Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/xQYv4N8S778jjiMV6OG1HkXUNq8.roa
File: xQYv4N8S778jjiMV6OG1HkXUNq8.roa (raw, json)
Hash identifier: TCWR69baJW0DUcvLGGnUCYYrFE5pPAr3PDqvTQgdnIk=
Subject key identifier: C5:06:2F:E0:DF:12:EF:BF:23:8E:23:15:E8:E1:B5:1E:45:D4:36:AF
Certificate issuer: /CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Certificate serial: 019565D6A1CE7DB9FE6633C431A05B05FE8C
Authority key identifier: 3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/xQYv4N8S778jjiMV6OG1HkXUNq8.roa
Signing time: Wed 05 Mar 2025 10:25:19 +0000
ROA not before: Wed 05 Mar 2025 10:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24948
IP address blocks: 45.93.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 20:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:d6:a1:ce:7d:b9:fe:66:33:c4:31:a0:5b:05:fe:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Validity
Not Before: Mar 5 10:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5062fe0df12efbf238e2315e8e1b51e45d436af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:25:23:89:7d:7e:40:bd:30:12:24:1f:e8:9e:
be:7c:39:20:e8:4a:1b:79:09:17:98:53:4e:85:8e:
b8:91:29:da:00:41:af:c5:e9:4d:f0:7e:02:05:dc:
60:89:09:74:f1:43:2c:c4:8f:db:d4:4f:60:62:e5:
3c:89:ec:7c:c6:08:41:dd:65:05:9a:9b:a1:3e:88:
91:68:0a:a4:68:72:4c:bf:03:6a:db:47:48:d2:19:
45:e1:a7:34:dc:1f:3d:e2:fc:82:d0:76:7b:52:3a:
5d:6e:3d:53:da:c8:80:60:21:b8:ec:6e:1c:b9:c2:
f1:30:79:14:37:97:1d:bc:15:87:28:7f:51:29:4d:
77:ff:16:94:f1:bc:c2:27:c9:53:63:de:cb:4d:20:
69:10:a2:1c:aa:1f:68:a3:e4:26:89:95:d9:cb:3b:
c5:ea:45:19:db:d0:a5:81:97:9a:76:1e:cf:93:28:
17:5e:dc:c4:7b:9f:63:93:39:7c:57:aa:4e:fd:68:
76:29:8d:fa:80:71:e6:39:ee:90:5c:f9:e1:49:59:
fa:67:26:cc:67:71:cb:88:ea:4d:1e:cf:35:11:62:
13:2d:22:16:8a:d5:da:78:d2:55:82:18:86:a3:9c:
9c:90:f2:bb:67:47:57:2a:05:71:0c:24:d7:d4:4e:
ec:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:06:2F:E0:DF:12:EF:BF:23:8E:23:15:E8:E1:B5:1E:45:D4:36:AF
X509v3 Authority Key Identifier:
keyid:3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/xQYv4N8S778jjiMV6OG1HkXUNq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.21.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e5:5c:9c:05:f7:ac:57:d3:33:5e:0a:34:25:53:c8:21:15:
ec:4b:35:c6:43:36:87:c6:46:15:19:d0:4a:91:71:28:bb:7e:
39:b0:39:50:98:4b:2d:cb:4d:1a:26:74:2b:da:8c:b0:f3:7c:
14:ca:05:4c:67:6d:b0:c1:5d:06:ad:53:e4:a6:2f:ed:2d:6b:
fe:41:c6:cb:6a:12:2c:82:83:6a:97:ca:31:a1:42:a2:c3:eb:
72:4b:d8:83:b5:c2:9c:d5:f4:d3:29:d0:2b:e1:db:b1:c6:80:
4b:b5:12:37:0a:3a:25:42:93:ea:cb:5c:4b:6c:c5:5b:51:8b:
2e:0b:8c:ec:26:51:dc:5c:63:be:95:86:90:09:79:54:b2:19:
0d:ac:b3:f1:1b:ba:92:26:bb:83:85:cb:98:b7:a5:35:6d:93:
77:07:e6:9f:34:97:81:d3:6c:88:28:97:a2:1c:be:bf:be:5f:
dc:d2:4b:fd:5d:03:f9:b4:81:16:43:cf:53:9c:9a:84:aa:fe:
9e:f7:3e:0c:95:65:3f:e2:3f:66:27:42:86:df:fd:92:ac:5a:
91:38:54:1f:cb:8e:17:b0:48:e4:44:9d:90:b4:87:28:49:fd:
62:59:48:e9:4d:cd:52:28:99:56:c1:fa:8f:77:f9:82:5d:ee:
3a:7f:18:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVl1qHOfbn+ZjPEMaBbBf6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWJlMDI4ZjNiZTdlZTA3Mjg4NWQwMmJiZDdiNjJhNjUy
NDI1ZWYwHhcNMjUwMzA1MTAyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA2MmZlMGRmMTJlZmJmMjM4ZTIzMTVlOGUxYjUxZTQ1ZDQzNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyUjiX1+QL0wEiQf6J6+fDkg6Eob
eQkXmFNOhY64kSnaAEGvxelN8H4CBdxgiQl08UMsxI/b1E9gYuU8iex8xghB3WUF
mpuhPoiRaAqkaHJMvwNq20dI0hlF4ac03B894vyC0HZ7Ujpdbj1T2siAYCG47G4c
ucLxMHkUN5cdvBWHKH9RKU13/xaU8bzCJ8lTY97LTSBpEKIcqh9oo+QmiZXZyzvF
6kUZ29ClgZeadh7PkygXXtzEe59jkzl8V6pO/Wh2KY36gHHmOe6QXPnhSVn6ZybM
Z3HLiOpNHs81EWITLSIWitXaeNJVghiGo5yckPK7Z0dXKgVxDCTX1E7sRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUGL+DfEu+/I44jFejhtR5F1DavMB8GA1UdIwQY
MBaAFD6r4Cjzvn7gcohdArvXtiplJCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEt
ZGY3NDEwYjJkMjc1LzEveFFZdjROOFM3NzhqamlNVjZPRzFIa1hVTnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEtZGY3NDEwYjJkMjc1
LzEvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV0VMA0G
CSqGSIb3DQEBCwUAA4IBAQAc5VycBfesV9MzXgo0JVPIIRXsSzXGQzaHxkYVGdBK
kXEou345sDlQmEsty00aJnQr2oyw83wUygVMZ22wwV0GrVPkpi/tLWv+QcbLahIs
goNql8oxoUKiw+tyS9iDtcKc1fTTKdAr4duxxoBLtRI3CjolQpPqy1xLbMVbUYsu
C4zsJlHcXGO+lYaQCXlUshkNrLPxG7qSJruDhcuYt6U1bZN3B+afNJeB02yIKJei
HL6/vl/c0kv9XQP5tIEWQ89TnJqEqv6e9z4MlWU/4j9mJ0KG3/2SrFqROFQfy44X
sEjkRJ2QtIcoSf1iWUjpTc1SKJlWwfqPd/mCXe46fxhM
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:11:39 2025 by rpki-client