Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xVQYeirgoYgR8neJ_fyuoxulwfQ.roa
File: xVQYeirgoYgR8neJ_fyuoxulwfQ.roa (raw, json)
Hash identifier: 1aCrgklQSH3huJE/sSMnOtxzQbg+OWLV+xYrjjdiL1E=
Subject key identifier: C5:54:18:7A:2A:E0:A1:88:11:F2:77:89:FD:FC:AE:A3:1B:A5:C1:F4
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195531DD9C03FBD02B84E7D54BF3FB8D188
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xVQYeirgoYgR8neJ_fyuoxulwfQ.roa
Signing time: Sat 01 Mar 2025 19:10:19 +0000
ROA not before: Sat 01 Mar 2025 19:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.190.0/23 maxlen: 24
45.65.114.0/24 maxlen: 24
45.154.156.0/22 maxlen: 24
185.83.200.0/22 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 20:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:53:1d:d9:c0:3f:bd:02:b8:4e:7d:54:bf:3f:b8:d1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 1 19:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c554187a2ae0a18811f27789fdfcaea31ba5c1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4a:94:96:cc:04:1f:9b:e6:40:e9:89:7e:05:
20:df:6d:76:9c:eb:cc:ad:0d:02:c5:bb:0d:ca:d3:
04:df:e7:d0:ca:89:e6:2b:2c:5a:6d:88:d1:2f:23:
d1:29:0b:e4:4d:a6:4d:33:77:41:85:99:5c:c5:06:
23:9a:56:60:b6:e3:17:aa:82:40:db:9b:88:c7:05:
4b:ff:7c:7b:2a:72:c2:e6:5f:bb:c9:f7:6f:80:d0:
93:61:66:df:7e:b7:0e:7b:1d:c1:fe:98:cf:88:76:
53:8e:08:ea:f7:b4:9c:78:e1:c9:14:c0:23:b9:f1:
86:22:de:47:f2:96:34:90:1c:14:05:cb:be:01:cf:
c2:28:6a:76:dc:9f:27:8f:b9:b2:09:68:07:8f:c4:
a4:64:a4:98:ff:72:eb:56:4b:cf:30:9f:22:46:d2:
b0:52:ab:f8:09:d9:eb:23:79:31:7d:f5:a1:09:76:
2a:8c:89:9f:0e:c8:34:54:6a:3b:14:fb:ef:cd:b6:
f6:43:0a:2a:88:7a:66:94:98:fc:39:22:6d:8d:8e:
1e:4a:79:38:ad:d0:1e:3e:11:4a:81:4e:d4:0e:8c:
db:18:a4:96:60:ec:14:85:43:f7:20:7e:26:b3:26:
f1:e7:6d:ca:18:e0:c7:3b:ca:b1:5e:af:1b:2b:0e:
bd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:54:18:7A:2A:E0:A1:88:11:F2:77:89:FD:FC:AE:A3:1B:A5:C1:F4
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xVQYeirgoYgR8neJ_fyuoxulwfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.190.0/23
45.65.114.0/24
45.154.156.0/22
185.83.200.0/22
188.209.131.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
88:15:c1:cc:ff:c2:bc:41:43:da:a9:d8:c2:e3:e7:8b:f1:df:
ba:3e:87:a3:1c:ea:0d:d0:69:c0:95:42:53:e3:3e:97:73:c2:
e8:be:25:34:0a:5d:6b:40:73:87:aa:0e:95:6f:03:a0:13:17:
1b:9e:c6:84:79:d1:5e:b5:70:c4:8a:28:9b:46:87:09:81:cd:
0e:ea:87:aa:10:67:29:fb:c5:2d:6c:59:3c:50:b8:86:17:c1:
4a:83:bf:ba:c2:b5:b8:70:77:4b:9c:b1:23:cd:d4:29:e1:68:
c5:4f:19:61:2a:82:cb:d1:e4:0c:ea:1b:2a:8e:72:e4:c8:0e:
2b:b1:b7:01:30:bf:d0:19:0f:8e:51:35:c7:25:ff:11:fe:46:
2b:78:af:e4:95:30:de:03:93:d2:0b:bd:d7:80:71:e4:c3:af:
cf:27:98:7a:fe:44:cf:04:4c:76:3f:bd:36:44:a0:fc:af:2c:
0d:57:a9:09:b1:1f:9b:05:b5:2b:6a:b0:a1:0c:30:fe:55:cd:
f0:10:c8:d3:fe:6d:fa:b8:77:d3:c9:f0:90:3f:05:f5:d1:53:
01:16:2b:de:ec:67:27:3b:a0:63:a4:28:0d:13:83:90:e3:15:
24:f5:dc:93:45:c2:28:06:dd:55:c6:c3:ce:97:24:45:3a:5e:
69:21:45:b7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVTHdnAP70CuE59VL8/uNGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzAxMTkxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTU0MTg3YTJhZTBhMTg4MTFmMjc3ODlmZGZjYWVhMzFiYTVjMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0qUlswEH5vmQOmJfgUg3212nOvM
rQ0CxbsNytME3+fQyonmKyxabYjRLyPRKQvkTaZNM3dBhZlcxQYjmlZgtuMXqoJA
25uIxwVL/3x7KnLC5l+7yfdvgNCTYWbffrcOex3B/pjPiHZTjgjq97SceOHJFMAj
ufGGIt5H8pY0kBwUBcu+Ac/CKGp23J8nj7myCWgHj8SkZKSY/3LrVkvPMJ8iRtKw
Uqv4CdnrI3kxffWhCXYqjImfDsg0VGo7FPvvzbb2QwoqiHpmlJj8OSJtjY4eSnk4
rdAePhFKgU7UDozbGKSWYOwUhUP3IH4msybx523KGODHO8qxXq8bKw69/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMVUGHoq4KGIEfJ3if38rqMbpcH0MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEveFZRWWVpcmdvWWdSOG5lSl9meXVveHVsd2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLQu+AwQA
LUFyAwQCLZqcAwQCuVPIAwQAvNGDAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQCI
FcHM/8K8QUPaqdjC4+eL8d+6PoejHOoN0GnAlUJT4z6Xc8LoviU0Cl1rQHOHqg6V
bwOgExcbnsaEedFetXDEiiibRocJgc0O6oeqEGcp+8UtbFk8ULiGF8FKg7+6wrW4
cHdLnLEjzdQp4WjFTxlhKoLL0eQM6hsqjnLkyA4rsbcBML/QGQ+OUTXHJf8R/kYr
eK/klTDeA5PSC73XgHHkw6/PJ5h6/kTPBEx2P702RKD8rywNV6kJsR+bBbUrarCh
DDD+Vc3wEMjT/m36uHfTyfCQPwX10VMBFive7GcnO6BjpCgNE4OQ4xUk9dyTRcIo
Bt1VxsPOlyRFOl5pIUW3
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:47:33 2025 by rpki-client