Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nC31Stk24z5fv98bSMzn3O_8FXk.roa
File: nC31Stk24z5fv98bSMzn3O_8FXk.roa (raw, json)
Hash identifier: DFnB62ylAzqGL3LoWE3WdoMcwiU9Pz1CZ299Lagz2EA=
Subject key identifier: 9C:2D:F5:4A:D9:36:E3:3E:5F:BF:DF:1B:48:CC:E7:DC:EF:FC:15:79
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194E5C28F64E4988FF4160A48180212F8C3
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nC31Stk24z5fv98bSMzn3O_8FXk.roa
Signing time: Sat 08 Feb 2025 13:32:00 +0000
ROA not before: Sat 08 Feb 2025 13:32:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 45.86.156.0/24 maxlen: 24
45.86.159.0/24 maxlen: 24
85.117.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 00:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:c2:8f:64:e4:98:8f:f4:16:0a:48:18:02:12:f8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Feb 8 13:32:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c2df54ad936e33e5fbfdf1b48cce7dceffc1579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:67:48:79:6e:1d:c6:21:5f:7d:8c:9b:42:
32:64:b3:66:79:9f:fd:19:11:bf:5c:b0:e4:99:2f:
d8:7d:42:7a:25:ef:c8:35:be:6e:3b:92:d5:48:a1:
ea:06:70:c7:65:40:56:f2:98:ab:f8:e8:5b:cd:09:
2a:2b:d2:ee:9a:3d:a7:dc:ab:cb:1f:79:7b:d2:04:
85:a0:ff:19:4b:24:12:25:74:26:c4:f2:27:ce:a9:
76:f6:06:02:f3:78:f1:f8:8c:2c:59:b6:4b:13:07:
ee:09:79:4d:7c:a0:bc:68:e0:60:60:08:23:4e:43:
8e:1a:e2:69:10:5a:df:a7:4e:5b:9a:85:bd:fb:b6:
c4:2e:98:fe:28:14:42:e2:9a:e2:6d:d8:ba:9b:81:
64:f1:30:1f:c8:81:a9:6b:c5:8c:42:50:5b:05:28:
83:95:b2:8f:e1:43:13:4b:34:d2:a2:e5:30:23:84:
ad:fa:e9:46:3a:c6:16:77:e6:83:e3:5a:94:cd:ae:
7d:6e:b4:22:cd:9b:13:dd:f0:4e:5d:52:ed:47:45:
3c:95:29:ea:0f:00:40:d4:3b:80:5f:31:75:0d:1f:
9e:25:7c:03:63:76:32:bc:86:f1:55:16:c1:35:f8:
ba:ab:85:42:37:05:0b:0e:3f:3f:3d:f8:de:ee:bc:
af:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2D:F5:4A:D9:36:E3:3E:5F:BF:DF:1B:48:CC:E7:DC:EF:FC:15:79
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nC31Stk24z5fv98bSMzn3O_8FXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/24
45.86.159.0/24
85.117.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7e:02:ac:60:cc:98:a4:23:f8:4d:39:6e:66:5e:b7:2e:01:
c3:89:61:70:fd:a7:f1:3d:07:3a:35:fa:36:09:0f:70:a2:ff:
a4:5d:60:9f:63:96:6c:5e:01:ae:3a:18:86:03:c5:76:fd:7c:
31:b8:67:fc:94:f9:7e:36:a0:8f:96:16:cb:ce:7f:c9:0e:c4:
fa:a1:69:16:54:e6:4c:86:75:29:20:4d:19:4d:97:14:10:4c:
a3:0f:aa:c4:db:7e:9a:f2:c5:5e:28:a9:35:08:01:d7:57:a0:
6a:bb:d3:90:88:29:23:86:b4:b2:84:ff:f1:a5:28:81:21:7c:
6d:af:42:ee:70:b1:aa:32:c1:d7:0c:48:19:a1:58:9f:4a:5e:
bd:4d:c5:ed:25:e1:34:5c:65:53:33:41:b4:aa:2e:cd:c2:17:
b3:2c:62:10:ee:1b:a6:35:5a:26:45:9f:39:ba:be:c1:72:1f:
e7:8a:d3:80:ef:5f:4c:37:20:95:a7:82:23:b7:2c:29:2c:e4:
5d:ec:07:c8:41:b8:f4:6f:72:a6:0e:69:f0:bc:ff:31:5e:c5:
25:00:2f:67:b6:b6:69:cc:dd:61:5b:50:70:3f:4e:54:7b:d7:
f9:7c:1e:d1:d2:6b:13:e0:12:fe:f7:bf:9d:00:60:ab:0f:d2:
9c:58:8f:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTlwo9k5JiP9BYKSBgCEvjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMjA4MTMzMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJkZjU0YWQ5MzZlMzNlNWZiZmRmMWI0OGNjZTdkY2VmZmMxNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV9nSHluHcYhX32Mm0IyZLNmeZ/9
GRG/XLDkmS/YfUJ6Je/INb5uO5LVSKHqBnDHZUBW8pir+OhbzQkqK9Lumj2n3KvL
H3l70gSFoP8ZSyQSJXQmxPInzql29gYC83jx+IwsWbZLEwfuCXlNfKC8aOBgYAgj
TkOOGuJpEFrfp05bmoW9+7bELpj+KBRC4pribdi6m4Fk8TAfyIGpa8WMQlBbBSiD
lbKP4UMTSzTSouUwI4St+ulGOsYWd+aD41qUza59brQizZsT3fBOXVLtR0U8lSnq
DwBA1DuAXzF1DR+eJXwDY3YyvIbxVRbBNfi6q4VCNwULDj8/Pfje7ryvXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwt9UrZNuM+X7/fG0jM59zv/BV5MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvbkMzMVN0azI0ejVmdjk4YlNNem4zT184RlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVacAwQA
LVafAwQAVXXxMA0GCSqGSIb3DQEBCwUAA4IBAQAMfgKsYMyYpCP4TTluZl63LgHD
iWFw/afxPQc6Nfo2CQ9wov+kXWCfY5ZsXgGuOhiGA8V2/XwxuGf8lPl+NqCPlhbL
zn/JDsT6oWkWVOZMhnUpIE0ZTZcUEEyjD6rE236a8sVeKKk1CAHXV6Bqu9OQiCkj
hrSyhP/xpSiBIXxtr0LucLGqMsHXDEgZoVifSl69TcXtJeE0XGVTM0G0qi7Nwhez
LGIQ7humNVomRZ85ur7Bch/nitOA719MNyCVp4IjtywpLORd7AfIQbj0b3KmDmnw
vP8xXsUlAC9ntrZpzN1hW1BwP05Ue9f5fB7R0msT4BL+97+dAGCrD9KcWI9i
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:39 2025 by rpki-client