Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Z6Mtjpd151bYbfxhWsoKh5m5qvc.roa
File: Z6Mtjpd151bYbfxhWsoKh5m5qvc.roa (raw, json)
Hash identifier: v1jACRl1CG9IjRcudP1HbynM8hbwxXzJMSwiP0y5JEA=
Subject key identifier: 67:A3:2D:8E:97:75:E7:56:D8:6D:FC:61:5A:CA:0A:87:99:B9:AA:F7
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 019808209217E2AECD450D11C53A77B1E752
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Z6Mtjpd151bYbfxhWsoKh5m5qvc.roa
Signing time: Mon 14 Jul 2025 08:50:08 +0000
ROA not before: Mon 14 Jul 2025 08:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59651
IP address blocks: 45.155.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Jul 2025 09:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:20:92:17:e2:ae:cd:45:0d:11:c5:3a:77:b1:e7:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jul 14 08:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67a32d8e9775e756d86dfc615aca0a8799b9aaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:89:64:07:32:dc:65:b9:fa:82:5c:a8:47:
f5:06:1c:04:b0:79:31:73:2c:f5:c4:53:db:12:f9:
7a:89:2a:16:d0:eb:f1:63:1c:37:b7:de:71:dc:79:
25:cb:1f:83:4f:28:3c:f3:b0:3e:d8:de:f5:85:e2:
ff:cc:06:35:74:45:eb:ff:91:85:31:4c:7f:3d:e7:
c2:af:93:e9:4b:1a:a9:84:1b:07:65:fb:1b:3d:e3:
32:2d:c8:34:29:e2:d3:d7:53:24:7b:63:e7:2a:a5:
de:23:4c:7a:08:50:34:5f:83:17:c4:ee:df:4f:9c:
64:7f:75:1e:cd:d2:c9:93:3d:23:b7:ee:0a:f0:75:
7b:e2:cc:53:43:a7:79:7e:1f:45:e4:e5:cb:18:b3:
3d:76:72:e1:a1:30:ab:3a:d4:ce:56:a1:1c:f5:37:
41:22:a4:e8:8d:5a:6c:49:15:b9:b9:d2:5a:ca:b2:
51:63:5f:fe:c7:ad:0b:aa:01:fa:1e:6f:93:2b:fb:
2a:37:99:32:77:c8:e9:40:f2:ba:3d:93:e1:b5:3d:
ec:f1:7e:1e:c4:ea:8a:29:87:aa:89:d7:5d:89:48:
09:06:22:34:fe:07:95:5c:74:c8:8c:46:59:90:3b:
cd:29:64:81:f6:ea:a6:4a:72:0f:eb:40:7a:12:96:
ef:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A3:2D:8E:97:75:E7:56:D8:6D:FC:61:5A:CA:0A:87:99:B9:AA:F7
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Z6Mtjpd151bYbfxhWsoKh5m5qvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:f7:36:41:ad:19:77:cf:7c:11:b9:6f:a6:e8:14:1e:5f:42:
49:5a:7c:ad:43:01:9d:c9:8a:65:b9:96:43:77:6e:6e:2b:eb:
3a:19:2f:86:63:80:e0:ac:72:93:37:92:cc:b9:cd:4b:ff:f7:
a0:fa:df:66:b2:98:b9:dc:17:8c:9f:9d:fd:33:97:70:17:e3:
dc:5e:ef:6d:5d:da:43:0e:2c:85:a6:05:e3:73:b9:ff:5c:e3:
76:df:ed:5e:84:00:87:3f:90:f3:64:b6:6e:a0:15:24:48:29:
f4:ce:84:a4:67:5a:00:0d:ff:21:d2:7c:ea:e6:42:27:4a:0c:
29:2b:5a:48:02:29:52:0b:48:d0:a4:f7:39:b7:3d:0d:14:b5:
de:e8:35:01:41:9c:86:08:5b:09:20:bb:b8:08:f1:8e:18:d9:
01:5e:60:2f:1e:85:34:4f:48:b2:76:69:f5:6f:68:4c:dd:2e:
2c:a7:60:48:42:3e:b9:4b:9e:1d:2c:84:b4:4d:1f:07:1b:4c:
d9:13:5a:0a:1a:c8:71:2f:4b:89:30:d8:88:8d:a0:2f:fb:89:
12:ff:a6:ef:bc:51:6c:31:32:c6:aa:24:23:31:74:2b:93:66:
2d:33:79:94:39:f2:f7:2c:d1:f0:7a:56:97:ce:9b:4c:d8:a7:
99:a9:6e:d2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZgIIJIX4q7NRQ0RxTp3sedSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjUwNzE0MDg1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2EzMmQ4ZTk3NzVlNzU2ZDg2ZGZjNjE1YWNhMGE4Nzk5YjlhYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpeJZAcy3GW5+oJcqEf1BhwEsHkx
cyz1xFPbEvl6iSoW0OvxYxw3t95x3Hklyx+DTyg887A+2N71heL/zAY1dEXr/5GF
MUx/PefCr5PpSxqphBsHZfsbPeMyLcg0KeLT11Mke2PnKqXeI0x6CFA0X4MXxO7f
T5xkf3UezdLJkz0jt+4K8HV74sxTQ6d5fh9F5OXLGLM9dnLhoTCrOtTOVqEc9TdB
IqTojVpsSRW5udJayrJRY1/+x60LqgH6Hm+TK/sqN5kyd8jpQPK6PZPhtT3s8X4e
xOqKKYeqidddiUgJBiI0/geVXHTIjEZZkDvNKWSB9uqmSnIP60B6EpbvEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGejLY6XdedW2G38YVrKCoeZuar3MB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1o2TXRqcGQxNTFiWWJmeGhXc29LaDVtNXF2Yy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtm6Qw
DQYJKoZIhvcNAQELBQADggEBAI33NkGtGXfPfBG5b6boFB5fQklafK1DAZ3JimW5
lkN3bm4r6zoZL4ZjgOCscpM3ksy5zUv/96D632aymLncF4yfnf0zl3AX49xe721d
2kMOLIWmBeNzuf9c43bf7V6EAIc/kPNktm6gFSRIKfTOhKRnWgAN/yHSfOrmQidK
DCkrWkgCKVILSNCk9zm3PQ0Utd7oNQFBnIYIWwkgu7gI8Y4Y2QFeYC8ehTRPSLJ2
afVvaEzdLiynYEhCPrlLnh0shLRNHwcbTNkTWgoayHEvS4kw2IiNoC/7iRL/pu+8
UWwxMsaqJCMxdCuTZi0zeZQ58vcs0fB6VpfOm0zYp5mpbtI=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:37:44 2025 by rpki-client