Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1-UkOMI2FLolRcLNvFp5hRfRK6UA.roa
File: 1-UkOMI2FLolRcLNvFp5hRfRK6UA.roa (raw, json)
Hash identifier: 47AgZXziq0WE/jZtD4k55H6tYBpuR/KwtmVjv88xXuo=
Subject key identifier: F9:49:0E:30:8D:85:2E:89:51:70:B3:6F:16:9E:61:45:F4:4A:E9:40
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019614A351BCDB2ECAC523B9269B4158F158
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1-UkOMI2FLolRcLNvFp5hRfRK6UA.roa
Signing time: Tue 08 Apr 2025 09:02:49 +0000
ROA not before: Tue 08 Apr 2025 09:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.154.159.0/24 maxlen: 24
188.209.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 13:58:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:a3:51:bc:db:2e:ca:c5:23:b9:26:9b:41:58:f1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Apr 8 09:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9490e308d852e895170b36f169e6145f44ae940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:2f:dd:88:5f:12:82:ec:09:c0:fe:db:cc:
bc:70:5e:aa:a9:2f:62:56:7e:57:0f:58:78:24:95:
2f:92:a1:00:ea:2e:6c:94:7f:ce:d4:e8:b4:18:02:
d1:d9:3d:50:22:64:d0:d3:bb:ce:08:46:cb:2f:68:
be:aa:77:f8:37:c4:7d:b7:2d:22:4d:7c:66:9a:a2:
5d:9f:3b:c5:ce:ee:da:4e:2f:d0:ec:37:51:93:d1:
9b:88:1c:21:ac:12:54:f2:e3:5c:4e:34:fa:6c:98:
00:bc:89:4c:90:18:46:d5:49:af:9a:a1:d8:fc:d7:
bc:a5:50:ac:d5:7d:33:1f:c2:86:11:bd:a2:35:0b:
3d:14:b7:ee:66:7b:d3:f1:04:55:98:80:4c:62:7b:
e0:3e:7c:ad:e7:53:e8:7b:69:c3:62:32:f5:c7:d4:
e8:70:41:bc:3c:f8:3f:1f:bc:22:c2:a9:08:99:a6:
9b:0a:5b:95:41:c8:1e:5b:28:d6:8c:bb:2b:f9:9e:
13:12:0d:7d:f5:53:40:c2:0b:a1:e2:0c:26:6d:2a:
86:96:b8:d8:07:7d:d5:96:ad:df:93:c0:39:b0:c6:
95:87:97:12:e2:50:78:45:5b:e3:77:06:52:d7:d9:
e0:f6:8d:c9:89:f6:61:3b:9c:01:da:69:49:d4:e4:
7e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:49:0E:30:8D:85:2E:89:51:70:B3:6F:16:9E:61:45:F4:4A:E9:40
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1-UkOMI2FLolRcLNvFp5hRfRK6UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
188.209.128.0/24
Signature Algorithm: sha256WithRSAEncryption
02:7a:5f:39:ce:55:84:d8:3c:ba:2a:b4:65:b1:77:7e:2d:3c:
56:7d:9e:15:0f:32:28:59:7d:62:f4:04:f0:d0:92:71:01:a9:
9e:1d:48:eb:0b:78:6c:29:f3:60:43:31:4c:aa:4b:3f:7a:e0:
51:c9:c2:c9:95:5d:b2:88:b8:7e:c2:36:4c:2e:ae:2f:c7:03:
7b:ae:a5:8e:96:b1:83:24:a7:61:16:b8:7d:e5:54:2e:b0:32:
28:30:b6:fd:a9:c0:c1:c6:50:0e:26:56:9a:73:4e:49:f1:0b:
b1:77:fb:8d:e4:8f:5f:9a:d4:5c:3c:83:2e:5a:ea:33:e0:26:
72:27:8f:4b:cd:0f:1c:0f:a5:71:a9:6e:a1:33:e8:0a:ea:3a:
fb:38:fc:b5:78:24:c9:02:8f:39:eb:e8:ac:67:ca:af:d0:8a:
40:9d:62:ae:cd:aa:7e:74:a2:6f:74:23:09:ab:d8:1c:79:50:
cc:05:e0:71:9f:d4:91:8a:be:cf:6d:7d:2b:88:e5:d3:70:84:
35:0f:7a:c2:ac:31:6e:dc:43:79:85:62:37:d3:f2:9a:c2:8d:
ce:81:33:68:0e:68:8a:ef:42:93:28:12:87:e2:eb:49:3a:82:
28:be:e8:8f:fa:5c:0a:ff:93:16:f7:a6:52:ba:c8:74:48:d7:
01:2a:b7:84
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZYUo1G82y7KxSO5JptBWPFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNDA4MDkwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ5MGUzMDhkODUyZTg5NTE3MGIzNmYxNjllNjE0NWY0NGFlOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHwv3YhfEoLsCcD+28y8cF6qqS9i
Vn5XD1h4JJUvkqEA6i5slH/O1Oi0GALR2T1QImTQ07vOCEbLL2i+qnf4N8R9ty0i
TXxmmqJdnzvFzu7aTi/Q7DdRk9GbiBwhrBJU8uNcTjT6bJgAvIlMkBhG1UmvmqHY
/Ne8pVCs1X0zH8KGEb2iNQs9FLfuZnvT8QRVmIBMYnvgPnyt51Poe2nDYjL1x9To
cEG8PPg/H7wiwqkImaabCluVQcgeWyjWjLsr+Z4TEg199VNAwguh4gwmbSqGlrjY
B33Vlq3fk8A5sMaVh5cS4lB4RVvjdwZS19ng9o3JifZhO5wB2mlJ1OR+EQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlJDjCNhS6JUXCzbxaeYUX0SulAMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvMS1Va09NSTJGTG9sUmNMTnZGcDVoUmZSSzZVQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvMzk1MzI4LWY0NjEtNDRiNy1iMDMxLTNmOGI1NWRhMWFj
NC8xL0JSOHBSaTU2ZmFmclgwWGFlSFB4VGtBXzQ2cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2anwME
ALzRgDANBgkqhkiG9w0BAQsFAAOCAQEAAnpfOc5VhNg8uiq0ZbF3fi08Vn2eFQ8y
KFl9YvQE8NCScQGpnh1I6wt4bCnzYEMxTKpLP3rgUcnCyZVdsoi4fsI2TC6uL8cD
e66ljpaxgySnYRa4feVULrAyKDC2/anAwcZQDiZWmnNOSfELsXf7jeSPX5rUXDyD
LlrqM+AmciePS80PHA+lcaluoTPoCuo6+zj8tXgkyQKPOevorGfKr9CKQJ1irs2q
fnSib3QjCavYHHlQzAXgcZ/UkYq+z219K4jl03CENQ96wqwxbtxDeYViN9PymsKN
zoEzaA5oiu9CkygSh+LrSTqCKL7oj/pcCv+TFvemUrrIdEjXASq3hA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:30:31 2025 by rpki-client