Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/8zqto65dHR9-n2nT_tcbp8CBREM.roa
File: 8zqto65dHR9-n2nT_tcbp8CBREM.roa (raw, json)
Hash identifier: cGRlcSGQ4Wta1iLF3gXigdqeBfQqIj/EGKc6DXNDsbE=
Subject key identifier: F3:3A:AD:A3:AE:5D:1D:1F:7E:9F:69:D3:FE:D7:1B:A7:C0:81:44:43
Certificate issuer: /CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Certificate serial: 0195AFC854F84EB23EFCE0CDDCC5D81DA006
Authority key identifier: 95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/8zqto65dHR9-n2nT_tcbp8CBREM.roa
Signing time: Wed 19 Mar 2025 19:01:36 +0000
ROA not before: Wed 19 Mar 2025 19:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 45.139.76.0/24 maxlen: 24
45.139.77.0/24 maxlen: 24
45.139.78.0/24 maxlen: 24
45.139.79.0/24 maxlen: 24
80.248.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 09:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:c8:54:f8:4e:b2:3e:fc:e0:cd:dc:c5:d8:1d:a0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Validity
Not Before: Mar 19 19:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f33aada3ae5d1d1f7e9f69d3fed71ba7c0814443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:ed:5c:0f:6e:17:bc:91:b6:63:67:00:dc:
47:6d:e5:b0:9b:67:95:e1:3e:f4:c7:c0:b3:e7:09:
f1:38:e0:e8:3e:d2:6d:19:9a:86:9a:4c:cf:e7:53:
85:66:7a:9c:34:0d:49:41:78:cf:af:f1:ce:bf:f5:
30:5c:c8:cf:9f:66:e0:2b:22:7f:fa:83:5f:34:4b:
2e:d4:c3:14:52:af:6e:5a:99:f8:e7:63:34:da:30:
7e:af:6b:ea:1d:20:85:7e:33:f9:0f:ee:89:e6:77:
c3:1b:87:58:1e:53:7c:36:54:80:4e:18:3e:6d:0d:
35:0c:7f:ce:81:04:55:b0:97:96:00:81:18:0a:82:
58:69:da:77:46:ad:38:bf:cc:d7:95:c8:02:79:ea:
d6:67:40:48:2d:7e:d0:60:a6:cf:a1:f4:a5:57:3f:
82:3b:13:42:f4:69:be:5c:8c:cd:68:28:cb:c1:e5:
a3:43:a6:2f:42:45:7a:87:ff:b0:b9:df:a2:b6:df:
c6:50:44:4d:f3:78:67:4f:8c:c2:4e:ac:30:13:38:
0e:53:1e:63:66:c8:74:8d:d9:9c:63:62:0d:e5:4a:
e5:de:cf:dd:b4:8c:0f:f5:7b:ea:73:fe:70:da:48:
70:d8:e3:ce:83:db:0d:c2:de:22:74:ae:f5:f3:c2:
5b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3A:AD:A3:AE:5D:1D:1F:7E:9F:69:D3:FE:D7:1B:A7:C0:81:44:43
X509v3 Authority Key Identifier:
keyid:95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/8zqto65dHR9-n2nT_tcbp8CBREM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.76.0/22
80.248.60.0/24
Signature Algorithm: sha256WithRSAEncryption
25:47:25:a8:0b:74:d5:b2:4d:65:d2:8b:55:3c:d2:70:f3:06:
77:a2:fd:6e:4a:66:e1:7d:a7:0b:47:cb:bf:f9:4b:ac:4f:30:
78:4a:b0:cc:25:97:d8:ea:4d:a5:c5:96:52:d5:b5:cc:47:be:
9c:32:8a:e1:bd:6e:9a:5f:b3:47:94:d5:e1:eb:ed:a8:91:10:
20:7a:90:bd:b1:87:2b:e1:4f:c9:5c:ff:49:fd:c9:11:49:b3:
55:db:2e:7a:f1:2d:7e:11:8a:dc:63:46:58:e6:fd:e3:ee:18:
c2:7c:46:e9:cc:92:7e:58:3c:2e:dc:81:84:9e:60:d8:09:c2:
47:45:97:bd:09:a9:dd:d8:42:91:23:8b:9d:da:d0:09:aa:85:
71:1f:99:ec:1d:3f:f6:51:6f:25:31:65:b3:ae:c1:16:ff:33:
7e:80:8e:10:6f:b9:85:98:17:6b:ae:31:6e:b4:9e:20:5d:bb:
00:94:fe:d6:78:cb:a4:bd:5f:2d:52:3d:db:45:4c:a4:37:e4:
74:94:3e:8d:1c:e2:79:7d:55:ed:62:dd:49:47:00:3b:24:9a:
96:53:11:d6:02:2e:75:ac:0a:cd:50:cf:d5:4e:f5:d4:18:ed:
2d:6d:fb:63:18:51:da:a8:3d:e9:5a:88:7e:54:d1:d9:b7:57:
df:e2:cd:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWvyFT4TrI+/ODN3MXYHaAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTIzNDIwY2NmZWUwMzhjZGNhZWI0MzkyMzEwYTA1OThh
ZjdhM2UwHhcNMjUwMzE5MTkwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNhYWRhM2FlNWQxZDFmN2U5ZjY5ZDNmZWQ3MWJhN2MwODE0NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG3tXA9uF7yRtmNnANxHbeWwm2eV
4T70x8Cz5wnxOODoPtJtGZqGmkzP51OFZnqcNA1JQXjPr/HOv/UwXMjPn2bgKyJ/
+oNfNEsu1MMUUq9uWpn452M02jB+r2vqHSCFfjP5D+6J5nfDG4dYHlN8NlSAThg+
bQ01DH/OgQRVsJeWAIEYCoJYadp3Rq04v8zXlcgCeerWZ0BILX7QYKbPofSlVz+C
OxNC9Gm+XIzNaCjLweWjQ6YvQkV6h/+wud+itt/GUERN83hnT4zCTqwwEzgOUx5j
Zsh0jdmcY2IN5Url3s/dtIwP9Xvqc/5w2khw2OPOg9sNwt4idK7188JbXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPM6raOuXR0ffp9p0/7XG6fAgURDMB8GA1UdIwQY
MBaAFJWSNCDM/uA4zcrrQ5IxCgWYr3o+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzct
NTIwMGZjMTZmZjhjLzEvOHpxdG82NWRIUjktbjJuVF90Y2JwOENCUkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzctNTIwMGZjMTZmZjhj
LzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYtMAwQA
UPg8MA0GCSqGSIb3DQEBCwUAA4IBAQAlRyWoC3TVsk1l0otVPNJw8wZ3ov1uSmbh
facLR8u/+UusTzB4SrDMJZfY6k2lxZZS1bXMR76cMorhvW6aX7NHlNXh6+2okRAg
epC9sYcr4U/JXP9J/ckRSbNV2y568S1+EYrcY0ZY5v3j7hjCfEbpzJJ+WDwu3IGE
nmDYCcJHRZe9Cand2EKRI4ud2tAJqoVxH5nsHT/2UW8lMWWzrsEW/zN+gI4Qb7mF
mBdrrjFutJ4gXbsAlP7WeMukvV8tUj3bRUykN+R0lD6NHOJ5fVXtYt1JRwA7JJqW
UxHWAi51rArNUM/VTvXUGO0tbftjGFHaqD3pWoh+VNHZt1ff4s1B
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:51 2025 by rpki-client