Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/pZgzIuXiP1TEArf8cD2kDynv0VM.roa
File: pZgzIuXiP1TEArf8cD2kDynv0VM.roa (raw, json)
Hash identifier: /vjUVpEYZpm/NeruCACLjKuLztO662+ZS+DD1AWK+j0=
Subject key identifier: A5:98:33:22:E5:E2:3F:54:C4:02:B7:FC:70:3D:A4:0F:29:EF:D1:53
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0196BE806FFCB28421D4B31C0BC1D1D6702E
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/pZgzIuXiP1TEArf8cD2kDynv0VM.roa
Signing time: Sun 11 May 2025 08:40:10 +0000
ROA not before: Sun 11 May 2025 08:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.152.164.0/24 maxlen: 24
45.152.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:80:6f:fc:b2:84:21:d4:b3:1c:0b:c1:d1:d6:70:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: May 11 08:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5983322e5e23f54c402b7fc703da40f29efd153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d4:b7:47:ee:f0:3f:a6:cb:5b:78:c8:11:1b:
e5:4e:53:5c:96:1f:b1:da:de:b1:12:17:7c:55:10:
9d:f2:8c:cb:cc:e8:5c:75:34:b7:79:6a:75:9c:ce:
2e:73:46:73:a8:17:05:2b:88:2b:08:d5:f4:f2:59:
ae:f9:7d:3a:49:ca:ac:95:2f:76:61:dd:e3:4e:25:
c0:b8:4b:53:ba:b1:f7:0a:b4:2d:b2:b3:71:fe:19:
a6:37:7e:e7:38:58:e7:3c:2b:27:b7:93:4a:c0:d1:
57:2b:26:12:8d:a3:9b:8d:93:ea:bf:70:af:04:53:
56:50:ad:f7:f7:30:fc:f4:ff:cf:1a:5b:ca:6e:f2:
19:8c:a1:ac:07:07:22:c4:96:d4:ff:7a:5c:73:da:
53:5b:e7:61:a1:f0:bd:ad:50:68:dc:3c:01:9c:18:
d9:44:39:e0:eb:f4:70:c5:df:47:09:de:c9:b5:04:
53:45:39:ba:3d:24:8c:29:94:dd:ec:ba:e5:a8:5a:
d9:d2:e5:2a:c3:ed:a0:6b:11:a9:6f:50:ee:ab:e8:
2b:c8:46:49:75:b3:85:94:42:97:31:05:0b:84:1e:
05:92:62:70:9c:86:c4:95:6e:93:ca:da:42:6e:a0:
a5:a7:1c:a0:ea:06:bd:cc:28:c1:83:8e:10:7a:6a:
c3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:98:33:22:E5:E2:3F:54:C4:02:B7:FC:70:3D:A4:0F:29:EF:D1:53
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/pZgzIuXiP1TEArf8cD2kDynv0VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.164.0/24
45.152.166.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a4:ce:d7:41:86:a7:9d:84:58:b3:3c:62:b7:80:81:df:f5:
87:60:c6:f4:d3:99:50:d5:f3:0a:49:95:cb:51:ff:4b:d5:63:
f3:9f:7f:d1:bd:a5:e2:33:f3:b0:d2:9f:a2:ce:0f:ff:a5:b7:
3e:1a:b8:9b:c2:37:94:93:a9:5e:e5:b8:8c:fb:2a:16:20:9a:
2a:3c:73:8d:7a:f1:21:7d:05:a1:08:f3:39:7a:df:d8:ef:cd:
2a:67:e4:07:22:02:d2:ad:8c:f3:3f:68:81:bb:91:be:49:23:
a7:1e:e8:78:9b:72:ff:76:bb:93:e4:dd:c6:21:65:65:00:3e:
d0:1b:d4:07:f6:0b:14:aa:f2:f5:b3:c6:16:01:e3:b0:ff:54:
10:81:7d:3f:1c:58:8d:9f:e5:c8:a2:88:b7:24:eb:7c:2a:b1:
7d:0b:5e:bd:11:2a:7b:47:0f:0d:e9:21:53:92:be:24:e1:87:
62:59:26:97:76:b5:f7:9b:98:8a:fb:c3:ef:27:5c:97:de:2a:
49:fa:43:91:f7:be:38:99:ab:aa:48:b0:a0:bd:3e:44:cf:ab:
d6:7b:f4:77:35:7f:fe:03:3b:02:cc:25:a3:2c:12:7c:99:18:
00:7b:6a:da:c0:d9:72:14:eb:e3:14:a2:20:d4:b3:bf:56:5c:
21:a0:9f:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZa+gG/8soQh1LMcC8HR1nAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNTExMDg0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk4MzMyMmU1ZTIzZjU0YzQwMmI3ZmM3MDNkYTQwZjI5ZWZkMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNS3R+7wP6bLW3jIERvlTlNclh+x
2t6xEhd8VRCd8ozLzOhcdTS3eWp1nM4uc0ZzqBcFK4grCNX08lmu+X06ScqslS92
Yd3jTiXAuEtTurH3CrQtsrNx/hmmN37nOFjnPCsnt5NKwNFXKyYSjaObjZPqv3Cv
BFNWUK339zD89P/PGlvKbvIZjKGsBwcixJbU/3pcc9pTW+dhofC9rVBo3DwBnBjZ
RDng6/Rwxd9HCd7JtQRTRTm6PSSMKZTd7LrlqFrZ0uUqw+2gaxGpb1Duq+gryEZJ
dbOFlEKXMQULhB4FkmJwnIbElW6TytpCbqClpxyg6ga9zCjBg44QemrDqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKWYMyLl4j9UxAK3/HA9pA8p79FTMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvcFpnekl1WGlQMVRFQXJmOGNEMmtEeW52MFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZikAwQA
LZimMA0GCSqGSIb3DQEBCwUAA4IBAQBapM7XQYannYRYszxit4CB3/WHYMb005lQ
1fMKSZXLUf9L1WPzn3/RvaXiM/Ow0p+izg//pbc+GribwjeUk6le5biM+yoWIJoq
PHONevEhfQWhCPM5et/Y780qZ+QHIgLSrYzzP2iBu5G+SSOnHuh4m3L/druT5N3G
IWVlAD7QG9QH9gsUqvL1s8YWAeOw/1QQgX0/HFiNn+XIooi3JOt8KrF9C169ESp7
Rw8N6SFTkr4k4YdiWSaXdrX3m5iK+8PvJ1yX3ipJ+kOR9744mauqSLCgvT5Ez6vW
e/R3NX/+AzsCzCWjLBJ8mRgAe2rawNlyFOvjFKIg1LO/VlwhoJ8I
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:12:56 2025 by rpki-client