Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/szniYjXrDgi3KiRHoUfBNXdIRoE.roa
File: szniYjXrDgi3KiRHoUfBNXdIRoE.roa (raw, json)
Hash identifier: OLa9eE7ovDzi0dU+bvqhOgpvOgQqPvzVXWcECNwMxsY=
Subject key identifier: B3:39:E2:62:35:EB:0E:08:B7:2A:24:47:A1:47:C1:35:77:48:46:81
Certificate issuer: /CN=a724383490a105bdc0d21597bfb1478ef04630b1
Certificate serial: 0194228E345A86F2593C715914E99271B299
Authority key identifier: A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/szniYjXrDgi3KiRHoUfBNXdIRoE.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50588
IP address blocks: 45.145.120.0/23 maxlen: 23
185.149.12.0/23 maxlen: 23
193.109.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 12:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:34:5a:86:f2:59:3c:71:59:14:e9:92:71:b2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a724383490a105bdc0d21597bfb1478ef04630b1
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b339e26235eb0e08b72a2447a147c13577484681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:58:88:31:01:f4:19:7b:25:06:1a:2f:a8:1b:
bf:86:c9:85:25:38:2d:26:f9:59:94:75:99:1c:1b:
5b:23:a0:8c:92:a4:67:a6:74:c2:ab:1b:9d:3b:ec:
96:74:a0:8d:cb:ad:11:7f:17:50:2c:48:3d:fb:88:
a0:06:c2:cb:66:4f:e8:7e:4f:ea:55:74:59:c9:0a:
35:c2:4a:54:9f:f4:92:e7:fe:5f:a1:7f:77:17:cb:
50:46:8f:5b:7f:8d:6a:e4:90:75:6a:67:ba:3b:4d:
9c:a3:85:e0:89:09:1f:3b:8b:e4:f8:b5:92:71:5d:
6e:1f:ee:53:be:89:c8:7b:f0:a5:b6:ce:21:18:65:
1a:20:7d:d4:13:db:6e:7a:8d:e0:c8:22:60:d0:ea:
2c:34:84:7d:07:24:f9:f5:81:ff:07:a9:ee:e2:93:
d0:a8:16:04:56:6a:a6:1d:a2:ba:af:db:da:d2:d4:
ac:d1:54:cb:ba:06:6f:fe:f4:ee:2a:15:1f:7b:ad:
52:4f:46:ae:02:b0:1f:ba:24:39:68:dd:8a:fb:28:
23:a2:91:72:86:87:4a:d1:95:15:21:76:7c:e7:a6:
ee:00:76:22:a7:aa:13:93:62:8c:36:3e:f3:06:7c:
c1:c1:de:3e:22:b1:75:32:9f:d4:8e:4f:9c:28:42:
c1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:E2:62:35:EB:0E:08:B7:2A:24:47:A1:47:C1:35:77:48:46:81
X509v3 Authority Key Identifier:
keyid:A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/szniYjXrDgi3KiRHoUfBNXdIRoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.120.0/23
185.149.12.0/23
193.109.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:bd:21:a6:d8:24:44:73:5d:99:ae:13:01:20:dd:07:ee:ee:
2e:78:1d:02:2d:3c:f7:35:1e:f1:83:98:85:06:40:97:d4:86:
9f:f9:c2:f2:60:30:6b:44:a8:8d:97:bb:70:85:57:71:01:af:
c7:e8:39:56:3a:f2:30:af:44:d1:a6:4a:c9:29:c7:56:e9:24:
3a:19:8e:bc:02:4a:32:32:c8:56:b0:5d:3a:58:b8:b5:7a:40:
7c:a5:b9:46:ce:9c:35:a0:d9:88:ec:f8:e3:83:bc:1f:f6:4a:
08:5d:79:fa:04:f9:9c:45:4a:55:61:ff:60:e0:d2:24:34:91:
02:63:d0:26:11:73:17:ee:f7:91:96:93:c7:42:0d:ec:2b:8d:
17:4d:79:27:39:af:85:9d:e6:b1:05:82:3b:1d:49:32:3d:a0:
a1:b3:3a:32:67:34:02:7c:28:2d:e1:81:49:79:4f:7c:27:40:
ed:f3:81:3f:b3:1f:08:f9:0d:ba:63:b1:eb:5f:06:5d:d1:30:
f5:df:ce:7a:4a:b0:1a:31:cc:ff:e5:dd:da:a2:85:09:01:44:
43:73:cf:93:5d:3c:08:97:99:d8:87:de:66:50:11:6a:b5:1b:
21:33:cd:3e:79:23:19:f8:b2:89:97:61:cb:0d:a0:ba:0e:c9:
41:af:d5:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijjRahvJZPHFZFOmScbKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MjQzODM0OTBhMTA1YmRjMGQyMTU5N2JmYjE0NzhlZjA0
NjMwYjEwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM5ZTI2MjM1ZWIwZTA4YjcyYTI0NDdhMTQ3YzEzNTc3NDg0NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1iIMQH0GXslBhovqBu/hsmFJTgt
JvlZlHWZHBtbI6CMkqRnpnTCqxudO+yWdKCNy60RfxdQLEg9+4igBsLLZk/ofk/q
VXRZyQo1wkpUn/SS5/5foX93F8tQRo9bf41q5JB1ame6O02co4XgiQkfO4vk+LWS
cV1uH+5TvonIe/Clts4hGGUaIH3UE9tueo3gyCJg0OosNIR9ByT59YH/B6nu4pPQ
qBYEVmqmHaK6r9va0tSs0VTLugZv/vTuKhUfe61ST0auArAfuiQ5aN2K+ygjopFy
hodK0ZUVIXZ856buAHYip6oTk2KMNj7zBnzBwd4+IrF1Mp/Ujk+cKELBYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLM54mI16w4ItyokR6FHwTV3SEaBMB8GA1UdIwQY
MBaAFKckODSQoQW9wNIVl7+xR47wRjCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQt
OTFlODU5OWRkYmY3LzEvc3puaVlqWHJEZ2kzS2lSSG9VZkJOWGRJUm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQtOTFlODU5OWRkYmY3
LzEvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZF4AwQB
uZUMAwQAwW0/MA0GCSqGSIb3DQEBCwUAA4IBAQA/vSGm2CREc12ZrhMBIN0H7u4u
eB0CLTz3NR7xg5iFBkCX1Iaf+cLyYDBrRKiNl7twhVdxAa/H6DlWOvIwr0TRpkrJ
KcdW6SQ6GY68AkoyMshWsF06WLi1ekB8pblGzpw1oNmI7Pjjg7wf9koIXXn6BPmc
RUpVYf9g4NIkNJECY9AmEXMX7veRlpPHQg3sK40XTXknOa+FneaxBYI7HUkyPaCh
szoyZzQCfCgt4YFJeU98J0Dt84E/sx8I+Q26Y7HrXwZd0TD13856SrAaMcz/5d3a
ooUJAURDc8+TXTwIl5nYh95mUBFqtRshM80+eSMZ+LKJl2HLDaC6DslBr9XA
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:33:53 2025 by rpki-client