Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/rkvsitQykXKWfMQUMHAH8woDt1A.roa
File: rkvsitQykXKWfMQUMHAH8woDt1A.roa (raw, json)
Hash identifier: iWqykwi40bf7XzbJFOBa963A+7tLw/chn1qH881CRfs=
Subject key identifier: AE:4B:EC:8A:D4:32:91:72:96:7C:C4:14:30:70:07:F3:0A:03:B7:50
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01974060D8B36FC969C5ADAB228A1A8535AA
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/rkvsitQykXKWfMQUMHAH8woDt1A.roa
Signing time: Thu 05 Jun 2025 13:56:18 +0000
ROA not before: Thu 05 Jun 2025 13:56:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.162.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 18:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:60:d8:b3:6f:c9:69:c5:ad:ab:22:8a:1a:85:35:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 5 13:56:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae4bec8ad4329172967cc414307007f30a03b750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:c0:01:c0:95:8e:a6:d2:40:f0:f3:93:5e:
02:dd:8e:97:08:34:d1:5b:41:53:36:fd:98:04:5b:
15:41:12:06:d5:21:4a:02:15:d7:f3:b7:d9:3b:fd:
c5:21:21:77:23:33:54:e4:e3:da:a9:c8:3d:00:b0:
fa:db:35:04:f7:7f:a3:96:76:b9:29:e2:65:3d:a4:
32:cf:7f:2f:13:18:94:56:aa:8e:cd:87:9a:1c:fc:
26:05:04:df:0e:81:d6:c3:5d:9e:f8:56:4f:8e:2a:
20:81:22:2f:d9:4c:1e:4f:13:6c:d3:a8:84:59:c2:
43:dc:1c:68:54:7f:d3:a3:44:db:f4:56:fd:d5:3e:
5a:ee:48:6a:34:ea:60:f0:61:c0:b1:aa:8a:9d:73:
bc:3f:b3:8c:5c:e3:f6:b8:d2:a9:8c:ed:d2:ad:c5:
9d:30:53:03:f1:c0:db:0a:5a:06:86:14:c8:bb:c6:
c2:e8:9a:93:5a:35:a9:00:65:17:c0:63:cd:bf:a7:
d6:f2:a9:9d:0a:12:21:5e:9f:8d:e6:c6:d8:09:a2:
98:f6:df:69:9b:4a:bc:04:e9:a8:55:7d:37:25:62:
9a:45:72:3c:6c:e4:09:2e:78:1c:d5:bd:27:9d:74:
e8:bb:2b:c5:4d:63:eb:6a:8e:5a:50:17:24:bc:17:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4B:EC:8A:D4:32:91:72:96:7C:C4:14:30:70:07:F3:0A:03:B7:50
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/rkvsitQykXKWfMQUMHAH8woDt1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.162.0/23
Signature Algorithm: sha256WithRSAEncryption
25:16:05:b3:35:50:e8:93:81:8f:21:52:6f:03:5e:36:da:2b:
f7:1a:75:1a:5b:32:88:62:0c:fe:3c:f4:da:34:60:7b:81:8f:
06:05:ef:17:c0:7b:fb:2c:33:b5:84:31:2b:a0:35:f7:48:7e:
7d:c4:2c:f1:a2:1c:d2:40:4b:77:4b:2b:2f:79:0d:c8:2b:35:
a8:0d:43:2a:8f:8f:40:3c:30:a9:f3:e7:7c:c1:3f:86:d9:76:
bf:93:b7:d7:74:b0:4a:fb:ac:60:1d:1f:1a:b8:7c:6f:57:bf:
63:80:48:72:f5:50:46:27:fb:65:6d:95:ed:28:81:ad:dd:2d:
dd:a4:a2:f1:52:38:73:a4:21:f1:21:7d:c1:0a:b4:27:d7:a4:
ce:68:fa:05:e6:97:a7:ff:c7:6e:5f:67:00:e4:f4:41:42:fd:
e5:8d:58:71:67:35:89:04:19:de:4b:c9:a3:4c:08:aa:c4:17:
14:84:18:94:cd:52:20:1b:21:c7:7f:50:de:60:1c:6d:ba:b1:
d5:8b:2f:76:0d:7f:77:c6:87:58:9d:f1:59:f9:e8:10:20:9a:
e1:da:3d:91:f7:c1:c4:50:69:bd:23:67:de:53:95:7f:70:81:
0e:ff:f0:1a:49:9c:fc:29:7b:33:8f:f2:2c:6d:bc:dc:53:cd:
19:1c:b7:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdAYNizb8lpxa2rIooahTWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwNjA1MTM1NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTRiZWM4YWQ0MzI5MTcyOTY3Y2M0MTQzMDcwMDdmMzBhMDNiNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylXAAcCVjqbSQPDzk14C3Y6XCDTR
W0FTNv2YBFsVQRIG1SFKAhXX87fZO/3FISF3IzNU5OPaqcg9ALD62zUE93+jlna5
KeJlPaQyz38vExiUVqqOzYeaHPwmBQTfDoHWw12e+FZPjioggSIv2UweTxNs06iE
WcJD3BxoVH/To0Tb9Fb91T5a7khqNOpg8GHAsaqKnXO8P7OMXOP2uNKpjO3SrcWd
MFMD8cDbCloGhhTIu8bC6JqTWjWpAGUXwGPNv6fW8qmdChIhXp+N5sbYCaKY9t9p
m0q8BOmoVX03JWKaRXI8bOQJLngc1b0nnXTouyvFTWPrao5aUBckvBeCFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK5L7IrUMpFylnzEFDBwB/MKA7dQMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvcmt2c2l0UXlrWEtXZk1RVU1IQUg4d29EdDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQBwSSiMA0GCSqGSIb3DQEBCwUAA4IBAQAlFgWzNVDok4GPIVJv
A1422iv3GnUaWzKIYgz+PPTaNGB7gY8GBe8XwHv7LDO1hDEroDX3SH59xCzxohzS
QEt3SysveQ3IKzWoDUMqj49APDCp8+d8wT+G2Xa/k7fXdLBK+6xgHR8auHxvV79j
gEhy9VBGJ/tlbZXtKIGt3S3dpKLxUjhzpCHxIX3BCrQn16TOaPoF5pen/8duX2cA
5PRBQv3ljVhxZzWJBBneS8mjTAiqxBcUhBiUzVIgGyHHf1DeYBxturHViy92DX93
xodYnfFZ+egQIJrh2j2R98HEUGm9I2feU5V/cIEO//AaSZz8KXszj/IsbbzcU80Z
HLdC
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:15:49 2025 by rpki-client