Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XPkmfkAORLK4wMUfdcDqnAr3bhA.roa
File: XPkmfkAORLK4wMUfdcDqnAr3bhA.roa (raw, json)
Hash identifier: Bsk9lD7XfgN1jtEmHo2yK0zRQO01AjdN3lhQRDOuPw8=
Subject key identifier: 5C:F9:26:7E:40:0E:44:B2:B8:C0:C5:1F:75:C0:EA:9C:0A:F7:6E:10
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194E54521E5086E311BD303B63C700D9A8D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XPkmfkAORLK4wMUfdcDqnAr3bhA.roa
Signing time: Sat 08 Feb 2025 11:15:00 +0000
ROA not before: Sat 08 Feb 2025 11:15:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214114
IP address blocks: 45.144.173.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
212.192.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 08:14:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:45:21:e5:08:6e:31:1b:d3:03:b6:3c:70:0d:9a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 8 11:15:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cf9267e400e44b2b8c0c51f75c0ea9c0af76e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:40:db:58:2f:6e:9e:a9:9f:48:6f:c3:d2:63:
e4:10:5e:f6:75:5e:d9:53:ed:c2:e0:20:44:a6:6e:
e1:52:09:2a:e8:11:fe:44:ed:d7:2d:58:5f:d5:59:
b8:dc:50:ab:10:07:fc:31:80:f6:a2:f5:b7:5e:cd:
7f:ce:0f:e4:f0:d3:a7:70:a9:9c:64:d9:5e:72:43:
cf:b0:38:08:ba:ba:59:91:2c:69:41:c3:eb:fe:67:
bf:0c:51:e7:bd:9c:6b:48:3b:c3:20:75:5a:aa:26:
aa:f5:4f:8b:47:80:e7:13:a0:3f:73:79:f0:7b:6b:
e2:b0:a7:16:0d:54:d1:f7:5b:8a:3c:a4:81:9d:34:
a0:51:4d:96:3d:05:9a:13:b2:03:f0:49:28:94:39:
84:ed:30:b3:10:e4:8e:8d:0d:92:54:6f:eb:45:6d:
7c:11:85:92:a4:67:9e:f5:08:c2:47:f0:c4:07:f0:
7b:b7:e1:89:b4:7d:87:0e:fd:0c:c2:0f:41:7a:9e:
58:c8:9e:67:d7:a4:ae:55:a1:e3:99:e3:2e:67:03:
7f:cb:75:51:d5:b7:d9:a6:7d:93:15:0d:c1:fe:97:
e1:fc:b4:a1:be:c4:02:69:d9:6f:68:c4:7d:69:7f:
2f:d7:93:a0:ad:0c:98:76:41:02:fd:42:9d:05:30:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F9:26:7E:40:0E:44:B2:B8:C0:C5:1F:75:C0:EA:9C:0A:F7:6E:10
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XPkmfkAORLK4wMUfdcDqnAr3bhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.173.0/24
188.208.103.0/24
212.192.21.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ff:02:84:70:b9:ac:7d:0e:3c:6f:50:5c:1d:d3:fb:a3:31:
13:02:02:e2:99:8c:1b:7d:36:bc:06:b3:ed:4e:ac:bb:a0:b3:
f0:9b:04:18:d9:cf:43:50:fb:31:e0:fe:21:ac:aa:bd:52:4f:
92:f9:c6:06:38:b4:e3:09:5d:3a:ab:b8:2c:7e:c8:4c:88:af:
ef:45:ba:d1:d0:7c:61:93:cc:13:e9:5d:21:87:28:2c:d4:13:
ac:9d:db:99:32:09:09:79:40:d2:00:fb:f0:91:0f:18:f2:de:
99:96:c9:14:3d:8d:63:49:02:43:c2:a8:73:1d:fb:4f:91:c2:
a5:25:58:fa:e1:75:36:68:a8:29:22:18:c6:52:2e:ef:f6:fc:
84:16:92:d3:a5:81:7a:84:f8:6a:6e:d5:7b:06:6b:ba:d7:03:
68:73:83:f7:bd:82:3c:fe:ee:a5:11:84:6f:6b:da:0e:3e:43:
d8:b8:a7:b3:a2:5b:37:b9:9d:56:4b:4b:b0:84:a1:7a:f9:8a:
21:6b:b5:9f:e2:28:4c:11:f5:5d:33:ed:14:bd:34:17:ae:12:
da:dc:58:93:11:f2:9a:f8:d0:a2:55:55:64:cd:4e:3c:83:fa:
01:4d:86:c8:6e:95:3a:2b:82:df:33:7b:9a:0a:1a:7a:c5:53:
93:15:1b:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTlRSHlCG4xG9MDtjxwDZqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjA4MTExNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y5MjY3ZTQwMGU0NGIyYjhjMGM1MWY3NWMwZWE5YzBhZjc2ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUDbWC9unqmfSG/D0mPkEF72dV7Z
U+3C4CBEpm7hUgkq6BH+RO3XLVhf1Vm43FCrEAf8MYD2ovW3Xs1/zg/k8NOncKmc
ZNleckPPsDgIurpZkSxpQcPr/me/DFHnvZxrSDvDIHVaqiaq9U+LR4DnE6A/c3nw
e2visKcWDVTR91uKPKSBnTSgUU2WPQWaE7ID8EkolDmE7TCzEOSOjQ2SVG/rRW18
EYWSpGee9QjCR/DEB/B7t+GJtH2HDv0Mwg9Bep5YyJ5n16SuVaHjmeMuZwN/y3VR
1bfZpn2TFQ3B/pfh/LShvsQCadlvaMR9aX8v15OgrQyYdkEC/UKdBTCaxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFz5Jn5ADkSyuMDFH3XA6pwK924QMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWFBrbWZrQU9STEs0d01VZmRjRHFuQXIzYmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZCtAwQA
vNBnAwQA1MAVMA0GCSqGSIb3DQEBCwUAA4IBAQB4/wKEcLmsfQ48b1BcHdP7ozET
AgLimYwbfTa8BrPtTqy7oLPwmwQY2c9DUPsx4P4hrKq9Uk+S+cYGOLTjCV06q7gs
fshMiK/vRbrR0Hxhk8wT6V0hhygs1BOsnduZMgkJeUDSAPvwkQ8Y8t6ZlskUPY1j
SQJDwqhzHftPkcKlJVj64XU2aKgpIhjGUi7v9vyEFpLTpYF6hPhqbtV7Bmu61wNo
c4P3vYI8/u6lEYRva9oOPkPYuKezols3uZ1WS0uwhKF6+Yoha7Wf4ihMEfVdM+0U
vTQXrhLa3FiTEfKa+NCiVVVkzU48g/oBTYbIbpU6K4LfM3uaChp6xVOTFRuZ
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:26:39 2025 by rpki-client