Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qH9yrKr2MPC0b-NxkldoVSwFkfU.roa
File: qH9yrKr2MPC0b-NxkldoVSwFkfU.roa (raw, json)
Hash identifier: JcoIZhGBF3JFKNg8/OKzO7oQN3KfaRy723xl3/prSfM=
Subject key identifier: A8:7F:72:AC:AA:F6:30:F0:B4:6F:E3:71:92:57:68:55:2C:05:91:F5
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 019427B5BEEA3D9266C9F3E23B0BE530E48D
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qH9yrKr2MPC0b-NxkldoVSwFkfU.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59456
IP address blocks: 45.152.40.0/22 maxlen: 22
91.239.15.0/24 maxlen: 24
195.244.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 08:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:be:ea:3d:92:66:c9:f3:e2:3b:0b:e5:30:e4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a87f72acaaf630f0b46fe371925768552c0591f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:74:67:1d:21:f0:8a:a9:29:db:e3:9b:48:
ec:d7:97:8f:0b:c4:76:51:32:ec:b7:58:62:4c:ab:
64:02:ff:9e:42:9a:09:a1:c4:38:23:61:f4:85:54:
fb:3d:00:a3:ba:67:6d:cd:43:70:07:60:68:eb:b7:
43:e0:b4:99:4c:b4:5b:cc:40:5d:af:06:a7:a8:4b:
44:b1:b9:57:8c:3c:8b:a7:2b:c7:70:b7:63:a8:58:
11:61:a5:c9:29:ed:4c:d9:63:5d:35:2a:fd:2a:15:
fc:f4:13:70:47:ab:19:0b:94:dc:e7:3e:49:08:a8:
96:24:f9:a7:46:42:03:17:80:24:fa:07:92:5f:5a:
57:c4:e5:ff:5f:a0:73:ab:98:a3:87:c8:9c:ea:75:
49:dc:50:55:33:48:1c:e0:89:46:61:97:4f:28:c5:
17:d3:60:14:bb:db:d8:23:0c:52:b6:dc:fa:21:95:
b5:60:4c:79:6b:5b:3f:c8:18:7b:02:43:aa:22:89:
9c:38:2c:7d:2e:c1:68:9e:0d:ac:fd:60:89:d3:10:
42:b3:c8:3b:e2:c0:cb:55:77:b5:d9:88:1c:8d:37:
be:3a:39:36:9d:89:9c:0c:ae:ac:b3:e3:20:a2:b8:
59:14:6f:b3:9c:3e:13:67:ee:12:1d:75:99:4a:4d:
da:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7F:72:AC:AA:F6:30:F0:B4:6F:E3:71:92:57:68:55:2C:05:91:F5
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qH9yrKr2MPC0b-NxkldoVSwFkfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.40.0/22
91.239.15.0/24
195.244.18.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:db:e1:a3:e7:e9:ca:12:e5:fe:df:84:79:60:e3:eb:bb:d9:
da:ae:5e:28:a8:84:b3:28:5f:9b:46:bf:56:ba:50:c7:0e:50:
26:65:81:fa:e8:3e:15:c9:4e:2c:cd:55:29:29:b4:22:7a:82:
08:2c:71:c7:47:84:0b:67:d6:0f:40:63:73:e1:ab:a5:0a:6b:
be:6f:6d:19:cd:a9:4c:97:e7:1d:c2:2d:d9:87:b4:04:6b:f3:
87:36:f4:7c:a8:fa:11:44:98:30:ed:50:64:8d:42:d8:0c:69:
71:b0:48:ac:4d:1b:79:d4:11:8b:8c:d7:61:54:51:bb:45:59:
85:78:04:89:b4:42:0e:d5:4a:04:2a:c4:5f:07:7e:c4:18:03:
a3:a2:eb:0c:74:07:f6:69:0e:65:3f:c0:af:df:51:ed:d3:53:
fc:fd:8a:07:6f:fe:55:83:a1:cc:41:2a:e0:ad:b4:40:26:2e:
a2:dd:3d:cd:8f:92:8f:f6:15:dd:ac:2e:f2:48:d3:57:d2:39:
48:14:e4:43:9b:4e:06:fb:3b:13:76:e0:05:25:7f:26:38:56:
42:63:48:bc:7b:4f:9c:a5:17:c7:c5:c2:ef:63:97:ca:df:08:
b3:a7:37:6a:63:e2:d2:7c:6d:f0:4d:cf:31:74:3e:05:f4:3a:
94:7b:1f:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntb7qPZJmyfPiOwvlMOSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODdmNzJhY2FhZjYzMGYwYjQ2ZmUzNzE5MjU3Njg1NTJjMDU5MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR50Zx0h8IqpKdvjm0js15ePC8R2
UTLst1hiTKtkAv+eQpoJocQ4I2H0hVT7PQCjumdtzUNwB2Bo67dD4LSZTLRbzEBd
rwanqEtEsblXjDyLpyvHcLdjqFgRYaXJKe1M2WNdNSr9KhX89BNwR6sZC5Tc5z5J
CKiWJPmnRkIDF4Ak+geSX1pXxOX/X6Bzq5ijh8ic6nVJ3FBVM0gc4IlGYZdPKMUX
02AUu9vYIwxSttz6IZW1YEx5a1s/yBh7AkOqIomcOCx9LsFong2s/WCJ0xBCs8g7
4sDLVXe12YgcjTe+Ojk2nYmcDK6ss+MgorhZFG+znD4TZ+4SHXWZSk3apwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKh/cqyq9jDwtG/jcZJXaFUsBZH1MB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvcUg5eXJLcjJNUEMwYi1OeGtsZG9WU3dGa2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZgoAwQA
W+8PAwQAw/QSMA0GCSqGSIb3DQEBCwUAA4IBAQAu2+Gj5+nKEuX+34R5YOPru9na
rl4oqISzKF+bRr9WulDHDlAmZYH66D4VyU4szVUpKbQieoIILHHHR4QLZ9YPQGNz
4aulCmu+b20ZzalMl+cdwi3Zh7QEa/OHNvR8qPoRRJgw7VBkjULYDGlxsEisTRt5
1BGLjNdhVFG7RVmFeASJtEIO1UoEKsRfB37EGAOjousMdAf2aQ5lP8Cv31Ht01P8
/YoHb/5Vg6HMQSrgrbRAJi6i3T3Nj5KP9hXdrC7ySNNX0jlIFORDm04G+zsTduAF
JX8mOFZCY0i8e0+cpRfHxcLvY5fK3wizpzdqY+LSfG3wTc8xdD4F9DqUex+I
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:59:11 2025 by rpki-client