Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/24df72-fccc-48df-a5ae-1a64a8077b14/1/Hh4tnxCpCNzSOwyfzHGK_mB_r_g.roa
File: Hh4tnxCpCNzSOwyfzHGK_mB_r_g.roa (raw, json)
Hash identifier: lFcmoEOnLZjOmTb4Zx2DndqL+b+zyPrKdLhTwTcTAoI=
Subject key identifier: 1E:1E:2D:9F:10:A9:08:DC:D2:3B:0C:9F:CC:71:8A:FE:60:7F:AF:F8
Certificate issuer: /CN=49f80697fe2e2d97b591ad5b91580555a44d0388
Certificate serial: 0196DCBE22CBB1B8CEB888DA72F2E1C9E5A5
Authority key identifier: 49:F8:06:97:FE:2E:2D:97:B5:91:AD:5B:91:58:05:55:A4:4D:03:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfgGl_4uLZe1ka1bkVgFVaRNA4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/24df72-fccc-48df-a5ae-1a64a8077b14/1/Hh4tnxCpCNzSOwyfzHGK_mB_r_g.roa
Signing time: Sat 17 May 2025 05:36:10 +0000
ROA not before: Sat 17 May 2025 05:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216151
IP address blocks: 45.142.200.0/24 maxlen: 24
45.142.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 May 2025 08:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dc:be:22:cb:b1:b8:ce:b8:88:da:72:f2:e1:c9:e5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f80697fe2e2d97b591ad5b91580555a44d0388
Validity
Not Before: May 17 05:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e1e2d9f10a908dcd23b0c9fcc718afe607faff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:94:51:41:9f:c2:48:57:12:74:b7:75:d1:
a8:72:7d:bf:cf:38:74:33:09:77:79:55:5d:76:55:
02:e9:10:c7:c0:76:cc:78:bc:bc:dd:69:70:a7:8c:
15:72:37:a2:c2:d8:dc:7d:38:49:cd:da:37:0c:cd:
2b:68:13:74:e6:d9:b5:c9:58:57:0b:55:e9:ed:46:
4d:90:44:57:40:9e:10:2d:18:2e:e8:2c:24:2b:f8:
77:32:b4:27:83:a0:12:f5:e2:b4:cb:3b:5f:dc:40:
02:ed:9f:92:b7:b3:e7:81:66:16:b3:6a:08:4f:e9:
d7:e8:0d:30:b7:0f:4e:e9:8e:6d:26:89:1d:24:ff:
a5:55:19:20:09:29:f8:aa:bb:4e:5c:cd:ce:d5:1c:
4c:0d:ee:e0:0c:35:ec:67:98:49:61:cd:6f:e2:0e:
fc:8f:c8:10:39:10:42:23:d0:3d:3b:a1:63:90:b2:
5e:06:35:d5:17:f1:fc:66:c3:9b:31:1e:15:b0:4f:
e1:d9:e8:95:5d:09:99:3e:d2:be:61:6e:b1:fd:e5:
88:60:e9:0c:43:6c:aa:7a:02:5e:95:fc:90:a9:7a:
ca:75:53:f0:15:15:96:24:da:c7:81:68:ec:e7:83:
03:b9:14:77:02:15:b6:17:95:ba:81:da:0a:e9:be:
3a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1E:2D:9F:10:A9:08:DC:D2:3B:0C:9F:CC:71:8A:FE:60:7F:AF:F8
X509v3 Authority Key Identifier:
keyid:49:F8:06:97:FE:2E:2D:97:B5:91:AD:5B:91:58:05:55:A4:4D:03:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfgGl_4uLZe1ka1bkVgFVaRNA4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/24df72-fccc-48df-a5ae-1a64a8077b14/1/Hh4tnxCpCNzSOwyfzHGK_mB_r_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/24df72-fccc-48df-a5ae-1a64a8077b14/1/SfgGl_4uLZe1ka1bkVgFVaRNA4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.200.0/24
