Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/RheQO5inYn0I1AeGABvbEd8KhpQ.roa
File: RheQO5inYn0I1AeGABvbEd8KhpQ.roa (raw, json)
Hash identifier: KiKjCOiSh/oUf/DLKED+Y3qAI4ZhfpYsfCc1dB49O+w=
Subject key identifier: 46:17:90:3B:98:A7:62:7D:08:D4:07:86:00:1B:DB:11:DF:0A:86:94
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019644D806CA415B3DEB147A7A0A386D8625
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/RheQO5inYn0I1AeGABvbEd8KhpQ.roa
Signing time: Thu 17 Apr 2025 17:42:10 +0000
ROA not before: Thu 17 Apr 2025 17:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
91.132.160.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 05:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:d8:06:ca:41:5b:3d:eb:14:7a:7a:0a:38:6d:86:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Apr 17 17:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4617903b98a7627d08d40786001bdb11df0a8694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:ab:8d:c5:83:93:89:7a:64:48:4e:80:d2:
8f:2f:65:c5:bc:74:75:cd:01:a0:f7:37:06:0f:42:
3f:95:f8:a9:f9:92:84:53:da:47:d1:d7:06:78:06:
b8:7e:d7:33:68:d3:82:d7:e2:c9:34:da:f8:ce:38:
69:13:45:85:eb:bf:e1:1c:14:34:2e:07:42:e9:88:
34:d0:5d:1b:89:0f:89:e8:2c:59:f1:b3:29:17:a2:
ce:0e:74:7d:81:b5:cd:05:dd:85:7d:d8:3b:5b:5e:
4e:af:25:f4:d7:7a:a6:70:c5:cf:c9:f6:7c:32:30:
9d:93:e9:1d:1a:2b:f4:b6:8d:bc:d0:67:cb:04:f0:
e0:ed:db:ea:7c:cf:6b:93:c6:c1:1b:9a:34:59:2e:
e4:99:69:65:c2:cf:07:ba:15:d1:dc:1e:5a:79:28:
c0:5a:b3:f5:cb:22:80:d2:28:f1:4e:26:21:c2:95:
b0:4a:4d:a6:e5:54:c8:32:17:a5:ff:41:70:be:78:
ea:cb:46:a1:df:ec:47:26:b5:34:0c:18:89:59:a2:
13:e9:4b:e6:98:fb:24:2b:8c:e8:b4:8d:16:48:80:
81:45:b4:cc:0a:aa:fd:bf:e0:cd:7e:54:40:41:49:
26:08:3c:ce:33:c6:7f:b4:51:eb:8a:fa:1e:9b:5f:
21:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:17:90:3B:98:A7:62:7D:08:D4:07:86:00:1B:DB:11:DF:0A:86:94
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/RheQO5inYn0I1AeGABvbEd8KhpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
193.135.151.0/24
193.135.157.0/24
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:79:f2:ee:ba:07:e2:18:bc:d3:ab:f0:7e:0f:00:c7:42:eb:
71:ba:97:fb:de:8f:c5:ee:7a:75:e1:70:bb:38:07:06:77:03:
a2:43:21:cc:b4:c5:e1:92:cc:08:8c:27:02:1b:0e:c3:4e:47:
47:a3:bf:11:f6:57:a4:2a:dd:bf:54:b0:6f:0c:54:93:96:bf:
c3:dd:bd:17:bb:b9:24:65:92:13:2b:3c:d3:c7:3f:42:90:21:
8b:3b:6b:67:c5:cb:cb:42:69:3d:d6:ae:17:75:b8:5b:67:09:
d5:52:9b:a9:39:8b:14:ad:17:2f:55:fa:a5:82:02:e3:09:ff:
36:f1:54:34:8a:12:54:fd:ca:a1:2f:18:bb:af:bd:09:83:ab:
e0:8a:c0:40:3e:99:91:7e:51:dd:e7:1b:e6:8d:95:f9:db:f5:
fb:db:df:bc:29:b7:f7:09:ce:17:80:d4:24:4b:41:9d:81:e1:
a8:2c:38:74:f9:1b:8c:65:7f:12:01:51:4d:d4:35:66:54:ad:
a9:c0:c2:c3:1e:77:10:9d:97:20:ef:13:be:3c:f0:31:17:39:
9b:65:58:84:80:f8:af:8c:18:3d:0b:cc:33:8f:db:31:38:12:
1f:eb:d7:14:2a:aa:ea:46:ac:1a:2c:1c:ba:2d:d3:5b:41:94:
42:ea:bb:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZE2AbKQVs96xR6ego4bYYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNDE3MTc0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE3OTAzYjk4YTc2MjdkMDhkNDA3ODYwMDFiZGIxMWRmMGE4Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstWrjcWDk4l6ZEhOgNKPL2XFvHR1
zQGg9zcGD0I/lfip+ZKEU9pH0dcGeAa4ftczaNOC1+LJNNr4zjhpE0WF67/hHBQ0
LgdC6Yg00F0biQ+J6CxZ8bMpF6LODnR9gbXNBd2Ffdg7W15OryX013qmcMXPyfZ8
MjCdk+kdGiv0to280GfLBPDg7dvqfM9rk8bBG5o0WS7kmWllws8HuhXR3B5aeSjA
WrP1yyKA0ijxTiYhwpWwSk2m5VTIMhel/0Fwvnjqy0ah3+xHJrU0DBiJWaIT6Uvm
mPskK4zotI0WSICBRbTMCqr9v+DNflRAQUkmCDzOM8Z/tFHrivoem18hdwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEYXkDuYp2J9CNQHhgAb2xHfCoaUMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvUmhlUU81aW5ZbjBJMUFlR0FCdmJFZDhLaHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYoMAwQC
W4SgAwQAwYeXAwQAwYedAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQAdefLuugfi
GLzTq/B+DwDHQutxupf73o/F7np14XC7OAcGdwOiQyHMtMXhkswIjCcCGw7DTkdH
o78R9lekKt2/VLBvDFSTlr/D3b0Xu7kkZZITKzzTxz9CkCGLO2tnxcvLQmk91q4X
dbhbZwnVUpupOYsUrRcvVfqlggLjCf828VQ0ihJU/cqhLxi7r70Jg6vgisBAPpmR
flHd5xvmjZX52/X729+8Kbf3Cc4XgNQkS0GdgeGoLDh0+RuMZX8SAVFN1DVmVK2p
wMLDHncQnZcg7xO+PPAxFzmbZViEgPivjBg9C8wzj9sxOBIf69cUKqrqRqwaLBy6
LdNbQZRC6ruJ
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:37:39 2025 by rpki-client