Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/tOByL8K90CCZYVhOFJfo3H5rqw0.roa
File: tOByL8K90CCZYVhOFJfo3H5rqw0.roa (raw, json)
Hash identifier: IUp/HStENYukNSYfb76g2kMzT2KDK+njPwBQagsOlAI=
Subject key identifier: B4:E0:72:2F:C2:BD:D0:20:99:61:58:4E:14:97:E8:DC:7E:6B:AB:0D
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 0194FA237F41CD038354C1E42636724AA72C
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/tOByL8K90CCZYVhOFJfo3H5rqw0.roa
Signing time: Wed 12 Feb 2025 12:30:17 +0000
ROA not before: Wed 12 Feb 2025 12:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.159.13.0/24 maxlen: 24
45.159.15.0/24 maxlen: 24
91.246.55.0/24 maxlen: 24
185.9.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 20:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:23:7f:41:cd:03:83:54:c1:e4:26:36:72:4a:a7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Feb 12 12:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4e0722fc2bdd0209961584e1497e8dc7e6bab0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:82:fa:eb:95:d9:c7:a8:7d:8c:c0:8a:b4:2c:
66:ea:3b:85:28:21:38:1d:d8:44:ad:d2:bb:78:92:
b9:cd:02:2d:e5:a5:6c:4c:b4:3b:87:7c:db:55:4c:
7e:5e:f1:16:77:6e:d8:da:1d:53:26:d5:2e:ab:4d:
b8:84:57:a2:e3:e6:fb:89:0d:ae:15:2f:de:44:61:
9d:d5:05:67:42:89:82:13:66:a0:31:c2:1e:cb:02:
e5:c0:0c:eb:32:32:45:46:36:36:15:11:93:eb:6d:
fb:13:d2:13:5d:45:8d:2e:2a:30:12:02:bf:15:91:
66:14:da:39:45:7c:64:c4:24:79:25:af:5c:93:0b:
c4:7e:c0:16:d3:7a:ad:c5:2a:d0:76:8a:61:7d:c6:
ae:2f:e9:fd:bb:91:f4:2b:bb:78:0b:60:c4:75:2a:
53:22:be:51:d5:a8:63:2e:53:14:93:ee:a5:c8:33:
96:2d:61:4c:87:d6:17:c5:06:91:26:6f:31:ad:f0:
29:64:bc:4c:5d:89:4a:4a:ba:05:1e:3e:8c:b6:56:
96:7b:57:aa:32:6f:a3:19:62:83:61:7f:73:75:2e:
78:06:4a:fe:74:1f:73:36:34:85:0c:29:d9:01:e7:
d6:12:67:34:3f:a8:9f:13:7e:5a:9f:53:7d:2f:d9:
ea:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E0:72:2F:C2:BD:D0:20:99:61:58:4E:14:97:E8:DC:7E:6B:AB:0D
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/tOByL8K90CCZYVhOFJfo3H5rqw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.13.0/24
45.159.15.0/24
91.246.55.0/24
185.9.1.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3b:83:de:40:bc:b3:3d:b9:c3:50:c2:9f:74:18:8c:7d:e1:
5c:7a:f9:ef:cc:84:0a:f9:10:d1:2a:e2:74:27:88:a4:c0:c1:
32:29:9b:48:c7:e0:c5:49:8e:66:14:97:cf:06:7b:00:94:c5:
93:43:80:c0:25:09:68:72:fd:9f:a2:d7:77:30:6a:e2:40:90:
d6:26:2c:a3:12:53:08:54:49:4f:af:80:ff:88:69:37:89:c6:
87:78:42:2b:38:32:f1:77:95:5d:ac:ee:ba:62:f6:6c:67:ce:
53:9f:47:bd:56:af:19:1a:dd:42:40:e4:97:66:d2:bb:df:37:
22:fb:e4:eb:e6:b6:d6:de:fb:b2:d0:ed:f6:96:c5:40:82:28:
7a:1d:b8:04:db:db:52:b3:b5:6b:e1:a9:d9:cc:c7:c2:cf:ae:
a9:1d:e4:90:8f:f3:d9:2a:47:29:4b:d6:66:58:f9:9c:77:95:
6c:0b:e8:38:91:9d:c1:ab:f8:eb:d1:57:e9:4b:23:5f:ee:8b:
2e:75:ba:c4:1d:a0:9f:ea:09:80:ef:bd:07:e6:30:31:4e:69:
af:1b:05:1a:d6:56:ce:e3:09:11:53:8a:15:ec:3a:5c:af:dd:
7c:c4:92:06:0c:02:78:42:78:9b:da:ca:6d:9f:1a:59:a2:c8:
6c:3a:99:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT6I39BzQODVMHkJjZySqcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjUwMjEyMTIzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGUwNzIyZmMyYmRkMDIwOTk2MTU4NGUxNDk3ZThkYzdlNmJhYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YL665XZx6h9jMCKtCxm6juFKCE4
HdhErdK7eJK5zQIt5aVsTLQ7h3zbVUx+XvEWd27Y2h1TJtUuq024hFei4+b7iQ2u
FS/eRGGd1QVnQomCE2agMcIeywLlwAzrMjJFRjY2FRGT6237E9ITXUWNLiowEgK/
FZFmFNo5RXxkxCR5Ja9ckwvEfsAW03qtxSrQdophfcauL+n9u5H0K7t4C2DEdSpT
Ir5R1ahjLlMUk+6lyDOWLWFMh9YXxQaRJm8xrfApZLxMXYlKSroFHj6MtlaWe1eq
Mm+jGWKDYX9zdS54Bkr+dB9zNjSFDCnZAefWEmc0P6ifE35an1N9L9nqOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLTgci/CvdAgmWFYThSX6Nx+a6sNMB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvdE9CeUw4SzkwQ0NaWVZoT0ZKZm8zSDVycXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ8NAwQA
LZ8PAwQAW/Y3AwQAuQkBMA0GCSqGSIb3DQEBCwUAA4IBAQBbO4PeQLyzPbnDUMKf
dBiMfeFcevnvzIQK+RDRKuJ0J4ikwMEyKZtIx+DFSY5mFJfPBnsAlMWTQ4DAJQlo
cv2fotd3MGriQJDWJiyjElMIVElPr4D/iGk3icaHeEIrODLxd5VdrO66YvZsZ85T
n0e9Vq8ZGt1CQOSXZtK73zci++Tr5rbW3vuy0O32lsVAgih6HbgE29tSs7Vr4anZ
zMfCz66pHeSQj/PZKkcpS9ZmWPmcd5VsC+g4kZ3Bq/jr0VfpSyNf7osudbrEHaCf
6gmA770H5jAxTmmvGwUa1lbO4wkRU4oV7Dpcr918xJIGDAJ4Qnib2sptnxpZoshs
Opmy
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:17:31 2025 by rpki-client