Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/j1las1wMORwNrpIJ7O29MgJ6vm8.roa
File: j1las1wMORwNrpIJ7O29MgJ6vm8.roa (raw, json)
Hash identifier: PCPqvWiyUClqhfHjdzbt4n+1fKMiWS9WFF4Hh7faAkk=
Subject key identifier: 8F:59:5A:B3:5C:0C:39:1C:0D:AE:92:09:EC:ED:BD:32:02:7A:BE:6F
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01958B4D5275225A5D2100AB72D1402D3BCD
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/j1las1wMORwNrpIJ7O29MgJ6vm8.roa
Signing time: Wed 12 Mar 2025 17:00:55 +0000
ROA not before: Wed 12 Mar 2025 17:00:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 18:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:4d:52:75:22:5a:5d:21:00:ab:72:d1:40:2d:3b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Mar 12 17:00:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f595ab35c0c391c0dae9209ecedbd32027abe6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9c:7d:28:7c:9f:1c:75:9d:2b:9c:ce:93:f2:
a9:2e:f6:37:e4:a0:e7:42:7d:6e:37:c9:93:fe:15:
cd:ca:7b:84:f0:2f:e0:a3:cb:04:8b:8f:cc:88:ff:
f7:b3:4b:1b:a6:8f:ed:70:97:d8:75:77:54:e2:19:
78:41:c4:9c:78:87:a1:d3:6a:fb:78:b3:80:c6:a8:
f0:02:fc:93:81:0b:f7:9d:ea:75:06:b3:e3:6e:0e:
0a:4b:67:19:c6:da:5d:38:06:c8:99:0c:5b:fb:fc:
fe:8c:74:a4:ed:9f:e7:62:ae:cd:9f:90:22:59:ab:
e9:de:4d:8d:7d:16:c9:db:f1:9a:17:01:25:46:c4:
10:aa:c9:50:23:6e:97:41:c8:b0:0a:80:34:0b:56:
12:74:72:bf:07:85:7a:13:1f:af:1d:4b:ac:e6:de:
42:0a:fa:a7:df:74:2e:db:8d:7b:5b:c6:c5:78:8f:
6e:ea:e9:8d:6f:6f:48:ec:1a:71:2b:28:91:bb:ce:
ab:cd:74:26:6a:49:91:70:f3:de:b4:38:67:20:5c:
e2:a7:7f:e2:c9:cb:78:9f:0c:32:5b:7c:8e:d9:80:
cf:43:d3:66:3f:6c:d6:55:da:66:63:3b:87:d5:e7:
88:f3:f2:4a:d3:14:08:34:10:fc:fc:79:8a:56:27:
9d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:59:5A:B3:5C:0C:39:1C:0D:AE:92:09:EC:ED:BD:32:02:7A:BE:6F
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/j1las1wMORwNrpIJ7O29MgJ6vm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.163.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:90:7e:cc:80:b3:e6:12:85:a4:e0:56:67:c8:e0:60:69:d5:
4d:b3:ea:86:05:59:6d:d2:fd:f8:e7:83:8d:a3:d8:b6:cc:bb:
58:77:73:18:6f:40:36:8c:06:8a:bd:5b:94:5c:de:79:57:7f:
61:fd:3d:db:9a:7b:fe:cc:cb:f7:ef:67:74:6a:49:c1:00:c9:
61:7e:95:5f:85:9f:cc:47:bf:99:90:47:e3:18:98:9c:42:8d:
43:6b:07:35:3b:83:7e:ce:bb:9a:b9:2c:bd:b7:e0:13:4c:43:
bf:a6:db:e2:da:8d:b9:2d:98:54:da:09:58:2e:ef:04:e2:c7:
b6:e2:aa:09:bd:ac:b2:a8:e9:40:cf:b5:53:35:27:1f:47:3a:
09:c9:95:e9:c0:3f:e1:b1:c4:00:22:37:fd:a6:90:a9:47:3e:
af:cc:6b:62:45:60:f3:36:01:c7:7e:7b:df:b2:39:a4:7e:0a:
ac:ad:3c:87:3b:cc:5e:60:c9:a3:f3:07:8c:12:5b:7c:50:23:
25:fa:db:4d:f3:8c:79:c6:24:8e:49:42:fe:2d:f0:2f:04:c5:
62:4a:60:0f:0a:59:62:df:7f:3b:b3:f1:99:c8:d9:7f:0d:ce:
75:de:e6:92:d4:c7:08:96:45:83:da:28:44:72:67:21:d6:b7:
83:91:cf:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWLTVJ1IlpdIQCrctFALTvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMzEyMTcwMDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU5NWFiMzVjMGMzOTFjMGRhZTkyMDllY2VkYmQzMjAyN2FiZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupx9KHyfHHWdK5zOk/KpLvY35KDn
Qn1uN8mT/hXNynuE8C/go8sEi4/MiP/3s0sbpo/tcJfYdXdU4hl4QcSceIeh02r7
eLOAxqjwAvyTgQv3nep1BrPjbg4KS2cZxtpdOAbImQxb+/z+jHSk7Z/nYq7Nn5Ai
Wavp3k2NfRbJ2/GaFwElRsQQqslQI26XQciwCoA0C1YSdHK/B4V6Ex+vHUus5t5C
Cvqn33Qu2417W8bFeI9u6umNb29I7BpxKyiRu86rzXQmakmRcPPetDhnIFzip3/i
yct4nwwyW3yO2YDPQ9NmP2zWVdpmYzuH1eeI8/JK0xQINBD8/HmKViedlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI9ZWrNcDDkcDa6SCeztvTICer5vMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvajFsYXMxd01PUndOcnBJSjdPMjlNZ0o2dm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQAwSSjMA0GCSqGSIb3DQEBCwUAA4IBAQA6kH7MgLPmEoWk4FZn
yOBgadVNs+qGBVlt0v3454ONo9i2zLtYd3MYb0A2jAaKvVuUXN55V39h/T3bmnv+
zMv372d0aknBAMlhfpVfhZ/MR7+ZkEfjGJicQo1Dawc1O4N+zruauSy9t+ATTEO/
ptvi2o25LZhU2glYLu8E4se24qoJvayyqOlAz7VTNScfRzoJyZXpwD/hscQAIjf9
ppCpRz6vzGtiRWDzNgHHfnvfsjmkfgqsrTyHO8xeYMmj8weMElt8UCMl+ttN84x5
xiSOSUL+LfAvBMViSmAPClli3387s/GZyNl/Dc513uaS1McIlkWD2ihEcmch1reD
kc9H
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:15:34 2025 by rpki-client