Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/4LI2zrgrdGwvYCySNuZVf-zZK78.roa
File: 4LI2zrgrdGwvYCySNuZVf-zZK78.roa (raw, json)
Hash identifier: gqquZFvV0T7fOyxBb/TklSu1PTh8c7spP6T7LA3aql0=
Subject key identifier: E0:B2:36:CE:B8:2B:74:6C:2F:60:2C:92:36:E6:55:7F:EC:D9:2B:BF
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 01973B98C9305684D22E7FBC759418EA2EE0
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/4LI2zrgrdGwvYCySNuZVf-zZK78.roa
Signing time: Wed 04 Jun 2025 15:39:18 +0000
ROA not before: Wed 04 Jun 2025 15:39:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213640
IP address blocks: 45.155.126.0/24 maxlen: 24
91.213.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jun 2025 20:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:98:c9:30:56:84:d2:2e:7f:bc:75:94:18:ea:2e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Jun 4 15:39:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0b236ceb82b746c2f602c9236e6557fecd92bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ca:38:96:28:79:20:bd:31:4d:df:62:8a:b5:
85:2b:c7:34:4a:36:59:f0:fa:07:60:d7:11:58:df:
f1:03:51:ca:2c:b1:1f:b1:d8:df:ff:02:58:35:62:
22:29:b4:23:75:07:2e:a6:38:fe:11:d8:ea:71:ab:
69:76:01:28:fc:35:eb:eb:59:47:0a:d2:54:fe:ec:
82:ad:ab:29:41:5c:24:22:5b:c4:99:3d:bc:51:28:
df:23:23:d2:e5:7e:63:2d:91:c0:3f:0f:95:78:c3:
df:6f:a9:36:ea:20:fc:18:43:a0:25:03:14:18:4f:
ce:7d:77:04:46:9d:ec:da:7b:c8:42:76:ca:82:72:
40:ad:57:38:7e:48:ed:ca:b1:90:c7:62:4f:9f:ba:
3b:9a:29:69:8e:fa:05:e2:bf:64:64:67:5a:f2:c3:
5f:fb:28:9c:b7:e4:1a:67:f6:7e:52:51:35:c9:10:
9a:48:3c:57:33:b2:ec:23:34:63:83:9e:ab:fd:d5:
ab:89:2e:73:99:3a:bf:2d:f1:05:18:d6:93:89:c1:
ed:da:5c:21:14:95:4e:d0:01:45:30:9a:87:13:87:
3b:8d:8d:2a:23:30:ba:8f:9c:10:2d:ef:f8:8e:c6:
a1:cc:32:bf:ce:25:40:2a:cc:53:15:19:78:82:7c:
f1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B2:36:CE:B8:2B:74:6C:2F:60:2C:92:36:E6:55:7F:EC:D9:2B:BF
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/4LI2zrgrdGwvYCySNuZVf-zZK78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.126.0/24
91.213.182.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:03:50:a8:23:b0:50:4e:35:38:af:2f:b6:b0:f2:7f:80:d5:
53:ac:1d:d4:5f:03:a1:67:4c:e3:6a:52:7f:8d:5d:12:3e:d2:
e1:c6:7b:e9:66:45:e6:df:7d:00:c4:cd:f0:dd:99:83:50:4f:
8a:21:b7:69:1e:65:2f:78:ec:69:1b:89:01:2a:de:da:a3:5f:
ac:af:ca:2c:17:8c:a0:0b:d3:66:77:08:aa:e6:04:66:70:ee:
2a:14:55:52:ca:96:5a:9e:fe:a0:2b:82:4a:3c:a0:b7:b2:73:
63:6d:92:14:3f:f5:72:15:22:f4:a3:c2:88:6c:4e:49:0c:34:
9a:5e:2c:ea:50:67:64:95:fe:56:10:4a:d3:d4:96:32:d4:b3:
68:73:5a:10:0b:d7:1c:c0:f3:19:97:4a:ef:db:b5:6c:8e:13:
58:1c:c5:ee:cf:c9:2f:7c:91:f3:42:e7:a1:a5:e6:72:c0:24:
f5:86:a0:27:3a:cf:19:bd:d4:17:4d:e8:46:5f:4f:1c:8f:aa:
82:08:93:d4:aa:01:4a:28:ca:23:6e:77:78:d1:5c:a9:35:16:
f9:73:33:db:7f:0d:6f:53:0a:cf:6b:a3:4d:4d:62:f0:29:11:
8a:d5:c0:a9:ea:05:83:20:b1:9a:68:08:4b:7d:4b:67:1e:f5:
a5:5a:04:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc7mMkwVoTSLn+8dZQY6i7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwNjA0MTUzOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGIyMzZjZWI4MmI3NDZjMmY2MDJjOTIzNmU2NTU3ZmVjZDkyYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Mo4lih5IL0xTd9iirWFK8c0SjZZ
8PoHYNcRWN/xA1HKLLEfsdjf/wJYNWIiKbQjdQcupjj+EdjqcatpdgEo/DXr61lH
CtJU/uyCraspQVwkIlvEmT28USjfIyPS5X5jLZHAPw+VeMPfb6k26iD8GEOgJQMU
GE/OfXcERp3s2nvIQnbKgnJArVc4fkjtyrGQx2JPn7o7milpjvoF4r9kZGda8sNf
+yict+QaZ/Z+UlE1yRCaSDxXM7LsIzRjg56r/dWriS5zmTq/LfEFGNaTicHt2lwh
FJVO0AFFMJqHE4c7jY0qIzC6j5wQLe/4jsahzDK/ziVAKsxTFRl4gnzxrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOCyNs64K3RsL2AskjbmVX/s2Su/MB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvNExJMnpyZ3JkR3d2WUN5U051WlZmLXpaSzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZt+AwQA
W9W2MA0GCSqGSIb3DQEBCwUAA4IBAQCrA1CoI7BQTjU4ry+2sPJ/gNVTrB3UXwOh
Z0zjalJ/jV0SPtLhxnvpZkXm330AxM3w3ZmDUE+KIbdpHmUveOxpG4kBKt7ao1+s
r8osF4ygC9Nmdwiq5gRmcO4qFFVSypZanv6gK4JKPKC3snNjbZIUP/VyFSL0o8KI
bE5JDDSaXizqUGdklf5WEErT1JYy1LNoc1oQC9ccwPMZl0rv27VsjhNYHMXuz8kv
fJHzQuehpeZywCT1hqAnOs8ZvdQXTehGX08cj6qCCJPUqgFKKMojbnd40VypNRb5
czPbfw1vUwrPa6NNTWLwKRGK1cCp6gWDILGaaAhLfUtnHvWlWgTI
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:47:32 2025 by rpki-client