Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4dIO8GeYPaYmC9ePC03nBYqSWE0.roa
File: 4dIO8GeYPaYmC9ePC03nBYqSWE0.roa (raw, json)
Hash identifier: M/rhXFDX/cwqUY0M1FNigrETfjIMrsvNmGqOEje2X0o=
Subject key identifier: E1:D2:0E:F0:67:98:3D:A6:26:0B:D7:8F:0B:4D:E7:05:8A:92:58:4D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01964863516BB427FACB9F1F6B9B42AC4CD9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4dIO8GeYPaYmC9ePC03nBYqSWE0.roa
Signing time: Fri 18 Apr 2025 10:13:10 +0000
ROA not before: Fri 18 Apr 2025 10:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 45.94.169.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 12:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:63:51:6b:b4:27:fa:cb:9f:1f:6b:9b:42:ac:4c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 18 10:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1d20ef067983da6260bd78f0b4de7058a92584d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3f:b7:aa:cc:64:9a:74:c1:7a:ab:99:ad:b8:
04:42:c4:49:dc:9f:ec:3f:b2:c6:76:ff:54:de:1f:
6a:bf:4c:5d:7c:ad:82:13:ff:e1:61:ad:88:93:28:
c1:62:4a:b5:54:f8:d3:05:35:d8:19:82:f7:d3:7b:
20:38:19:71:9c:1d:8d:0f:01:93:33:48:6b:11:26:
15:9a:e3:bd:a1:83:c1:4c:70:c7:08:97:27:aa:2f:
96:53:41:78:08:2e:37:58:36:aa:38:19:0e:b0:10:
ae:e0:28:0a:e1:f2:df:99:65:6d:de:33:20:dd:ca:
87:c8:35:2f:b5:95:60:94:0a:1c:06:f7:a5:b0:3f:
a2:1f:68:a5:d2:b2:ca:79:38:99:52:d8:e5:e4:9d:
79:90:2f:20:30:99:59:7f:6c:e2:1b:10:91:c9:90:
a1:e7:2d:f5:ce:cb:3a:6b:8a:d2:71:91:64:97:a4:
3c:1a:0e:15:82:fc:42:33:91:9f:a2:86:62:8a:f4:
24:f2:29:6e:28:9e:29:2a:e9:13:05:e4:1c:b8:7b:
4b:bd:63:f0:97:17:e6:e2:52:5c:98:54:cd:00:b2:
10:3b:7e:9e:e4:8b:25:72:40:a3:11:4c:8f:57:ab:
1e:69:89:18:8a:df:d6:0e:03:fb:a3:b0:02:4d:d0:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D2:0E:F0:67:98:3D:A6:26:0B:D7:8F:0B:4D:E7:05:8A:92:58:4D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4dIO8GeYPaYmC9ePC03nBYqSWE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.169.0/24
45.138.180.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a2:ce:33:20:20:eb:d8:cb:08:d6:8a:cc:6c:13:bb:4c:d7:
ba:54:f8:e2:5f:30:04:da:29:14:16:45:05:85:90:75:a1:a6:
94:b5:70:9f:38:f6:65:fa:48:13:7c:81:ec:0d:9b:c1:ac:5d:
2e:40:e9:e5:2a:a5:79:42:3b:3e:2f:a3:55:a9:6c:98:93:80:
75:ab:91:44:6b:a3:58:8b:0e:b7:7a:8a:ac:ad:05:f3:db:51:
6d:bd:78:18:58:28:f7:d9:33:ce:03:18:54:2c:13:04:9f:8d:
cb:71:44:2d:6e:fa:04:83:e6:1e:0b:74:61:2d:be:e0:a7:da:
e5:5c:17:82:b2:06:98:1e:f1:24:d2:52:94:5f:b2:78:28:d4:
4f:d1:3a:32:cb:85:1f:05:d4:7f:c2:34:7f:5f:e1:cd:db:79:
5e:af:04:7c:23:ef:76:cd:b5:43:e0:ef:4a:c7:bf:42:ac:23:
a4:91:6a:40:46:b3:27:18:c3:b2:ff:4a:16:65:a0:9a:94:8e:
d6:19:9d:8b:03:90:af:53:b5:bc:ec:10:2b:8d:f5:fa:1e:c5:
f5:b2:ce:58:2d:3a:f4:07:02:c3:3f:12:26:36:49:b1:78:7f:
86:d8:48:02:c3:42:01:d6:d7:7f:12:d1:e7:72:13:16:9c:f9:
fb:05:49:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZIY1FrtCf6y58fa5tCrEzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNDE4MTAxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQyMGVmMDY3OTgzZGE2MjYwYmQ3OGYwYjRkZTcwNThhOTI1ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT+3qsxkmnTBequZrbgEQsRJ3J/s
P7LGdv9U3h9qv0xdfK2CE//hYa2IkyjBYkq1VPjTBTXYGYL303sgOBlxnB2NDwGT
M0hrESYVmuO9oYPBTHDHCJcnqi+WU0F4CC43WDaqOBkOsBCu4CgK4fLfmWVt3jMg
3cqHyDUvtZVglAocBvelsD+iH2il0rLKeTiZUtjl5J15kC8gMJlZf2ziGxCRyZCh
5y31zss6a4rScZFkl6Q8Gg4VgvxCM5GfooZiivQk8iluKJ4pKukTBeQcuHtLvWPw
lxfm4lJcmFTNALIQO36e5IslckCjEUyPV6seaYkYit/WDgP7o7ACTdBEGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOHSDvBnmD2mJgvXjwtN5wWKklhNMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNGRJTzhHZVlQYVltQzllUEMwM25CWXFTV0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV6pAwQA
LYq0MA0GCSqGSIb3DQEBCwUAA4IBAQCRos4zICDr2MsI1orMbBO7TNe6VPjiXzAE
2ikUFkUFhZB1oaaUtXCfOPZl+kgTfIHsDZvBrF0uQOnlKqV5Qjs+L6NVqWyYk4B1
q5FEa6NYiw63eoqsrQXz21FtvXgYWCj32TPOAxhULBMEn43LcUQtbvoEg+YeC3Rh
Lb7gp9rlXBeCsgaYHvEk0lKUX7J4KNRP0Toyy4UfBdR/wjR/X+HN23lerwR8I+92
zbVD4O9Kx79CrCOkkWpARrMnGMOy/0oWZaCalI7WGZ2LA5CvU7W87BArjfX6HsX1
ss5YLTr0BwLDPxImNkmxeH+G2EgCw0IB1td/EtHnchMWnPn7BUmH
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:56:25 2025 by rpki-client