Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/DFVfFUE9SRWg8tCSdHnDr-MMBGw.roa
File: DFVfFUE9SRWg8tCSdHnDr-MMBGw.roa (raw, json)
Hash identifier: mMaOEZmOiWhfsqZMayVkkMj9XC34IQKN9iQA8S3J/a0=
Subject key identifier: 0C:55:5F:15:41:3D:49:15:A0:F2:D0:92:74:79:C3:AF:E3:0C:04:6C
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 01954DB93BEC3757E1F3FC868C215E99239E
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/DFVfFUE9SRWg8tCSdHnDr-MMBGw.roa
Signing time: Fri 28 Feb 2025 18:02:19 +0000
ROA not before: Fri 28 Feb 2025 18:02:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213527
IP address blocks: 45.157.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 18:39:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:b9:3b:ec:37:57:e1:f3:fc:86:8c:21:5e:99:23:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Feb 28 18:02:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c555f15413d4915a0f2d0927479c3afe30c046c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bf:6f:2a:15:d6:40:76:d1:2d:78:a5:ec:36:
f1:21:2d:93:99:84:ae:ec:04:31:4e:50:28:c4:a3:
d5:51:97:d9:c6:67:36:a3:5b:5d:16:8d:6e:24:9d:
9b:02:f6:5f:24:ee:ed:38:67:36:8c:41:45:b8:9c:
e1:54:44:84:99:3d:3a:55:61:db:11:a6:fd:08:47:
c0:39:4c:71:53:68:e7:de:a4:76:80:f4:16:b2:50:
a8:74:7d:8f:cd:5b:eb:04:63:68:77:22:4e:4d:39:
fb:b6:f8:7f:e6:1f:27:b6:76:7c:2c:0f:1e:3c:01:
6d:07:f8:da:59:85:d5:ea:1d:1c:34:f2:ca:67:68:
4a:4b:41:bc:cd:ce:f6:17:a7:61:7e:ec:ff:04:2f:
15:ee:de:12:5d:ed:69:2e:7c:e1:b8:38:a5:77:d6:
59:eb:80:68:34:af:82:67:47:06:06:0c:8d:27:6d:
5a:e8:28:58:08:0d:90:be:8f:56:92:df:97:83:f7:
20:79:ca:c0:35:ed:15:93:7f:2c:89:b5:85:56:29:
9c:70:3c:4b:a3:d3:3f:97:31:c5:d2:80:e5:69:54:
bc:9d:bc:84:63:76:81:f8:7b:21:a1:5f:64:58:4b:
db:68:c7:d8:a1:19:6a:b5:55:52:66:4f:90:12:f2:
98:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:55:5F:15:41:3D:49:15:A0:F2:D0:92:74:79:C3:AF:E3:0C:04:6C
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/DFVfFUE9SRWg8tCSdHnDr-MMBGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.11.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:f0:bf:ae:e0:14:95:21:ea:57:7b:0c:93:62:75:8f:94:78:
90:5c:69:94:85:e9:94:77:3e:01:14:e8:45:1a:3d:cb:10:51:
bd:c2:67:07:19:f9:a1:4b:08:c5:75:61:08:18:0c:4d:96:8f:
bb:0b:d5:08:9c:e7:93:d1:cd:d6:25:aa:79:dc:2e:6d:b8:ea:
9f:84:a7:5c:88:8a:74:31:6a:26:a7:ef:31:2a:b7:a5:9a:ec:
cd:6c:24:db:d4:74:c8:63:aa:3a:2c:51:3b:5d:59:35:5b:a9:
39:52:a9:4c:c3:8d:09:e6:73:35:c9:0a:19:9f:05:70:c7:e0:
48:64:e5:9b:cf:2b:17:8e:5d:05:65:90:ea:88:d4:06:f0:15:
0b:21:2c:50:da:71:81:37:47:00:f3:d2:55:ee:cb:58:cf:f3:
0a:6d:86:89:8e:b3:60:1b:16:83:3f:5b:4e:29:f5:30:03:55:
4c:aa:7a:31:01:6c:c2:06:71:74:16:44:fd:9a:b6:ab:28:c7:
46:e2:c7:e8:d9:59:d9:f9:f7:cb:b7:5e:02:b8:5d:0f:4a:3e:
d5:15:66:ba:5a:21:a5:48:c7:c1:ba:14:6b:ff:92:e2:e7:9c:
44:5c:ea:3a:b3:c4:48:c5:49:0c:10:87:33:52:ba:3c:d6:c6:
8d:a4:21:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVNuTvsN1fh8/yGjCFemSOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjUwMjI4MTgwMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU1NWYxNTQxM2Q0OTE1YTBmMmQwOTI3NDc5YzNhZmUzMGMwNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb9vKhXWQHbRLXil7DbxIS2TmYSu
7AQxTlAoxKPVUZfZxmc2o1tdFo1uJJ2bAvZfJO7tOGc2jEFFuJzhVESEmT06VWHb
Eab9CEfAOUxxU2jn3qR2gPQWslCodH2PzVvrBGNodyJOTTn7tvh/5h8ntnZ8LA8e
PAFtB/jaWYXV6h0cNPLKZ2hKS0G8zc72F6dhfuz/BC8V7t4SXe1pLnzhuDild9ZZ
64BoNK+CZ0cGBgyNJ21a6ChYCA2Qvo9Wkt+Xg/cgecrANe0Vk38sibWFVimccDxL
o9M/lzHF0oDlaVS8nbyEY3aB+HshoV9kWEvbaMfYoRlqtVVSZk+QEvKYTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxVXxVBPUkVoPLQknR5w6/jDARsMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvREZWZkZVRTlTUldnOHRDU2RIbkRyLU1NQkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0LMA0G
CSqGSIb3DQEBCwUAA4IBAQDD8L+u4BSVIepXewyTYnWPlHiQXGmUhemUdz4BFOhF
Gj3LEFG9wmcHGfmhSwjFdWEIGAxNlo+7C9UInOeT0c3WJap53C5tuOqfhKdciIp0
MWomp+8xKrelmuzNbCTb1HTIY6o6LFE7XVk1W6k5UqlMw40J5nM1yQoZnwVwx+BI
ZOWbzysXjl0FZZDqiNQG8BULISxQ2nGBN0cA89JV7stYz/MKbYaJjrNgGxaDP1tO
KfUwA1VMqnoxAWzCBnF0FkT9mrarKMdG4sfo2VnZ+ffLt14CuF0PSj7VFWa6WiGl
SMfBuhRr/5Li55xEXOo6s8RIxUkMEIczUro81saNpCHB
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:18:11 2025 by rpki-client