Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/u8OOzQx5GM2T4LqiZGww8nCXZbs.roa
File: u8OOzQx5GM2T4LqiZGww8nCXZbs.roa (raw, json)
Hash identifier: EH6LxZ8VZkfnaCBD7pH+whr67esaxutpxXx+z7D6Lec=
Subject key identifier: BB:C3:8E:CD:0C:79:18:CD:93:E0:BA:A2:64:6C:30:F2:70:97:65:BB
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019565B02F75E1DF0797823D7B7739B157C8
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/u8OOzQx5GM2T4LqiZGww8nCXZbs.roa
Signing time: Wed 05 Mar 2025 09:43:20 +0000
ROA not before: Wed 05 Mar 2025 09:43:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.8.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 11:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:b0:2f:75:e1:df:07:97:82:3d:7b:77:39:b1:57:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 5 09:43:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbc38ecd0c7918cd93e0baa2646c30f2709765bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b3:41:64:a9:bb:9d:ee:a0:f4:39:b1:1f:d1:
2a:b7:3e:ab:3e:fb:b7:34:6f:f5:2c:3b:63:62:9f:
08:b0:5d:ab:ea:ed:77:58:35:f4:08:e3:f3:77:d2:
c7:18:7e:c4:3b:aa:b1:4c:be:dd:48:98:09:28:bc:
49:79:48:32:64:81:2c:d5:15:90:88:e8:f4:b9:1d:
ae:c1:80:2e:d5:73:ad:52:11:0f:b1:22:a4:5c:db:
e1:ea:f2:ed:f0:35:c0:0b:ab:e9:b7:fc:3f:5f:8f:
cc:e5:d9:7d:dd:19:b6:fb:f8:d5:15:9f:93:bd:d6:
20:81:96:99:ad:27:f5:17:a7:48:ee:82:33:0c:04:
f2:8b:44:5d:71:40:cb:39:19:4e:d1:19:a2:13:b3:
8d:84:4b:94:2d:05:25:39:df:ed:fe:a6:6d:df:36:
fa:5f:ee:00:25:6c:6d:44:1b:e2:89:5d:09:5a:a5:
da:29:ae:55:ef:a8:69:1e:f2:b0:bc:e7:3d:86:ec:
bb:7e:ab:a7:b5:fe:92:40:84:67:98:48:79:e5:b9:
a3:8d:24:85:ec:65:f5:ae:58:b0:cf:41:7a:cb:f7:
b7:ed:55:aa:cc:66:a5:e7:f1:f8:18:95:14:5e:0a:
82:aa:83:e6:38:cf:08:7d:33:f8:78:3f:76:7f:cf:
4c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C3:8E:CD:0C:79:18:CD:93:E0:BA:A2:64:6C:30:F2:70:97:65:BB
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/u8OOzQx5GM2T4LqiZGww8nCXZbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:7d:ec:56:28:f1:13:c5:96:dd:4f:40:07:f1:46:b5:4a:05:
a3:52:fd:54:fa:54:54:8b:6d:56:ab:28:97:2b:89:56:66:ef:
1c:08:4d:fb:68:c2:9b:1a:a0:9d:17:ea:7c:46:c3:39:f9:94:
8b:f2:7d:02:f3:a6:e8:66:ba:fd:1c:76:c9:b4:d6:f9:c3:7a:
c5:e7:62:29:3e:0c:a6:ee:07:ec:2d:f3:62:b1:aa:43:b2:30:
b3:5b:d4:18:30:9c:00:a6:44:a2:ee:9b:6c:8c:fc:2e:6c:36:
ea:02:06:ff:36:5a:e4:25:1d:52:1f:c7:f0:98:ac:2b:40:1b:
f9:a7:8f:65:cd:5e:85:2c:11:5c:30:e6:83:94:5e:f7:91:98:
81:5d:22:04:b0:4e:f6:da:03:ff:e2:7d:ff:07:5f:05:1d:5a:
b5:46:23:11:bb:a0:8c:a8:55:13:20:75:7c:ad:35:c3:d1:67:
71:f2:48:b3:bd:5b:c8:c7:93:33:08:a4:1e:e9:5e:4a:83:ff:
f1:34:9a:41:91:d8:bb:12:d1:c2:b1:d3:ec:6d:ba:dc:9d:f0:
fd:b4:93:9d:45:85:29:15:2e:ed:5d:16:32:b1:09:e5:74:1e:
c9:f8:5c:c0:a6:2b:9f:4c:7c:7c:6e:99:7d:29:32:3e:6e:d9:
69:8d:18:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVlsC914d8Hl4I9e3c5sVfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMzA1MDk0MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmMzOGVjZDBjNzkxOGNkOTNlMGJhYTI2NDZjMzBmMjcwOTc2NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbNBZKm7ne6g9DmxH9Eqtz6rPvu3
NG/1LDtjYp8IsF2r6u13WDX0COPzd9LHGH7EO6qxTL7dSJgJKLxJeUgyZIEs1RWQ
iOj0uR2uwYAu1XOtUhEPsSKkXNvh6vLt8DXAC6vpt/w/X4/M5dl93Rm2+/jVFZ+T
vdYggZaZrSf1F6dI7oIzDATyi0RdcUDLORlO0RmiE7ONhEuULQUlOd/t/qZt3zb6
X+4AJWxtRBviiV0JWqXaKa5V76hpHvKwvOc9huy7fquntf6SQIRnmEh55bmjjSSF
7GX1rliwz0F6y/e37VWqzGal5/H4GJUUXgqCqoPmOM8IfTP4eD92f89MKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvDjs0MeRjNk+C6omRsMPJwl2W7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdThPT3pReDVHTTJUNExxaVpHd3c4bkNYWmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQj8MA0G
CSqGSIb3DQEBCwUAA4IBAQC3fexWKPETxZbdT0AH8Ua1SgWjUv1U+lRUi21WqyiX
K4lWZu8cCE37aMKbGqCdF+p8RsM5+ZSL8n0C86boZrr9HHbJtNb5w3rF52IpPgym
7gfsLfNisapDsjCzW9QYMJwApkSi7ptsjPwubDbqAgb/NlrkJR1SH8fwmKwrQBv5
p49lzV6FLBFcMOaDlF73kZiBXSIEsE722gP/4n3/B18FHVq1RiMRu6CMqFUTIHV8
rTXD0Wdx8kizvVvIx5MzCKQe6V5Kg//xNJpBkdi7EtHCsdPsbbrcnfD9tJOdRYUp
FS7tXRYysQnldB7J+FzApiufTHx8bpl9KTI+btlpjRhy
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:04:08 2025 by rpki-client