Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/FLV4Zh20tn7CVUTDOPHkhZPTk70.roa
File: FLV4Zh20tn7CVUTDOPHkhZPTk70.roa (raw, json)
Hash identifier: uaaBAVkA9rsszptKloarAXMzvQ81784ZnKbERI4a/98=
Subject key identifier: 14:B5:78:66:1D:B4:B6:7E:C2:55:44:C3:38:F1:E4:85:93:D3:93:BD
Certificate issuer: /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial: 018CC94E2E7D25D13C6344AC719645788D4E
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/FLV4Zh20tn7CVUTDOPHkhZPTk70.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211878
IP address blocks: 45.152.88.0/22 maxlen: 24
2a0f:5100::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2e:7d:25:d1:3c:63:44:ac:71:96:45:78:8d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14b578661db4b67ec25544c338f1e48593d393bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7c:72:a2:f6:8a:a0:73:6e:56:4a:56:dc:96:
da:0c:2a:04:65:39:fd:49:56:bc:bc:fc:8f:e8:7e:
cf:70:b9:52:45:ea:9c:96:7a:18:2e:a1:a8:d0:73:
7b:f1:ca:29:23:d7:b7:94:4f:16:31:dc:c0:15:7f:
22:a9:fe:74:6e:bc:c5:a2:5c:f8:32:20:ec:88:ee:
2d:6a:ce:5b:70:92:44:6b:bb:dd:a4:7d:77:51:ad:
6a:d8:30:f8:8b:75:ff:a3:a2:a0:95:fd:c1:25:0b:
9f:f1:4e:39:22:2e:5b:b4:0a:e0:68:a7:ed:0c:e3:
36:2b:30:4d:db:c5:e5:32:80:da:77:18:d6:44:e8:
87:a0:c6:7b:7c:aa:fe:01:a1:2a:d0:89:6d:de:81:
e3:dc:41:41:46:59:05:85:2a:47:e9:f4:83:09:03:
a6:5b:62:55:d6:73:b2:81:89:91:78:89:e9:48:dd:
92:1e:cf:f7:28:2f:38:98:a8:de:38:1e:6a:20:b7:
ea:d7:76:c9:01:06:44:1b:35:42:93:e9:a0:a8:70:
4b:54:3a:44:c3:7a:a6:3e:e1:42:a2:10:b0:b8:de:
74:f6:6b:5a:dc:65:0f:7a:ea:99:07:85:73:e3:b7:
21:dd:0e:be:18:5f:52:ee:3c:51:6e:d0:97:dd:b7:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B5:78:66:1D:B4:B6:7E:C2:55:44:C3:38:F1:E4:85:93:D3:93:BD
X509v3 Authority Key Identifier:
keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/FLV4Zh20tn7CVUTDOPHkhZPTk70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.88.0/22
IPv6:
2a0f:5100::/29
Signature Algorithm: sha256WithRSAEncryption
a0:a1:99:5e:63:7c:f5:b4:39:0b:66:be:bd:3d:7a:ed:18:2f:
0b:c0:84:3e:6c:6d:4a:a8:61:77:3f:1b:2b:28:6c:4a:a5:37:
98:3a:68:0d:e3:0b:d0:8b:85:9b:5f:14:66:d4:c9:df:ec:9e:
43:82:77:78:de:f0:77:21:c7:32:58:6a:d8:76:0c:3e:77:14:
ea:84:3c:df:4a:94:d5:08:e2:7e:7f:7b:7c:88:50:5f:26:b2:
6c:22:01:ff:ef:f9:de:c7:22:ec:44:22:cd:02:9c:fd:44:42:
5c:12:be:b6:2b:46:e4:7c:3f:d4:45:c1:97:e4:36:c3:01:5b:
b7:70:37:b4:d2:05:d4:18:02:2a:c1:ef:e1:6e:d5:23:6b:2d:
23:43:5e:1f:24:e4:76:2b:a3:3a:e5:88:01:81:a8:df:6d:40:
a4:04:73:81:c1:8d:3c:7c:e3:db:3d:56:ba:09:3f:2b:72:10:
96:98:f8:76:4f:89:67:7d:c3:68:d6:f7:7f:82:8b:3e:c8:35:
6a:9a:55:59:e8:71:d9:f6:23:e1:b6:9e:c2:08:6a:60:44:c4:
fa:ab:23:1c:17:86:2b:0b:b2:71:03:a2:81:04:e2:bf:f2:4b:
fb:b4:04:9a:50:b0:48:ea:23:18:cf:1a:96:2e:ae:d3:4d:3b:
5d:7a:08:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTi59JdE8Y0SscZZFeI1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI1Nzg2NjFkYjRiNjdlYzI1NTQ0YzMzOGYxZTQ4NTkzZDM5M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHxyovaKoHNuVkpW3JbaDCoEZTn9
SVa8vPyP6H7PcLlSReqclnoYLqGo0HN78copI9e3lE8WMdzAFX8iqf50brzFolz4
MiDsiO4tas5bcJJEa7vdpH13Ua1q2DD4i3X/o6Kglf3BJQuf8U45Ii5btArgaKft
DOM2KzBN28XlMoDadxjWROiHoMZ7fKr+AaEq0Ilt3oHj3EFBRlkFhSpH6fSDCQOm
W2JV1nOygYmReInpSN2SHs/3KC84mKjeOB5qILfq13bJAQZEGzVCk+mgqHBLVDpE
w3qmPuFCohCwuN509mta3GUPeuqZB4Vz47ch3Q6+GF9S7jxRbtCX3bdQrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBS1eGYdtLZ+wlVEwzjx5IWT05O9MB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvRkxWNFpoMjB0bjdDVlVURE9QSGtoWlBUazcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZhYMA0E
AgACMAcDBQMqD1EAMA0GCSqGSIb3DQEBCwUAA4IBAQCgoZleY3z1tDkLZr69PXrt
GC8LwIQ+bG1KqGF3PxsrKGxKpTeYOmgN4wvQi4WbXxRm1Mnf7J5Dgnd43vB3Iccy
WGrYdgw+dxTqhDzfSpTVCOJ+f3t8iFBfJrJsIgH/7/nexyLsRCLNApz9REJcEr62
K0bkfD/URcGX5DbDAVu3cDe00gXUGAIqwe/hbtUjay0jQ14fJOR2K6M65YgBgajf
bUCkBHOBwY08fOPbPVa6CT8rchCWmPh2T4lnfcNo1vd/gos+yDVqmlVZ6HHZ9iPh
tp7CCGpgRMT6qyMcF4YrC7JxA6KBBOK/8kv7tASaULBI6iMYzxqWLq7TTTtdegh9
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:38 2025 by rpki-client