Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/otK4jO1ng_C9zNmKg14nVJ4LV3U.roa
File: otK4jO1ng_C9zNmKg14nVJ4LV3U.roa (raw, json)
Hash identifier: yUbbzHiniPEXz9qf687ipbR7ZpSx5mPiU4RLgbJ2DB8=
Subject key identifier: A2:D2:B8:8C:ED:67:83:F0:BD:CC:D9:8A:83:5E:27:54:9E:0B:57:75
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0197307C3DE97F375ED19FE9DF4A06DB0A32
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/otK4jO1ng_C9zNmKg14nVJ4LV3U.roa
Signing time: Mon 02 Jun 2025 11:52:17 +0000
ROA not before: Mon 02 Jun 2025 11:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.26.0/24 maxlen: 24
89.21.84.0/24 maxlen: 24
89.251.28.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 12:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:7c:3d:e9:7f:37:5e:d1:9f:e9:df:4a:06:db:0a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 2 11:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d2b88ced6783f0bdccd98a835e27549e0b5775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:f4:ef:fe:0f:dc:ce:ac:20:16:7a:2e:c0:b7:
af:f7:d6:33:c3:85:2d:71:24:fa:2d:c2:b5:43:4e:
06:25:02:76:f2:42:3d:ac:9f:8d:d6:2f:c3:f3:72:
89:10:34:ed:11:f0:43:16:b0:16:f5:9e:1b:50:aa:
00:ce:02:dc:47:4c:d3:9a:4f:5f:d4:9a:ad:3c:a3:
5c:e5:5c:0d:34:f7:60:a6:99:ee:b9:8b:4f:96:c4:
44:43:c2:e7:cf:aa:db:bb:06:3e:bf:77:ac:34:e1:
8c:1e:41:d2:a9:d9:ea:b7:1d:00:74:4d:7b:d0:eb:
fe:51:05:93:e9:35:39:52:a8:23:08:1e:df:9c:81:
c8:dd:96:66:43:18:06:72:f0:8d:f5:75:e8:2e:07:
ce:96:23:08:79:3f:5f:5e:30:7b:01:c5:3c:e0:eb:
44:ea:e8:1a:ea:c1:3f:fa:a6:1c:63:a8:92:06:c8:
cf:6c:d2:6c:fd:41:0f:99:55:2c:39:ea:f8:c0:89:
3c:d1:e2:15:ce:31:1e:84:79:49:8e:77:3d:2c:bc:
85:d7:44:e9:41:20:15:e9:78:8b:51:ec:f2:5d:61:
0c:f9:fc:2b:20:d2:10:0c:aa:9a:f8:89:7b:2b:c3:
fa:05:ec:0b:b0:e3:79:43:59:26:0b:4d:ea:f9:04:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:B8:8C:ED:67:83:F0:BD:CC:D9:8A:83:5E:27:54:9E:0B:57:75
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/otK4jO1ng_C9zNmKg14nVJ4LV3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.26.0/24
89.21.84.0/24
89.251.28.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:66:43:e1:75:39:b5:56:bf:8a:5d:9f:ed:53:14:79:31:1f:
dc:5c:ae:e1:e2:3a:bc:7b:c7:00:e1:8f:10:2a:5e:4d:9e:18:
86:89:e8:a7:1e:93:3e:49:7b:51:ca:1c:1d:cb:2a:34:10:ce:
9b:dc:5d:a3:f6:e2:16:97:38:da:ee:99:b5:01:61:1d:a9:69:
b8:7d:45:0e:96:13:ae:86:f3:68:1a:d8:32:e8:27:4a:aa:7e:
d8:63:93:c4:4e:34:f6:cb:96:35:54:49:b8:b2:51:a9:57:b4:
3c:bf:fa:d9:5c:e6:c0:52:93:62:67:14:27:af:cb:b2:32:41:
ba:da:33:9e:05:32:cb:a6:05:a1:8c:77:1b:f9:df:17:c7:2c:
65:e8:78:2b:ef:57:14:50:e7:98:54:eb:00:56:9f:e7:d2:4a:
d0:de:73:0e:c1:5f:fd:ed:f5:e6:1e:4d:01:c1:38:ba:66:76:
af:bf:23:62:b5:9b:8e:2e:1b:1e:be:46:cd:38:70:58:eb:14:
5d:cb:f5:e9:7f:17:5b:ed:18:eb:8e:ba:9b:00:10:f4:74:46:
ee:cc:8d:b9:a5:8e:c6:78:1c:56:a0:6f:73:7d:e5:03:61:5c:
66:82:d4:3a:b5:b9:ca:bb:43:88:a1:2b:a6:5e:60:ab:d2:b8:
e7:ce:90:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZcwfD3pfzde0Z/p30oG2woyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNjAyMTE1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQyYjg4Y2VkNjc4M2YwYmRjY2Q5OGE4MzVlMjc1NDllMGI1Nzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+fTv/g/czqwgFnouwLev99Yzw4Ut
cST6LcK1Q04GJQJ28kI9rJ+N1i/D83KJEDTtEfBDFrAW9Z4bUKoAzgLcR0zTmk9f
1JqtPKNc5VwNNPdgppnuuYtPlsREQ8Lnz6rbuwY+v3esNOGMHkHSqdnqtx0AdE17
0Ov+UQWT6TU5UqgjCB7fnIHI3ZZmQxgGcvCN9XXoLgfOliMIeT9fXjB7AcU84OtE
6uga6sE/+qYcY6iSBsjPbNJs/UEPmVUsOer4wIk80eIVzjEehHlJjnc9LLyF10Tp
QSAV6XiLUezyXWEM+fwrINIQDKqa+Il7K8P6BewLsON5Q1kmC03q+QTbZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKLSuIztZ4PwvczZioNeJ1SeC1d1MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvb3RLNGpPMW5nX0M5ek5tS2cxNG5WSjRMVjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZUaAwQA
WRVUAwQAWfscAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQAqZkPhdTm1Vr+KXZ/t
UxR5MR/cXK7h4jq8e8cA4Y8QKl5NnhiGieinHpM+SXtRyhwdyyo0EM6b3F2j9uIW
lzja7pm1AWEdqWm4fUUOlhOuhvNoGtgy6CdKqn7YY5PETjT2y5Y1VEm4slGpV7Q8
v/rZXObAUpNiZxQnr8uyMkG62jOeBTLLpgWhjHcb+d8Xxyxl6Hgr71cUUOeYVOsA
Vp/n0krQ3nMOwV/97fXmHk0BwTi6ZnavvyNitZuOLhsevkbNOHBY6xRdy/Xpfxdb
7RjrjrqbABD0dEbuzI25pY7GeBxWoG9zfeUDYVxmgtQ6tbnKu0OIoSumXmCr0rjn
zpAs
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:55:39 2025 by rpki-client