Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/a2913MQQ01YJqgPvijZQdHZ766s.roa
File: a2913MQQ01YJqgPvijZQdHZ766s.roa (raw, json)
Hash identifier: 6P9DfkdTqZRyUS17sT9p/BZglvQaoxPlbrkdGhfnnO4=
Subject key identifier: 6B:6F:75:DC:C4:10:D3:56:09:AA:03:EF:8A:36:50:74:76:7B:EB:AB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0196E2B367CCCD385847BD5DCD840ED7FA44
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/a2913MQQ01YJqgPvijZQdHZ766s.roa
Signing time: Sun 18 May 2025 09:22:10 +0000
ROA not before: Sun 18 May 2025 09:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
45.157.208.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 12:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e2:b3:67:cc:cd:38:58:47:bd:5d:cd:84:0e:d7:fa:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 18 09:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b6f75dcc410d35609aa03ef8a365074767bebab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:38:9b:d3:23:fb:6d:03:9a:c3:4c:c8:d7:92:
34:2d:fb:04:0c:3a:2f:77:63:18:67:23:fd:a6:50:
19:e8:e6:fd:07:8b:1f:06:ee:16:56:22:a9:81:bc:
6d:ea:2b:3c:96:fc:46:be:23:4d:41:a8:e8:06:79:
22:57:24:b6:b2:96:12:18:c2:57:ae:45:13:32:a1:
27:88:77:a2:f1:01:06:b4:0d:11:77:9b:1e:15:cc:
e2:a4:bc:7a:c0:73:4c:bb:10:4e:04:ea:ce:b0:4f:
de:5f:94:06:83:f1:1e:df:52:46:fe:49:aa:7f:95:
e6:c8:5b:c6:90:79:55:71:b0:3d:5b:35:89:0d:8b:
02:25:5c:38:03:8a:c7:66:d5:57:f7:0d:42:c2:1a:
10:01:22:58:fb:8f:ed:d0:c1:72:aa:cd:2d:65:a1:
0d:97:0f:b0:62:e6:de:0d:30:df:8b:c2:8b:a3:0c:
a1:16:29:d6:ee:e3:de:69:05:69:57:7b:39:38:ae:
5e:d4:a0:da:49:dd:8a:c2:d9:1f:25:4e:2f:7e:e4:
7e:af:10:c3:5e:1c:0e:f8:88:00:d8:9b:bd:3a:6e:
60:ae:e0:ac:ed:d2:24:03:da:23:f3:e3:16:ea:f1:
7f:98:f9:2d:44:cf:d1:5d:da:d3:59:9d:ef:4b:10:
a2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:75:DC:C4:10:D3:56:09:AA:03:EF:8A:36:50:74:76:7B:EB:AB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/a2913MQQ01YJqgPvijZQdHZ766s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.254.0/24
45.157.208.0/24
185.199.151.0/24
185.199.213.0/24
185.221.26.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:a8:f0:8c:3e:88:4a:91:ab:e8:cc:cd:7b:94:35:4e:e7:e0:
e0:19:e6:12:49:82:0b:4d:4e:ea:c3:13:df:55:d5:43:bb:c7:
5f:09:88:bf:41:27:48:3f:98:2e:07:09:60:de:ec:5c:58:34:
a2:09:84:78:24:82:34:65:b5:0d:8c:a9:7a:c5:a7:9f:ea:28:
77:a1:82:01:64:fe:83:26:49:cc:34:18:80:0d:c3:e4:24:e0:
e0:c4:72:18:51:24:4e:26:69:0d:c7:01:a9:61:f2:09:4b:ed:
aa:13:0b:0b:3a:8f:47:4d:b7:8a:74:a5:bc:d2:47:3a:08:b7:
9a:67:d1:ab:c7:5b:90:d3:a7:2d:f2:0f:f8:37:c2:82:53:8b:
62:96:ca:b1:c4:21:4b:4f:d3:6d:04:93:22:1c:80:31:a1:b1:
c6:b8:6d:ad:5f:b7:86:ca:e6:00:be:ef:a2:fd:1a:b2:eb:02:
2e:dd:ec:26:f0:57:ae:96:08:dd:67:3e:43:09:67:88:b2:f6:
c6:ab:b1:0c:4a:e5:cb:d4:83:1d:ce:ff:1b:09:78:aa:e4:3f:
03:8a:6e:8c:72:43:1e:38:46:be:c8:64:4e:a8:3a:92:1a:9c:
21:31:72:8a:11:08:8b:7a:6c:89:82:14:c3:97:a8:aa:78:da:
11:23:c3:e8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbis2fMzThYR71dzYQO1/pEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNTE4MDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZmNzVkY2M0MTBkMzU2MDlhYTAzZWY4YTM2NTA3NDc2N2JlYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTib0yP7bQOaw0zI15I0LfsEDDov
d2MYZyP9plAZ6Ob9B4sfBu4WViKpgbxt6is8lvxGviNNQajoBnkiVyS2spYSGMJX
rkUTMqEniHei8QEGtA0Rd5seFczipLx6wHNMuxBOBOrOsE/eX5QGg/Ee31JG/kmq
f5XmyFvGkHlVcbA9WzWJDYsCJVw4A4rHZtVX9w1CwhoQASJY+4/t0MFyqs0tZaEN
lw+wYubeDTDfi8KLowyhFinW7uPeaQVpV3s5OK5e1KDaSd2KwtkfJU4vfuR+rxDD
XhwO+IgA2Ju9Om5gruCs7dIkA9oj8+MW6vF/mPktRM/RXdrTWZ3vSxCiHwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGtvddzEENNWCaoD74o2UHR2e+urMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYTI5MTNNUVEwMVlKcWdQdmlqWlFkSFo3NjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv+AwQA
LZ3QAwQAuceXAwQAucfVAwQAud0aAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQC/
qPCMPohKkavozM17lDVO5+DgGeYSSYILTU7qwxPfVdVDu8dfCYi/QSdIP5guBwlg
3uxcWDSiCYR4JII0ZbUNjKl6xaef6ih3oYIBZP6DJknMNBiADcPkJODgxHIYUSRO
JmkNxwGpYfIJS+2qEwsLOo9HTbeKdKW80kc6CLeaZ9Grx1uQ06ct8g/4N8KCU4ti
lsqxxCFLT9NtBJMiHIAxobHGuG2tX7eGyuYAvu+i/Rqy6wIu3ewm8FeulgjdZz5D
CWeIsvbGq7EMSuXL1IMdzv8bCXiq5D8Dim6MckMeOEa+yGROqDqSGpwhMXKKEQiL
emyJghTDl6iqeNoRI8Po
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:35:25 2025 by rpki-client