Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oPr2SjuICdpkuS2iqwoSOXW2pII.roa
File: oPr2SjuICdpkuS2iqwoSOXW2pII.roa (raw, json)
Hash identifier: t3VZA5kx+5GqMztRooo7Xmy+Yl+m2v2Vx77+NSSoUMI=
Subject key identifier: A0:FA:F6:4A:3B:88:09:DA:64:B9:2D:A2:AB:0A:12:39:75:B6:A4:82
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C728A7A787F47D93078B2DBCAB3EF1
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oPr2SjuICdpkuS2iqwoSOXW2pII.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:28:a7:a7:87:f4:7d:93:07:8b:2d:bc:ab:3e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0faf64a3b8809da64b92da2ab0a123975b6a482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:69:73:6f:13:51:bd:a2:3f:65:bf:24:5e:49:
74:d4:f8:50:fa:85:b6:10:a3:5a:79:55:72:35:20:
67:04:1c:8e:8b:f6:b4:98:b9:e9:d9:aa:d6:db:06:
55:88:a4:96:7f:b4:4e:34:ff:f8:f1:ec:75:ec:2a:
3f:df:97:52:be:36:40:9e:70:3a:80:4b:77:96:4d:
f3:87:47:de:e1:20:f5:2b:77:ee:59:6b:2b:09:9b:
a2:8c:b8:93:ff:b2:47:72:e8:52:60:64:f2:d1:e1:
7d:00:35:07:da:66:3a:8a:90:9e:c0:be:8c:52:4a:
29:37:53:9b:8b:73:bd:3b:2c:7b:20:5c:48:97:45:
ba:07:e0:35:d3:ea:3c:0d:6d:97:fd:94:f0:23:27:
27:d1:24:7b:df:09:ea:20:99:6b:64:03:fe:b0:c1:
52:b6:24:19:2e:b5:dd:c7:bc:48:02:29:d1:42:1b:
37:e4:8e:43:5b:80:19:c4:21:95:f8:d0:9a:c5:e2:
7b:70:4f:46:5e:4a:bf:36:d4:a3:11:fd:b0:06:e3:
e7:63:5f:4d:50:44:da:3d:90:14:dc:40:2a:3e:5f:
28:53:ab:71:50:7c:e2:9a:f6:f6:bc:7b:62:11:c1:
b0:5c:7a:01:bd:5b:79:9f:a6:e1:95:a7:8d:36:64:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FA:F6:4A:3B:88:09:DA:64:B9:2D:A2:AB:0A:12:39:75:B6:A4:82
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/oPr2SjuICdpkuS2iqwoSOXW2pII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.124.0/23
45.87.127.0/24
88.218.184.0/22
194.59.222.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:50:6e:96:53:f8:d8:16:a2:7d:59:3a:28:c3:62:69:43:24:
bc:7a:4a:10:db:f7:46:77:6a:1c:a6:76:1e:46:5e:8a:d3:4a:
a9:42:c8:56:2e:d1:0a:2b:55:61:25:e1:cd:31:6c:26:37:4a:
c0:6a:ae:a9:e6:3c:93:3a:c2:89:59:9a:ad:18:77:34:8d:b4:
55:96:53:8a:f5:6f:62:8b:27:d5:7e:66:62:dc:7f:e2:fe:1c:
e8:9c:d0:07:44:1b:7d:a0:58:fa:9b:85:a9:7a:cf:7c:e3:38:
95:ea:61:94:b5:9f:50:3c:77:b4:ce:16:ef:62:a5:d5:da:59:
e9:1b:63:ca:5f:25:cf:f9:1b:58:f6:b3:f7:54:9e:bf:60:8c:
09:e9:5a:18:78:3f:6c:d1:5d:93:0d:f6:cf:94:3a:74:36:e8:
05:7e:5e:06:91:98:c6:84:ca:33:33:c1:ba:6f:e7:7e:5f:9f:
b1:34:40:1c:bc:da:a9:42:bb:e9:cc:3f:32:90:f8:51:84:24:
f5:b5:e0:43:75:e0:7a:01:fc:e5:b4:41:75:50:d1:eb:2b:53:
3a:90:26:ab:12:21:a3:03:63:34:bd:52:87:51:99:13:e1:9e:
a3:83:45:8f:e7:e8:55:97:0d:ed:61:68:80:5d:ee:76:11:4c:
54:ac:e2:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6Fxyinp4f0fZMHiy28qz7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZhZjY0YTNiODgwOWRhNjRiOTJkYTJhYjBhMTIzOTc1YjZhNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWlzbxNRvaI/Zb8kXkl01PhQ+oW2
EKNaeVVyNSBnBByOi/a0mLnp2arW2wZViKSWf7RONP/48ex17Co/35dSvjZAnnA6
gEt3lk3zh0fe4SD1K3fuWWsrCZuijLiT/7JHcuhSYGTy0eF9ADUH2mY6ipCewL6M
UkopN1Obi3O9Oyx7IFxIl0W6B+A10+o8DW2X/ZTwIycn0SR73wnqIJlrZAP+sMFS
tiQZLrXdx7xIAinRQhs35I5DW4AZxCGV+NCaxeJ7cE9GXkq/NtSjEf2wBuPnY19N
UETaPZAU3EAqPl8oU6txUHzimvb2vHtiEcGwXHoBvVt5n6bhlaeNNmQhrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKD69ko7iAnaZLktoqsKEjl1tqSCMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvb1ByMlNqdUlDZHBrdVMyaXF3b1NPWFcycElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVd8AwQA
LVd/AwQCWNq4AwQAwjveAwQA1GsZMA0GCSqGSIb3DQEBCwUAA4IBAQBPUG6WU/jY
FqJ9WToow2JpQyS8ekoQ2/dGd2ocpnYeRl6K00qpQshWLtEKK1VhJeHNMWwmN0rA
aq6p5jyTOsKJWZqtGHc0jbRVllOK9W9iiyfVfmZi3H/i/hzonNAHRBt9oFj6m4Wp
es984ziV6mGUtZ9QPHe0zhbvYqXV2lnpG2PKXyXP+RtY9rP3VJ6/YIwJ6VoYeD9s
0V2TDfbPlDp0NugFfl4GkZjGhMozM8G6b+d+X5+xNEAcvNqpQrvpzD8ykPhRhCT1
teBDdeB6AfzltEF1UNHrK1M6kCarEiGjA2M0vVKHUZkT4Z6jg0WP5+hVlw3tYWiA
Xe52EUxUrOL/
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:14:56 2025 by rpki-client