Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/ufv3lVEbNE5UWRkmGx3BQDZxFEw.roa
File: ufv3lVEbNE5UWRkmGx3BQDZxFEw.roa (raw, json)
Hash identifier: CDZkP9lIRnvNR/m2/fPOKCr5sHE/r8Yt+zOz71WxBPo=
Subject key identifier: B9:FB:F7:95:51:1B:34:4E:54:59:19:26:1B:1D:C1:40:36:71:14:4C
Certificate issuer: /CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Certificate serial: 018CC4251084D350BFBA823BF525676F2EB0
Authority key identifier: 4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/ufv3lVEbNE5UWRkmGx3BQDZxFEw.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202208
IP address blocks: 45.154.224.0/23 maxlen: 23
45.154.224.0/22 maxlen: 22
45.154.226.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:10:84:d3:50:bf:ba:82:3b:f5:25:67:6f:2e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9fbf795511b344e545919261b1dc1403671144c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9d:7c:ec:65:40:a3:06:0c:79:6e:54:84:14:
7d:1a:68:ab:4f:bc:25:e9:cc:60:12:5d:8e:4d:c7:
1f:ce:ab:d7:45:d1:84:aa:41:c3:58:27:49:43:a0:
31:ab:ab:ad:92:44:83:01:3e:71:24:08:84:f7:d2:
2c:81:b3:bd:7c:dc:67:8b:5d:fb:7e:b1:da:f2:e4:
61:71:ed:0c:65:8a:2e:51:65:63:82:7a:fa:57:01:
72:59:ae:2f:c9:11:a7:72:63:64:4d:ae:25:83:79:
20:13:b7:38:aa:cc:b1:c4:ea:80:18:70:bc:83:a5:
7b:7c:d0:0b:70:a9:95:96:30:cb:ae:44:04:38:fe:
38:d5:00:98:b6:52:cf:51:2f:22:9c:20:1b:f7:80:
62:10:74:e8:68:45:be:8a:46:3d:c3:af:f1:ca:01:
2d:47:90:3d:88:57:2e:9b:12:20:3b:f5:c1:c5:83:
c4:2a:21:e7:23:30:b2:4b:7a:7c:b3:b9:42:9b:08:
e8:ef:d1:bb:2f:58:f7:da:40:bc:d1:c7:a1:ed:39:
06:62:9e:44:9a:72:6b:44:ab:27:8e:26:b5:38:92:
7b:69:b8:68:2b:a7:3f:91:de:bc:ab:bd:59:0d:00:
f0:fc:44:3a:15:bb:d8:56:95:7a:29:27:d0:c7:aa:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FB:F7:95:51:1B:34:4E:54:59:19:26:1B:1D:C1:40:36:71:14:4C
X509v3 Authority Key Identifier:
keyid:4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/ufv3lVEbNE5UWRkmGx3BQDZxFEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/TcvvBq0F_W5ufnsQhMsdfWXmQm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.224.0/22
Signature Algorithm: sha256WithRSAEncryption
01:02:7e:16:59:f3:3f:33:8b:36:2f:6d:50:bf:3e:82:b4:27:
69:8a:fa:72:3a:f8:1e:4c:ea:8d:b0:80:6e:f2:12:3c:97:39:
08:88:8c:9a:c5:49:93:02:ba:0a:ee:4c:27:b0:06:f6:55:c4:
47:d3:2e:a6:94:df:78:10:16:7d:12:c0:23:c3:66:17:9c:2d:
f1:38:ae:da:49:5a:7a:0b:a9:1c:5a:89:8d:ad:f6:f3:46:1c:
19:da:cf:be:1b:83:b3:82:ba:34:ee:6f:aa:71:2b:17:ca:47:
e0:08:a1:54:f6:0d:0e:78:76:82:b8:8b:1f:aa:b5:e9:08:8b:
82:97:40:0d:c0:77:2c:80:4b:24:71:55:14:8e:90:a3:55:12:
6e:ec:09:cd:98:ea:47:b0:4d:f1:9a:ad:e6:9b:c3:50:2c:62:
81:d6:ef:d6:07:9c:c7:23:d6:cc:87:54:02:c9:e3:28:db:82:
cd:ec:aa:d6:d4:33:93:5a:94:2c:4a:96:ed:91:16:00:a5:fb:
5d:22:f4:1c:ae:38:71:61:5e:17:7d:38:1f:eb:eb:1d:b4:8d:
8f:42:c3:e2:ad:0f:bc:0d:0f:fa:a9:19:a0:92:00:fa:95:66:
ec:37:eb:87:05:39:db:52:91:c3:0b:c5:58:cf:13:b0:3d:23:
1f:5c:ae:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJRCE01C/uoI79SVnby6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkY2JlZjA2YWQwNWZkNmU2ZTdlN2IxMDg0Y2IxZDdkNjVl
NjQyNmYwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZiZjc5NTUxMWIzNDRlNTQ1OTE5MjYxYjFkYzE0MDM2NzExNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5187GVAowYMeW5UhBR9GmirT7wl
6cxgEl2OTccfzqvXRdGEqkHDWCdJQ6Axq6utkkSDAT5xJAiE99IsgbO9fNxni137
frHa8uRhce0MZYouUWVjgnr6VwFyWa4vyRGncmNkTa4lg3kgE7c4qsyxxOqAGHC8
g6V7fNALcKmVljDLrkQEOP441QCYtlLPUS8inCAb94BiEHToaEW+ikY9w6/xygEt
R5A9iFcumxIgO/XBxYPEKiHnIzCyS3p8s7lCmwjo79G7L1j32kC80ceh7TkGYp5E
mnJrRKsnjia1OJJ7abhoK6c/kd68q71ZDQDw/EQ6FbvYVpV6KSfQx6o4yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn795VRGzROVFkZJhsdwUA2cRRMMB8GA1UdIwQY
MBaAFE3L7watBf1ubn57EITLHX1l5kJvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGN2dkJxMEZfVzV1Zm5zUWhNc2RmV1htUW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yYTZlYWEtZTQzNy00M2JjLTk3MmUt
M2UzYmZhYTE5MGRmLzEvdWZ2M2xWRWJORTVVV1JrbUd4M0JRRFp4RkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yYTZlYWEtZTQzNy00M2JjLTk3MmUtM2UzYmZhYTE5MGRm
LzEvVGN2dkJxMEZfVzV1Zm5zUWhNc2RmV1htUW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZrgMA0G
CSqGSIb3DQEBCwUAA4IBAQABAn4WWfM/M4s2L21Qvz6CtCdpivpyOvgeTOqNsIBu
8hI8lzkIiIyaxUmTAroK7kwnsAb2VcRH0y6mlN94EBZ9EsAjw2YXnC3xOK7aSVp6
C6kcWomNrfbzRhwZ2s++G4Ozgro07m+qcSsXykfgCKFU9g0OeHaCuIsfqrXpCIuC
l0ANwHcsgEskcVUUjpCjVRJu7AnNmOpHsE3xmq3mm8NQLGKB1u/WB5zHI9bMh1QC
yeMo24LN7KrW1DOTWpQsSpbtkRYApftdIvQcrjhxYV4XfTgf6+sdtI2PQsPirQ+8
DQ/6qRmgkgD6lWbsN+uHBTnbUpHDC8VYzxOwPSMfXK6j
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:16:14 2025 by rpki-client