BC:F5:41:5C:52
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019594BB7D4A8D1E5E54F21D97345FC347B9
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/XNZg4lhMy0d6rnMj8UeavPVBXFI.roa
Signing time: Fri 14 Mar 2025 12:57:49 +0000
ROA not before: Fri 14 Mar 2025 12:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.65.114.0/24 maxlen: 24
45.65.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 10:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:bb:7d:4a:8d:1e:5e:54:f2:1d:97:34:5f:c3:47:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 14 12:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cd660e2584ccb477aae7323f1479abcf5415c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c9:0c:d5:32:66:ec:d9:d2:5a:06:59:2b:52:
92:e5:92:6c:80:9f:6e:82:4b:b4:62:cd:78:47:80:
f8:19:1f:89:ab:a8:a7:d4:ab:a6:d6:a2:0d:74:7e:
6d:38:7f:64:26:9d:97:1a:1f:5a:86:73:7d:58:5c:
15:32:eb:27:97:31:54:5a:06:35:11:d9:db:eb:c3:
81:ab:4a:0e:69:e2:b1:73:1d:53:07:3f:aa:62:b3:
60:bb:61:0b:3e:78:84:5a:c3:c4:ad:ae:50:99:b6:
8a:da:3b:70:f0:40:53:2f:d5:75:e7:6c:2e:ef:ba:
ca:f2:89:f1:80:2b:d0:b7:45:81:29:0a:36:c6:61:
18:6d:19:42:de:b3:cb:56:76:90:33:87:af:a7:c8:
e4:79:88:eb:d8:55:cb:e2:5a:a4:67:71:36:f3:70:
94:da:56:f1:bb:23:4b:22:2c:5f:0f:1a:3b:d6:9c:
83:94:fd:9d:9d:26:47:ce:4f:d4:ce:c7:32:59:85:
0e:2c:61:13:4e:61:09:84:7b:fa:89:23:4f:68:09:
cc:da:91:8d:fc:6d:70:7f:3e:4a:89:b6:a3:13:25:
e5:c1:ce:bf:ae:dc:3e:fc:91:48:86:44:56:11:68:
e7:f4:51:a0:86:88:68:8d:a2:93:fd:7b:c7:49:a8:
a7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D6:60:E2:58:4C:CB:47:7A:AE:73:23:F1:47:9A:BC:F5:41:5C:52
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/XNZg4lhMy0d6rnMj8UeavPVBXFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
Signature Algorithm: sha256WithRSAEncryption
67:da:c4:a1:29:32:99:75:7f:03:27:79:e9:14:27:09:bd:d6:
9b:8d:bd:8a:ed:0a:e8:1d:56:df:f3:9e:34:3c:dd:ea:35:bf:
4a:c8:57:53:7a:1e:b8:bf:26:9b:f9:92:bb:82:50:7e:56:ef:
a5:fd:b4:b3:d3:27:53:73:95:4a:07:12:8f:12:ac:7f:98:ee:
aa:ac:5d:f2:08:f2:d2:ac:cc:0f:de:3b:76:02:da:69:58:f9:
2d:94:80:47:dc:3c:b5:38:d1:e5:93:f8:48:01:c1:a4:ec:f5:
e0:c9:91:bb:98:58:69:8b:1f:b5:bb:17:74:37:86:16:66:23:
c4:31:82:99:11:38:40:12:b6:f7:27:69:3b:cf:6e:bc:1d:e1:
cd:1f:66:a8:2b:bb:b3:ae:05:d1:22:e6:9d:a8:93:e8:b2:0d:
a3:56:7d:1e:eb:f0:ea:5a:6f:fd:cc:eb:56:fe:3f:86:35:a4:
4b:29:d3:84:51:7b:e9:9a:37:4a:34:dc:0f:ca:fe:1b:8d:c4:
b0:7d:67:6c:be:d1:f9:3b:a9:0b:b7:6d:bf:33:0c:4e:22:23:
79:c4:6f:ac:c6:87:20:ce:94:76:54:dc:7e:e2:9f:b8:4f:fe:
4d:41:18:e1:55:c6:07:39:b0:3e:10:2d:12:6e:e2:84:12:5d:
26:30:6b:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWUu31KjR5eVPIdlzRfw0e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzE0MTI1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q2NjBlMjU4NGNjYjQ3N2FhZTczMjNmMTQ3OWFiY2Y1NDE1YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8kM1TJm7NnSWgZZK1KS5ZJsgJ9u
gku0Ys14R4D4GR+Jq6in1Kum1qINdH5tOH9kJp2XGh9ahnN9WFwVMusnlzFUWgY1
Ednb68OBq0oOaeKxcx1TBz+qYrNgu2ELPniEWsPEra5QmbaK2jtw8EBTL9V152wu
77rK8onxgCvQt0WBKQo2xmEYbRlC3rPLVnaQM4evp8jkeYjr2FXL4lqkZ3E283CU
2lbxuyNLIixfDxo71pyDlP2dnSZHzk/UzscyWYUOLGETTmEJhHv6iSNPaAnM2pGN
/G1wfz5KibajEyXlwc6/rtw+/JFIhkRWEWjn9FGghohojaKT/XvHSainLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzWYOJYTMtHeq5zI/FHmrz1QVxSMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvWE5aZzRsaE15MGQ2cm5NajhVZWF2UFZCWEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQBn2sShKTKZdX8DJ3npFCcJvdabjb2K7QroHVbf8540
PN3qNb9KyFdTeh64vyab+ZK7glB+Vu+l/bSz0ydTc5VKBxKPEqx/mO6qrF3yCPLS
rMwP3jt2AtppWPktlIBH3Dy1ONHlk/hIAcGk7PXgyZG7mFhpix+1uxd0N4YWZiPE
MYKZEThAErb3J2k7z268HeHNH2aoK7uzrgXRIuadqJPosg2jVn0e6/DqWm/9zOtW
/j+GNaRLKdOEUXvpmjdKNNwPyv4bjcSwfWdsvtH5O6kLt22/MwxOIiN5xG+sxocg
zpR2VNx+4p+4T/5NQRjhVcYHObA+EC0SbuKEEl0mMGub
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:37:46 2025 by rpki-client