Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa
File: x_4i9LMI5mdLffAwUmTVjtubOmY.roa (raw, json)
Hash identifier: K657WPIiSgJms9cPyIo4gkJyo5OzIAlFAlJbKj6aR5A=
Subject key identifier: C7:FE:22:F4:B3:08:E6:67:4B:7D:F0:30:52:64:D5:8E:DB:9B:3A:66
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0196E7ABFCDE7C780A2ABDC0AD9CCA1A8949
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa
Signing time: Mon 19 May 2025 08:32:10 +0000
ROA not before: Mon 19 May 2025 08:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.92.218.0/23 maxlen: 23
45.134.36.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
92.118.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 27 May 2025 11:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:ab:fc:de:7c:78:0a:2a:bd:c0:ad:9c:ca:1a:89:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 19 08:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7fe22f4b308e6674b7df0305264d58edb9b3a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:26:6e:21:fb:64:b4:35:20:31:32:01:18:
03:fb:ac:d4:07:00:b5:cd:e9:5b:1b:0e:a5:88:77:
03:97:26:6d:e1:ae:b4:c0:16:c5:4e:60:16:f9:76:
df:a3:a1:ad:b3:fd:23:4f:63:d2:82:79:78:20:d8:
88:dc:c3:f4:47:3d:5a:cb:4c:2e:1a:19:15:49:9d:
f7:bc:74:97:37:91:63:bd:2c:ce:5a:9a:c9:f6:d0:
5e:a8:61:5b:63:c1:af:59:86:30:51:e1:28:fc:50:
c3:d9:b3:d6:a2:da:6d:58:22:ca:7b:bc:68:1b:21:
d5:f2:6c:f5:37:84:0e:57:d4:f3:08:83:3b:c4:83:
d0:f4:30:1c:8f:13:26:70:ad:5d:35:a4:bf:d8:4a:
c0:cd:75:d1:d0:b5:f9:f7:0c:33:09:1c:0e:73:d6:
fc:90:c2:05:ba:c2:ff:2c:ee:29:43:8b:48:b0:07:
49:eb:c5:4e:59:61:0b:c3:a5:f2:be:f0:61:53:8a:
aa:8a:4a:fa:cf:7c:b9:a9:b0:b7:40:b2:83:98:23:
0f:8a:fd:73:a0:61:c7:e7:22:45:d1:db:6d:d6:00:
c6:10:e6:2d:3b:ca:a0:4a:40:41:3c:d7:f0:7d:6e:
51:47:52:6a:0d:37:de:3b:88:f8:1b:9c:76:32:3b:
13:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FE:22:F4:B3:08:E6:67:4B:7D:F0:30:52:64:D5:8E:DB:9B:3A:66
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/23
45.134.36.0/24
45.142.105.0/24
45.151.56.0/24
45.152.162.0/23
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
65:fd:5e:b2:1c:62:0e:69:7d:68:db:24:e6:ff:3f:f2:be:2c:
a5:c6:f9:69:ae:27:59:50:8b:cb:04:81:b4:ce:25:96:2c:27:
c9:89:2e:4a:a0:a2:4d:de:83:df:05:a2:b1:f9:7b:a6:c0:69:
cb:20:5d:52:e4:4c:31:1b:c7:9c:e4:23:07:92:72:b8:da:74:
ff:4b:8a:b6:29:80:2b:da:39:0e:15:a9:3b:10:c0:10:b6:81:
28:5b:6f:dc:62:0d:dc:6a:7e:de:f0:46:ad:0a:5c:97:21:e3:
d0:55:93:44:d9:c8:3b:fc:f4:5d:a2:13:9f:10:42:3a:1a:47:
fc:e3:cb:42:4d:2a:61:c1:b4:bf:36:3b:b1:8f:68:e1:87:59:
54:79:22:55:c1:52:47:ee:9c:02:c9:f3:67:ac:e7:80:03:26:
78:c6:35:98:2f:b8:9d:d4:5d:3b:16:f4:f2:e5:e8:bc:94:43:
c5:75:ef:12:63:b5:73:21:85:b1:ed:3f:4c:d5:bb:fc:aa:0c:
92:94:5a:59:cb:00:c4:cf:87:55:22:0f:78:cb:fe:49:3b:69:
16:13:d5:4a:71:29:19:8a:4f:0f:d6:01:d3:0a:1f:09:2c:79:
c2:f6:97:07:ce:63:b4:15:5a:71:a5:d9:33:c9:98:2d:bf:58:
20:30:25:a1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbnq/zefHgKKr3ArZzKGolJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNTE5MDgzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZlMjJmNGIzMDhlNjY3NGI3ZGYwMzA1MjY0ZDU4ZWRiOWIzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOQmbiH7ZLQ1IDEyARgD+6zUBwC1
zelbGw6liHcDlyZt4a60wBbFTmAW+Xbfo6Gts/0jT2PSgnl4INiI3MP0Rz1ay0wu
GhkVSZ33vHSXN5FjvSzOWprJ9tBeqGFbY8GvWYYwUeEo/FDD2bPWotptWCLKe7xo
GyHV8mz1N4QOV9TzCIM7xIPQ9DAcjxMmcK1dNaS/2ErAzXXR0LX59wwzCRwOc9b8
kMIFusL/LO4pQ4tIsAdJ68VOWWELw6XyvvBhU4qqikr6z3y5qbC3QLKDmCMPiv1z
oGHH5yJF0dtt1gDGEOYtO8qgSkBBPNfwfW5RR1JqDTfeO4j4G5x2MjsT3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMf+IvSzCOZnS33wMFJk1Y7bmzpmMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveF80aTlMTUk1bWRMZmZBd1VtVFZqdHViT21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVzaAwQA
LYYkAwQALY5pAwQALZc4AwQBLZiiAwQCXHbMMA0GCSqGSIb3DQEBCwUAA4IBAQBl
/V6yHGIOaX1o2yTm/z/yviylxvlpridZUIvLBIG0ziWWLCfJiS5KoKJN3oPfBaKx
+XumwGnLIF1S5EwxG8ec5CMHknK42nT/S4q2KYAr2jkOFak7EMAQtoEoW2/cYg3c
an7e8EatClyXIePQVZNE2cg7/PRdohOfEEI6Gkf848tCTSphwbS/Njuxj2jhh1lU
eSJVwVJH7pwCyfNnrOeAAyZ4xjWYL7id1F07FvTy5ei8lEPFde8SY7VzIYWx7T9M
1bv8qgySlFpZywDEz4dVIg94y/5JO2kWE9VKcSkZik8P1gHTCh8JLHnC9pcHzmO0
FVpxpdkzyZgtv1ggMCWh
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:23:45 2025 by rpki-client