Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ibkMYLceb6zjqKF8CcZxUSqJgc.roa
File: 4ibkMYLceb6zjqKF8CcZxUSqJgc.roa (raw, json)
Hash identifier: 7Yq0Hx2igVIh7gF0zcaH/fZkcsFLfoygSf9ydxg+svo=
Subject key identifier: E2:26:E4:31:82:DC:79:BE:B3:8E:A2:85:F0:27:19:C5:44:AA:26:07
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C726716CB3F05D2C1721CF30A92972
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ibkMYLceb6zjqKF8CcZxUSqJgc.roa
Signing time: Thu 28 Mar 2024 15:56:44 +0000
ROA not before: Thu 28 Mar 2024 15:56:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.86.3.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:26:71:6c:b3:f0:5d:2c:17:21:cf:30:a9:29:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e226e43182dc79beb38ea285f02719c544aa2607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:27:be:27:87:b1:7c:b3:aa:8b:8e:d2:52:
d2:4b:51:bc:de:d9:31:cc:c2:5f:d5:6d:28:3f:aa:
23:75:8b:ac:e3:53:54:89:a8:b8:88:a0:b1:f1:14:
0c:17:d3:43:be:6e:31:fa:f3:ea:87:19:25:5b:ef:
63:22:dc:bb:51:a8:bf:43:68:70:25:a9:94:d3:b4:
00:59:2a:76:10:11:7b:60:d4:43:25:ab:37:96:d7:
79:84:75:0e:14:91:2b:b2:14:a8:fa:f3:13:7b:de:
0b:28:cc:78:6c:13:98:8e:0a:59:61:78:fd:56:61:
c3:18:db:eb:4c:a3:d1:53:c4:1f:60:ad:38:25:b6:
15:dc:98:67:e0:c7:ca:ff:e4:33:d1:07:7f:d9:7a:
ef:a0:1a:ff:9f:c6:03:fb:4d:50:be:ca:9c:f0:8d:
2c:c8:35:4b:ff:cb:95:20:bd:c2:9a:7e:79:cd:c5:
d4:34:ce:23:eb:aa:24:35:11:3c:a1:e2:8b:79:1b:
ed:b5:13:0c:f2:27:75:85:1d:53:76:eb:65:df:d0:
a6:3d:23:06:7c:e6:50:d0:88:9e:82:27:1b:89:05:
8f:b9:a7:ac:6f:89:b5:75:cd:4c:bd:26:dd:af:be:
f0:73:72:f0:ed:08:41:76:60:0b:b4:08:c8:32:1c:
47:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:26:E4:31:82:DC:79:BE:B3:8E:A2:85:F0:27:19:C5:44:AA:26:07
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ibkMYLceb6zjqKF8CcZxUSqJgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
83.171.212.0/22
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7a:9f:eb:d0:91:99:59:55:4a:94:10:e8:67:88:9b:ee:0d:
15:e4:e2:ac:39:c9:1e:0c:e7:0b:4b:d5:d7:7c:4b:23:f7:c9:
19:0e:0f:ca:67:ce:17:ca:ab:05:67:38:28:e7:85:88:20:2e:
0a:27:64:74:6c:df:99:33:6b:c3:8f:fd:9a:62:c7:f1:95:0f:
86:41:04:17:23:7e:00:bd:7d:68:b4:39:b8:ee:17:cf:e0:b9:
b7:56:74:b0:94:83:ad:e1:31:33:3d:ba:e1:9b:d4:a7:8c:f9:
75:ea:f1:47:13:cf:7c:e2:cb:e9:d0:3f:67:b5:87:c0:e0:6d:
67:c8:15:79:c6:69:ad:59:7d:09:c1:71:16:2a:3a:0a:75:40:
6f:f9:1d:60:b3:48:92:15:4f:7f:01:07:b4:8f:ac:8d:63:dc:
02:69:2b:03:8b:d7:95:0f:e7:bc:4d:bd:9b:a9:be:be:a4:1f:
7c:b8:c0:4d:55:3a:9d:1e:e5:b7:e7:85:f7:cf:0b:cf:14:d4:
68:3b:eb:0a:e0:e9:2b:5b:98:3f:f7:93:3d:c2:15:37:84:0d:
37:57:cc:7f:08:ab:7d:79:49:e7:03:a0:dc:bd:12:5b:24:e9:
9f:ce:d4:f3:9c:8f:8f:d3:a1:af:0a:6b:1f:cd:69:4c:20:17:
94:6a:c0:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6FxyZxbLPwXSwXIc8wqSlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjI2ZTQzMTgyZGM3OWJlYjM4ZWEyODVmMDI3MTljNTQ0YWEyNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0QnvieHsXyzqouO0lLSS1G83tkx
zMJf1W0oP6ojdYus41NUiai4iKCx8RQMF9NDvm4x+vPqhxklW+9jIty7Uai/Q2hw
JamU07QAWSp2EBF7YNRDJas3ltd5hHUOFJErshSo+vMTe94LKMx4bBOYjgpZYXj9
VmHDGNvrTKPRU8QfYK04JbYV3Jhn4MfK/+Qz0Qd/2XrvoBr/n8YD+01Qvsqc8I0s
yDVL/8uVIL3Cmn55zcXUNM4j66okNRE8oeKLeRvttRMM8id1hR1Tdutl39CmPSMG
fOZQ0IiegicbiQWPuaesb4m1dc1MvSbdr77wc3Lw7QhBdmALtAjIMhxHhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOIm5DGC3Hm+s46ihfAnGcVEqiYHMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNGlia01ZTGNlYjZ6anFLRjhDY1p4VVNxSmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVYDAwQC
U6vUAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQCDep/r0JGZWVVKlBDoZ4ib7g0V
5OKsOckeDOcLS9XXfEsj98kZDg/KZ84XyqsFZzgo54WIIC4KJ2R0bN+ZM2vDj/2a
YsfxlQ+GQQQXI34AvX1otDm47hfP4Lm3VnSwlIOt4TEzPbrhm9SnjPl16vFHE898
4svp0D9ntYfA4G1nyBV5xmmtWX0JwXEWKjoKdUBv+R1gs0iSFU9/AQe0j6yNY9wC
aSsDi9eVD+e8Tb2bqb6+pB98uMBNVTqdHuW354X3zwvPFNRoO+sK4OkrW5g/95M9
whU3hA03V8x/CKt9eUnnA6DcvRJbJOmfztTznI+P06GvCmsfzWlMIBeUasBe
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:29:00 2025 by rpki-client