Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa
File: 0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa (raw, json)
Hash identifier: /BPEV/pf8j5BY52rBll7RukSydB6ARS+ZNBT/4pnRHA=
Subject key identifier: D2:5B:C0:1C:43:B3:9A:09:E3:91:5E:68:F1:DA:B3:A3:E9:6F:0D:C3
Certificate issuer: /CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
Certificate serial: 0196FBBF854C7F015890C1735FDFA8CEFCD6
Authority key identifier: 1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa
Signing time: Fri 23 May 2025 06:05:54 +0000
ROA not before: Fri 23 May 2025 06:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57137
IP address blocks: 45.129.148.0/24 maxlen: 24
45.129.150.0/24 maxlen: 24
45.129.151.0/24 maxlen: 24
2a0e:4c41::/32 maxlen: 32
2a0e:4c47:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 01 Jun 2025 18:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fb:bf:85:4c:7f:01:58:90:c1:73:5f:df:a8:ce:fc:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
Validity
Not Before: May 23 06:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d25bc01c43b39a09e3915e68f1dab3a3e96f0dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cf:5c:64:66:59:71:5a:b4:bc:fe:b4:53:ba:
f1:a5:f3:68:47:9d:5b:bb:0f:2c:09:7f:1b:9c:4f:
81:13:c5:a6:68:30:a0:e6:32:1f:a3:6e:cf:4d:43:
6f:5b:0f:78:82:ce:12:00:32:f0:a0:a1:2b:97:ed:
27:ca:2c:a7:ed:2b:55:ec:7d:d8:5a:87:37:47:f3:
25:26:e5:a6:4e:57:39:da:7c:c8:69:17:3a:bb:c6:
7a:5b:bc:42:b4:47:69:51:65:6a:cd:44:40:f0:ab:
25:cb:c4:4d:0a:b9:32:b4:86:0f:7e:1d:70:8d:3e:
4d:f2:fe:f9:a0:39:6e:23:b8:92:33:e5:06:c8:49:
5e:dd:ca:da:47:1e:26:ac:fb:66:ab:29:a2:e9:83:
fe:d9:20:33:b4:7b:64:44:9c:c7:75:49:ce:80:d2:
4c:bb:de:ed:b5:11:81:4f:7f:99:44:3b:46:46:92:
a2:b0:f1:09:b1:73:bc:56:52:12:2b:fc:d4:8b:44:
19:4f:a9:dd:c0:bc:e6:6d:f6:c0:32:2b:ca:a2:d5:
84:08:38:95:f5:01:95:d8:ff:07:a3:e8:c0:a8:6f:
e3:9f:fd:8f:dc:ff:20:c0:ee:55:7d:d7:d0:1e:97:
97:d5:5b:90:14:22:7b:f7:b2:d6:1e:16:8e:f9:4b:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5B:C0:1C:43:B3:9A:09:E3:91:5E:68:F1:DA:B3:A3:E9:6F:0D:C3
X509v3 Authority Key Identifier:
keyid:1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/HOZcV2hs5eUbNn_JlrSbzFmJa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.148.0/24
45.129.150.0/23
IPv6:
2a0e:4c41::/32
2a0e:4c47:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
53:b8:d3:d6:ed:fa:28:04:72:8a:53:97:c2:40:f2:6d:e1:e0:
c9:b5:65:0f:d5:32:c0:f5:38:c7:c2:22:3f:ff:8d:69:18:8c:
dc:13:3a:90:f4:a4:81:da:29:3d:3d:8c:ff:62:77:57:46:85:
03:ef:f5:0d:76:6a:03:0c:92:85:f9:65:e9:8e:b1:ac:e4:89:
51:23:ff:a9:c8:cd:82:1a:25:b4:86:60:87:15:0d:1a:b4:b3:
34:7a:c3:8d:fa:c4:be:e4:57:bd:8a:ff:aa:10:35:46:0c:e0:
9a:59:4f:16:c3:6f:bb:56:34:17:9a:ce:04:f9:13:fd:0e:97:
94:db:c5:d7:83:6f:89:db:5e:b9:c8:8a:8c:ee:0c:b9:3e:36:
43:37:17:56:76:04:e4:a7:b5:66:54:b5:77:1a:a4:7a:6e:bb:
5f:1e:52:8e:3a:06:a9:3a:dc:ad:cb:a9:e8:be:33:21:ff:dd:
bd:e4:ed:18:27:e6:40:03:b0:43:d1:74:31:f6:46:ee:2c:48:
0b:de:8b:11:38:3e:75:10:0a:ed:61:9d:1c:4d:4b:cd:b9:a3:
80:3f:b3:e9:40:d8:57:7e:0a:1d:b5:ed:9c:d5:23:70:b7:de:
92:57:99:91:1f:3a:fe:6d:ec:69:42:74:59:68:91:c3:53:d9:
82:e5:47:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZb7v4VMfwFYkMFzX9+ozvzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZTY1YzU3Njg2Y2U1ZTUxYjM2N2ZjOTk2YjQ5YmNjNTk4
OTZiOWMwHhcNMjUwNTIzMDYwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjViYzAxYzQzYjM5YTA5ZTM5MTVlNjhmMWRhYjNhM2U5NmYwZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl89cZGZZcVq0vP60U7rxpfNoR51b
uw8sCX8bnE+BE8WmaDCg5jIfo27PTUNvWw94gs4SADLwoKErl+0nyiyn7StV7H3Y
Woc3R/MlJuWmTlc52nzIaRc6u8Z6W7xCtEdpUWVqzURA8Ksly8RNCrkytIYPfh1w
jT5N8v75oDluI7iSM+UGyEle3craRx4mrPtmqymi6YP+2SAztHtkRJzHdUnOgNJM
u97ttRGBT3+ZRDtGRpKisPEJsXO8VlISK/zUi0QZT6ndwLzmbfbAMivKotWECDiV
9QGV2P8Ho+jAqG/jn/2P3P8gwO5VfdfQHpeX1VuQFCJ797LWHhaO+UsCKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNJbwBxDs5oJ45FeaPHas6Ppbw3DMB8GA1UdIwQY
MBaAFBzmXFdobOXlGzZ/yZa0m8xZiWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjIt
MTI4YjVjM2QwNTNhLzEvMGx2QUhFT3ptZ25qa1Y1bzhkcXpvLWx2RGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjItMTI4YjVjM2QwNTNh
LzEvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYGUAwQB
LYGWMBYEAgACMBADBQAqDkxBAwcAKg5MR///MA0GCSqGSIb3DQEBCwUAA4IBAQBT
uNPW7fooBHKKU5fCQPJt4eDJtWUP1TLA9TjHwiI//41pGIzcEzqQ9KSB2ik9PYz/
YndXRoUD7/UNdmoDDJKF+WXpjrGs5IlRI/+pyM2CGiW0hmCHFQ0atLM0esON+sS+
5Fe9iv+qEDVGDOCaWU8Ww2+7VjQXms4E+RP9DpeU28XXg2+J2165yIqM7gy5PjZD
NxdWdgTkp7VmVLV3GqR6brtfHlKOOgapOtyty6novjMh/9295O0YJ+ZAA7BD0XQx
9kbuLEgL3osROD51EArtYZ0cTUvNuaOAP7PpQNhXfgodte2c1SNwt96SV5mRHzr+
bexpQnRZaJHDU9mC5Uek
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:09:16 2025 by rpki-client