45.142.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:73:7e:15:b0:ae:d2:80:6d:77:d0:29:e9:80:ee:50:c9:68:
0d:a0:03:1d:ab:40:79:c3:e5:47:09:8f:d7:00:33:28:02:e9:
9d:4a:e3:f2:d9:5e:ce:a5:85:d1:39:66:7e:65:40:0d:67:ad:
d6:ff:6e:57:a0:6e:cb:36:fd:68:3d:7a:43:b4:5e:1e:42:ca:
b5:da:08:eb:c1:e8:2a:0c:2c:09:d9:48:30:75:f9:a1:b1:20:
a5:be:f2:a6:09:1e:3f:35:37:29:f7:ea:db:9b:6a:f6:fb:bc:
1e:af:d8:87:3e:ef:12:ed:4b:da:2c:e9:5a:30:cd:29:ef:9d:
0b:e8:3f:a0:cd:58:a9:6f:73:c0:83:5d:8c:ba:51:90:23:59:
25:a8:e5:39:b1:4e:de:cf:d2:96:f2:11:0f:66:f6:63:71:56:
a4:50:0b:bf:f1:eb:e9:60:27:45:c1:81:77:b2:7e:f5:d2:c7:
cc:12:05:5d:89:c4:5e:5a:5a:45:ba:59:2c:f4:ea:23:03:2e:
fd:28:6a:51:ca:df:fb:f5:a5:d2:9f:8d:f7:dd:06:f3:79:10:
fa:51:33:63:fb:0a:26:a0:c5:fc:dd:c7:51:99:1c:1f:aa:21:
b6:9c:74:1f:68:6b:08:27:9a:01:dc:88:da:ef:8c:43:24:4f:
b3:03:51:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbcviLLsbjOuIjacvLhyeWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjgwNjk3ZmUyZTJkOTdiNTkxYWQ1YjkxNTgwNTU1YTQ0
ZDAzODgwHhcNMjUwNTE3MDUzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTFlMmQ5ZjEwYTkwOGRjZDIzYjBjOWZjYzcxOGFmZTYwN2ZhZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7mUUUGfwkhXEnS3ddGocn2/zzh0
Mwl3eVVddlUC6RDHwHbMeLy83Wlwp4wVcjeiwtjcfThJzdo3DM0raBN05tm1yVhX
C1Xp7UZNkERXQJ4QLRgu6CwkK/h3MrQng6AS9eK0yztf3EAC7Z+St7PngWYWs2oI
T+nX6A0wtw9O6Y5tJokdJP+lVRkgCSn4qrtOXM3O1RxMDe7gDDXsZ5hJYc1v4g78
j8gQORBCI9A9O6FjkLJeBjXVF/H8ZsObMR4VsE/h2eiVXQmZPtK+YW6x/eWIYOkM
Q2yqegJelfyQqXrKdVPwFRWWJNrHgWjs54MDuRR3AhW2F5W6gdoK6b46cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4eLZ8QqQjc0jsMn8xxiv5gf6/4MB8GA1UdIwQY
MBaAFEn4Bpf+Li2XtZGtW5FYBVWkTQOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZnR2xfNHVMWmUxa2ExYmtWZ0ZWYVJOQTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yNGRmNzItZmNjYy00OGRmLWE1YWUt
MWE2NGE4MDc3YjE0LzEvSGg0dG54Q3BDTnpTT3d5ZnpIR0tfbUJfcl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yNGRmNzItZmNjYy00OGRmLWE1YWUtMWE2NGE4MDc3YjE0
LzEvU2ZnR2xfNHVMWmUxa2ExYmtWZ0ZWYVJOQTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY7IAwQA
LY7KMA0GCSqGSIb3DQEBCwUAA4IBAQBsc34VsK7SgG130CnpgO5QyWgNoAMdq0B5
w+VHCY/XADMoAumdSuPy2V7OpYXROWZ+ZUANZ63W/25XoG7LNv1oPXpDtF4eQsq1
2gjrwegqDCwJ2UgwdfmhsSClvvKmCR4/NTcp9+rbm2r2+7wer9iHPu8S7UvaLOla
MM0p750L6D+gzVipb3PAg12MulGQI1klqOU5sU7ez9KW8hEPZvZjcVakUAu/8evp
YCdFwYF3sn710sfMEgVdicReWlpFulks9OojAy79KGpRyt/79aXSn4333QbzeRD6
UTNj+womoMX83cdRmRwfqiG2nHQfaGsIJ5oB3Ija74xDJE+zA1EH
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:35:49 2025 by rpki-client