Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ikrs5y7apGwBphMVSsuu4bZODdQ.roa
File: ikrs5y7apGwBphMVSsuu4bZODdQ.roa (raw, json)
Hash identifier: r0qCCHHgj74zeqlDJU3TMbOvTPcvS4qvT9Z0u8IH+e8=
Subject key identifier: 8A:4A:EC:E7:2E:DA:A4:6C:01:A6:13:15:4A:CB:AE:E1:B6:4E:0D:D4
Certificate issuer: /CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Certificate serial: 019560DB4E0BEFD1DAF616E3FEB7D2F7DF00
Authority key identifier: 64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ikrs5y7apGwBphMVSsuu4bZODdQ.roa
Signing time: Tue 04 Mar 2025 11:12:19 +0000
ROA not before: Tue 04 Mar 2025 11:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8860
IP address blocks: 45.10.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 11:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:db:4e:0b:ef:d1:da:f6:16:e3:fe:b7:d2:f7:df:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Validity
Not Before: Mar 4 11:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4aece72edaa46c01a613154acbaee1b64e0dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:7a:13:e1:11:be:70:bb:db:fc:3c:41:d2:
73:fe:24:3c:22:61:2f:ad:e5:cf:2c:38:81:3d:34:
07:81:9c:e5:da:d4:7e:57:fa:ec:cc:6a:8c:2b:9a:
44:5e:3c:dc:c4:63:cc:31:53:b9:2b:97:79:c3:27:
b5:63:b6:db:46:1a:75:db:f8:90:f5:5f:6e:ea:8d:
48:b6:16:83:43:65:97:b3:02:ec:ac:6c:16:29:16:
37:59:b1:dc:aa:8f:22:3a:54:8d:00:34:08:48:d5:
44:19:25:68:3c:16:1b:00:69:b7:6a:5e:28:f4:02:
84:58:12:43:e6:d7:59:d9:bf:34:e7:d0:6f:78:31:
06:fe:f1:d8:2d:c7:7f:10:d1:0a:6a:a3:91:98:02:
b7:29:af:3f:f4:f5:c0:be:c9:3d:ae:06:fe:cb:e1:
57:39:b7:e7:35:51:93:08:53:34:9c:da:d2:08:2e:
37:22:d2:5d:10:df:a6:3f:0c:0c:67:9a:c6:91:94:
52:fb:73:87:79:a0:e3:41:56:b3:f6:53:d7:17:85:
79:36:ad:9c:3a:0a:42:4b:9d:61:d3:70:aa:0b:9d:
bf:9f:09:f7:c8:22:03:f7:fa:82:b9:94:75:3f:c2:
6d:40:2c:b0:56:b8:77:29:64:da:c1:7d:0a:fd:4f:
1f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4A:EC:E7:2E:DA:A4:6C:01:A6:13:15:4A:CB:AE:E1:B6:4E:0D:D4
X509v3 Authority Key Identifier:
keyid:64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ikrs5y7apGwBphMVSsuu4bZODdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.202.0/24
Signature Algorithm: sha256WithRSAEncryption
41:74:ac:d9:bf:fa:54:41:1f:3a:8a:4b:ab:0b:db:98:3e:67:
02:07:8e:eb:39:8c:13:f1:7e:2f:83:77:74:df:a3:5c:9a:92:
6a:35:f8:67:9f:23:e2:68:78:87:4e:22:71:4c:e0:d7:05:5c:
2d:e1:2f:98:17:12:f3:9f:bb:68:af:41:0d:b7:4d:bd:37:9f:
2c:b1:8f:cd:1b:47:28:5c:42:f0:d9:95:25:17:d7:52:21:63:
3b:fe:08:70:94:38:50:f3:ca:4e:1e:a5:59:35:5f:30:06:3c:
ab:5d:9d:5a:91:a4:71:54:87:80:8d:d4:da:9a:58:7f:e3:4b:
92:49:ac:17:2a:95:ee:f3:e5:db:f2:aa:1a:1e:9f:75:b0:f8:
49:1c:65:f2:67:4c:8f:90:6e:9e:4c:a5:76:00:0c:65:0e:84:
42:03:f3:22:ca:30:cc:ef:59:fc:c4:d0:ed:6c:e4:55:2b:70:
ff:b0:7d:ad:a3:7e:31:a5:8f:a0:5f:d4:0b:49:8f:64:3b:ca:
9a:db:1a:44:c9:15:ad:c0:eb:e4:ce:35:e3:d9:af:e9:c8:dc:
fc:c3:1c:9f:c6:57:97:75:5a:92:68:24:74:cc:e7:0f:bb:1f:
eb:9d:21:16:b5:96:db:92:6d:78:14:e2:42:d2:d7:26:1c:8e:
1f:2f:69:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVg204L79Ha9hbj/rfS998AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDg2NGFlOTJiZDdjZWFiNTA4M2JjYzcxMTAxZWYwNDY3
NmY4YWMwHhcNMjUwMzA0MTExMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRhZWNlNzJlZGFhNDZjMDFhNjEzMTU0YWNiYWVlMWI2NGUwZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjd6E+ERvnC72/w8QdJz/iQ8ImEv
reXPLDiBPTQHgZzl2tR+V/rszGqMK5pEXjzcxGPMMVO5K5d5wye1Y7bbRhp12/iQ
9V9u6o1IthaDQ2WXswLsrGwWKRY3WbHcqo8iOlSNADQISNVEGSVoPBYbAGm3al4o
9AKEWBJD5tdZ2b8059BveDEG/vHYLcd/ENEKaqORmAK3Ka8/9PXAvsk9rgb+y+FX
ObfnNVGTCFM0nNrSCC43ItJdEN+mPwwMZ5rGkZRS+3OHeaDjQVaz9lPXF4V5Nq2c
OgpCS51h03CqC52/nwn3yCID9/qCuZR1P8JtQCywVrh3KWTawX0K/U8f9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpK7Ocu2qRsAaYTFUrLruG2Tg3UMB8GA1UdIwQY
MBaAFGTYZK6SvXzqtQg7zHEQHvBGdvisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAt
MmMwNWNjOTIyMDAxLzEvaWtyczV5N2FwR3dCcGhNVlNzdXU0YlpPRGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAtMmMwNWNjOTIyMDAx
LzEvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQrKMA0G
CSqGSIb3DQEBCwUAA4IBAQBBdKzZv/pUQR86ikurC9uYPmcCB47rOYwT8X4vg3d0
36NcmpJqNfhnnyPiaHiHTiJxTODXBVwt4S+YFxLzn7tor0ENt029N58ssY/NG0co
XELw2ZUlF9dSIWM7/ghwlDhQ88pOHqVZNV8wBjyrXZ1akaRxVIeAjdTamlh/40uS
SawXKpXu8+Xb8qoaHp91sPhJHGXyZ0yPkG6eTKV2AAxlDoRCA/MiyjDM71n8xNDt
bORVK3D/sH2to34xpY+gX9QLSY9kO8qa2xpEyRWtwOvkzjXj2a/pyNz8wxyfxleX
dVqSaCR0zOcPux/rnSEWtZbbkm14FOJC0tcmHI4fL2mI
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:03:28 2025 by rpki-client