Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xhwKFr4-Wzr5Gt7VHxfHkuiMWUY.roa
File: xhwKFr4-Wzr5Gt7VHxfHkuiMWUY.roa (raw, json)
Hash identifier: ExXCjKh3q40H1eMaAjIH6JaZJmdp1hiLNvKUfIvTaUc=
Subject key identifier: C6:1C:0A:16:BE:3E:5B:3A:F9:1A:DE:D5:1F:17:C7:92:E8:8C:59:46
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824D63DB59C468ADD3A8ED6896D009D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xhwKFr4-Wzr5Gt7VHxfHkuiMWUY.roa
Signing time: Thu 02 Jan 2025 17:51:30 +0000
ROA not before: Thu 02 Jan 2025 17:51:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393942
IP address blocks: 45.12.253.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Feb 2025 00:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:d6:3d:b5:9c:46:8a:dd:3a:8e:d6:89:6d:00:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c61c0a16be3e5b3af91aded51f17c792e88c5946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:4f:f1:b4:34:29:f9:72:db:73:83:b7:9e:01:
76:01:1d:5f:80:91:1e:68:1f:f1:ae:9b:cb:f4:42:
18:7d:c3:58:5b:3e:31:95:b4:df:b9:73:c5:b0:ca:
52:e6:72:76:08:12:c5:77:32:0d:05:f3:47:b6:cd:
f5:40:73:9b:2a:b4:a2:9f:1a:7e:03:fb:71:0f:01:
92:a7:c3:7e:f5:ea:c9:19:b2:c3:83:3f:d7:76:58:
10:f5:ef:f6:e0:3c:ce:4f:6d:66:83:ad:d8:e1:19:
00:a8:bb:13:32:c1:a3:06:9c:b1:86:e8:08:2b:ee:
3c:d0:4e:93:ab:ee:19:6a:b5:ac:39:9a:d6:66:12:
89:46:ba:f1:ef:7b:80:c0:06:99:b7:17:e5:d8:35:
6e:a3:f6:9b:ce:c6:d9:6f:11:18:10:7b:e4:81:65:
94:06:2a:86:1a:e5:4a:69:fb:46:69:5e:f8:9e:e9:
18:d0:11:18:65:f5:39:32:45:b3:50:23:2c:60:0f:
06:2b:58:4f:e3:20:7e:64:a5:64:e6:d9:27:5b:a1:
66:76:54:54:c7:6e:be:e8:f6:40:45:3e:07:c1:57:
c2:e7:d6:e4:cc:b5:e7:da:30:43:e3:94:35:75:87:
c6:81:47:6b:fc:fa:79:be:84:a0:75:ab:c5:0f:e4:
44:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1C:0A:16:BE:3E:5B:3A:F9:1A:DE:D5:1F:17:C7:92:E8:8C:59:46
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xhwKFr4-Wzr5Gt7VHxfHkuiMWUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.253.0/24
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
32:98:1c:ed:8c:da:66:bc:ac:4c:0b:4b:2d:ac:36:99:38:a6:
83:2d:97:22:b2:4d:2a:7b:a4:13:85:da:ea:97:f8:27:3a:2e:
67:f7:46:5b:3c:d6:fe:0c:20:97:8c:6e:7d:46:a7:ab:07:12:
e2:4f:54:3c:63:a0:d1:aa:9c:0a:f5:ae:80:47:1e:37:bf:77:
38:5a:79:79:95:8e:de:1d:4a:12:01:5e:f9:3e:a8:ae:7b:d7:
24:45:57:07:0d:ad:b4:6b:c3:50:36:a3:d5:f3:09:cf:07:80:
0c:77:eb:9d:7e:95:94:23:f7:5b:e4:27:72:d2:2a:dc:c2:ec:
16:8e:8f:10:9c:0f:bb:3b:eb:0c:6c:e0:fa:1c:e1:4e:b2:0e:
df:5a:23:c8:d0:37:38:ef:70:fd:31:6a:6b:d5:d8:38:77:ed:
63:24:26:3f:84:f5:66:4e:03:2a:64:57:16:e5:91:e3:3b:bb:
b8:00:aa:c4:ad:dd:28:9c:72:2c:0a:0f:18:ab:02:6f:8e:c8:
9a:c3:4e:d8:19:fc:47:8a:de:90:df:36:bb:0f:a6:82:ed:55:
63:db:d6:98:84:19:bf:05:5c:90:f9:a9:cd:d0:25:61:d5:c2:
a4:bb:c3:35:3a:f2:fe:0a:ee:8b:21:67:56:e5:6f:d5:36:78:
c4:78:27:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJNY9tZxGit06jtaJbQCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFjMGExNmJlM2U1YjNhZjkxYWRlZDUxZjE3Yzc5MmU4OGM1OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5k/xtDQp+XLbc4O3ngF2AR1fgJEe
aB/xrpvL9EIYfcNYWz4xlbTfuXPFsMpS5nJ2CBLFdzINBfNHts31QHObKrSinxp+
A/txDwGSp8N+9erJGbLDgz/XdlgQ9e/24DzOT21mg63Y4RkAqLsTMsGjBpyxhugI
K+480E6Tq+4ZarWsOZrWZhKJRrrx73uAwAaZtxfl2DVuo/abzsbZbxEYEHvkgWWU
BiqGGuVKaftGaV74nukY0BEYZfU5MkWzUCMsYA8GK1hP4yB+ZKVk5tknW6FmdlRU
x26+6PZART4HwVfC59bkzLXn2jBD45Q1dYfGgUdr/Pp5voSgdavFD+REzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYcCha+Pls6+Rre1R8Xx5LojFlGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveGh3S0ZyNC1XenI1R3Q3Vkh4ZkhrdWlNV1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQz9AwQA
pCi5MA0GCSqGSIb3DQEBCwUAA4IBAQAymBztjNpmvKxMC0strDaZOKaDLZcisk0q
e6QThdrql/gnOi5n90ZbPNb+DCCXjG59RqerBxLiT1Q8Y6DRqpwK9a6ARx43v3c4
Wnl5lY7eHUoSAV75Pqiue9ckRVcHDa20a8NQNqPV8wnPB4AMd+udfpWUI/db5Cdy
0ircwuwWjo8QnA+7O+sMbOD6HOFOsg7fWiPI0Dc473D9MWpr1dg4d+1jJCY/hPVm
TgMqZFcW5ZHjO7u4AKrErd0onHIsCg8YqwJvjsiaw07YGfxHit6Q3za7D6aC7VVj
29aYhBm/BVyQ+anN0CVh1cKku8M1OvL+Cu6LIWdW5W/VNnjEeCff
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:16:53 2025 by rpki-client