Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/sJGS4PYJXNsa1EcComyN7x_MG4s.roa
File: sJGS4PYJXNsa1EcComyN7x_MG4s.roa (raw, json)
Hash identifier: cv/8XaOl0yl/A8vfhVIkn2U6awhC13j+3gySxcw/pOk=
Subject key identifier: B0:91:92:E0:F6:09:5C:DB:1A:D4:47:02:A2:6C:8D:EF:1F:CC:1B:8B
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01956D48C330BFAC14E041C27480ADFA7D0A
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/sJGS4PYJXNsa1EcComyN7x_MG4s.roa
Signing time: Thu 06 Mar 2025 21:07:19 +0000
ROA not before: Thu 06 Mar 2025 21:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.65.114.0/24 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 13:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:48:c3:30:bf:ac:14:e0:41:c2:74:80:ad:fa:7d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 6 21:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b09192e0f6095cdb1ad44702a26c8def1fcc1b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:18:40:b2:4b:09:5d:7a:e5:a3:72:cb:28:
8c:b2:86:5c:8a:f2:ea:9c:27:e0:31:8e:62:e6:04:
b5:1a:fc:bf:fa:e3:ff:d0:6b:7b:5c:f3:84:6b:49:
39:df:f5:d1:8b:cf:25:57:39:43:18:db:30:6b:13:
4b:a4:db:bf:1a:71:3b:58:e3:c5:38:43:71:22:15:
17:b0:a5:67:49:63:af:51:14:29:23:1a:22:0e:79:
9d:a6:8c:7f:28:ce:54:c0:53:c6:e2:8b:48:32:d8:
30:17:3c:b4:c9:5c:09:f8:b3:59:74:af:4e:33:73:
6e:94:8d:cf:3a:28:f4:cd:2f:8f:d7:b1:fd:6b:ef:
5f:40:a1:9d:a7:a7:c9:d3:69:e5:45:ff:ba:e6:9d:
1a:d0:1c:57:e5:09:f1:38:70:4e:3a:36:1a:67:72:
13:06:27:ab:06:f2:8f:b5:9c:f3:73:6a:9b:c0:99:
ea:8a:74:21:dd:86:ee:26:ac:a8:cd:f6:f6:93:b3:
82:26:50:ff:4f:fb:e4:e2:91:83:c9:cf:bf:5a:5c:
69:74:d6:1e:30:04:ab:4a:53:61:27:c4:12:e0:0b:
00:b6:26:98:cc:a5:61:20:cb:82:72:39:1d:ad:c3:
64:bf:db:61:b1:85:a9:e9:f0:39:ce:c9:51:40:ac:
98:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:91:92:E0:F6:09:5C:DB:1A:D4:47:02:A2:6C:8D:EF:1F:CC:1B:8B
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/sJGS4PYJXNsa1EcComyN7x_MG4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/24
188.209.131.0/24
188.209.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:11:f0:94:de:cb:e2:d0:50:55:16:2f:95:4a:0f:d2:f3:cd:
c0:17:89:f5:df:0c:ea:dd:ab:df:f4:da:62:34:61:f8:90:dd:
02:3e:3a:c3:67:d1:69:62:c1:a7:45:4c:0e:97:41:fb:c4:d7:
97:86:02:40:f6:54:d6:8e:0b:c3:13:51:a1:2a:26:b8:5b:60:
2d:fb:e0:7b:39:76:9c:0e:aa:0a:2b:74:82:0b:12:fb:48:19:
18:6c:04:67:8b:95:45:a3:e4:7a:fa:be:62:cc:1e:6f:bd:7a:
3a:c1:80:4c:7d:83:b0:4f:f3:e7:13:47:59:87:08:64:9f:27:
15:eb:9a:cd:b2:a3:5a:94:0a:e7:24:bd:00:14:b1:99:56:c4:
0a:f5:fb:4a:0a:da:28:d9:fc:c8:4c:3d:31:ca:92:77:51:2a:
cf:24:c0:18:c4:d7:73:85:21:19:c1:89:73:d7:25:e4:57:2b:
a7:b3:31:bf:cb:9d:34:3e:56:61:12:a3:b7:55:00:b2:b7:53:
35:81:78:41:14:62:dd:20:51:7e:5a:51:d5:f6:b6:01:06:f5:
35:02:f6:a0:36:56:5b:58:0c:54:87:9c:49:28:d8:89:d0:b7:
e0:e5:06:a4:d3:9e:b4:ad:cf:0a:0d:a8:32:21:85:17:0a:6c:
d0:f7:7f:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVtSMMwv6wU4EHCdICt+n0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzA2MjEwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkxOTJlMGY2MDk1Y2RiMWFkNDQ3MDJhMjZjOGRlZjFmY2MxYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBkYQLJLCV165aNyyyiMsoZcivLq
nCfgMY5i5gS1Gvy/+uP/0Gt7XPOEa0k53/XRi88lVzlDGNswaxNLpNu/GnE7WOPF
OENxIhUXsKVnSWOvURQpIxoiDnmdpox/KM5UwFPG4otIMtgwFzy0yVwJ+LNZdK9O
M3NulI3POij0zS+P17H9a+9fQKGdp6fJ02nlRf+65p0a0BxX5QnxOHBOOjYaZ3IT
BierBvKPtZzzc2qbwJnqinQh3YbuJqyozfb2k7OCJlD/T/vk4pGDyc+/WlxpdNYe
MASrSlNhJ8QS4AsAtiaYzKVhIMuCcjkdrcNkv9thsYWp6fA5zslRQKyYvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCRkuD2CVzbGtRHAqJsje8fzBuLMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvc0pHUzRQWUpYTnNhMUVjQ29teU43eF9NRzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUFyAwQA
vNGDAwQAvNGGMA0GCSqGSIb3DQEBCwUAA4IBAQChEfCU3svi0FBVFi+VSg/S883A
F4n13wzq3avf9NpiNGH4kN0CPjrDZ9FpYsGnRUwOl0H7xNeXhgJA9lTWjgvDE1Gh
Kia4W2At++B7OXacDqoKK3SCCxL7SBkYbARni5VFo+R6+r5izB5vvXo6wYBMfYOw
T/PnE0dZhwhknycV65rNsqNalArnJL0AFLGZVsQK9ftKCtoo2fzITD0xypJ3USrP
JMAYxNdzhSEZwYlz1yXkVyunszG/y500PlZhEqO3VQCyt1M1gXhBFGLdIFF+WlHV
9rYBBvU1AvagNlZbWAxUh5xJKNiJ0Lfg5Qak0560rc8KDagyIYUXCmzQ93/V
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:23:01 2025 by rpki-client