Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/7uPUSR8bDPGUkAInS7Mtl-k1_2E.roa
File: 7uPUSR8bDPGUkAInS7Mtl-k1_2E.roa (raw, json)
Hash identifier: 13rT5dLsjm5s51DooMF1xdDiUIpaqqwrzYse4tuZYZY=
Subject key identifier: EE:E3:D4:49:1F:1B:0C:F1:94:90:02:27:4B:B3:2D:97:E9:35:FF:61
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0196062DD7D92834936BD38E57C3644E4ECD
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/7uPUSR8bDPGUkAInS7Mtl-k1_2E.roa
Signing time: Sat 05 Apr 2025 13:39:49 +0000
ROA not before: Sat 05 Apr 2025 13:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.154.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Apr 2025 19:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:06:2d:d7:d9:28:34:93:6b:d3:8e:57:c3:64:4e:4e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Apr 5 13:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eee3d4491f1b0cf1949002274bb32d97e935ff61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:14:de:7c:d0:51:b1:05:10:d0:3c:e0:ba:7b:
ca:7b:9d:2d:98:67:3a:15:1f:c4:33:f3:15:ff:b7:
ba:58:a8:d6:cf:51:c8:44:93:4b:35:97:4f:56:8c:
1b:4e:20:5e:4a:68:c5:20:e6:db:81:fb:0b:ce:3b:
ba:7f:b2:d9:b5:61:01:91:7f:07:50:d7:e8:c0:ba:
fd:74:00:46:24:11:41:9b:a8:ec:a3:ec:54:ea:40:
85:d7:6e:5c:eb:09:df:f4:65:a2:43:05:6c:cf:36:
57:b6:42:b4:f8:06:7d:f9:c5:bc:6b:29:ab:ca:c2:
55:a0:8c:b5:7e:10:36:e6:6b:56:39:48:1d:03:0c:
b3:63:06:65:33:24:02:cb:cf:b1:c1:df:36:73:73:
0a:03:5b:a8:bd:53:39:bd:4f:a4:69:5c:37:6a:6e:
67:7c:9a:cc:53:15:af:c8:8d:c1:af:57:94:3c:55:
43:00:a9:82:ab:dc:bb:61:93:df:00:ed:f6:51:ed:
d1:24:c6:36:1d:3e:f8:6c:28:10:0c:7d:ff:04:17:
f2:e5:37:d0:03:3b:54:22:a8:bf:15:3d:bd:17:f0:
7d:76:5b:c9:a6:a1:c2:68:a1:1a:cc:cd:19:a9:2b:
7c:d1:1e:de:01:5c:3b:bb:3e:cf:5e:02:32:a9:33:
12:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E3:D4:49:1F:1B:0C:F1:94:90:02:27:4B:B3:2D:97:E9:35:FF:61
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/7uPUSR8bDPGUkAInS7Mtl-k1_2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
84:8d:35:96:83:aa:1f:8f:1f:43:d5:88:20:e8:f2:91:ee:88:
54:5c:cb:98:49:81:26:29:cb:58:b2:3c:5e:e1:d4:50:3a:17:
56:bc:75:04:41:ac:71:19:16:cc:b2:7a:69:bf:ca:aa:25:dc:
d0:55:be:ec:43:be:8d:5c:ac:3b:4f:e8:2d:d8:80:e5:19:00:
1d:81:b4:96:08:28:d5:c4:9a:40:04:5e:45:77:8f:a2:88:8b:
24:bb:17:57:71:b4:80:ee:83:db:3d:df:f4:0f:ad:b9:44:5d:
6a:8c:18:a7:7d:bd:9b:1d:06:c6:53:fc:ea:9e:39:45:d7:16:
1f:95:0e:a1:99:8a:b2:d1:2b:11:f0:25:e6:93:34:b2:1f:86:
c2:eb:f4:3c:f7:67:58:91:d4:cf:4a:44:65:bf:80:7f:bf:83:
fa:84:4f:1b:81:da:20:45:bb:8b:8e:18:8f:7a:3c:dc:e0:d0:
f0:b8:04:b0:33:75:2b:ab:46:9e:a3:ee:ae:4a:fc:97:86:b0:
a9:e9:3e:38:d9:ef:86:67:a8:2b:35:6c:10:93:1d:42:e6:12:
f9:51:d8:e2:cd:e9:11:54:f5:56:51:93:dc:40:c3:04:2c:e0:
0d:b9:f7:01:22:25:c5:ff:45:d1:2f:a4:18:4c:88:be:ee:75:
70:83:2f:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYGLdfZKDSTa9OOV8NkTk7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNDA1MTMzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWUzZDQ0OTFmMWIwY2YxOTQ5MDAyMjc0YmIzMmQ5N2U5MzVmZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BTefNBRsQUQ0DzgunvKe50tmGc6
FR/EM/MV/7e6WKjWz1HIRJNLNZdPVowbTiBeSmjFIObbgfsLzju6f7LZtWEBkX8H
UNfowLr9dABGJBFBm6jso+xU6kCF125c6wnf9GWiQwVszzZXtkK0+AZ9+cW8aymr
ysJVoIy1fhA25mtWOUgdAwyzYwZlMyQCy8+xwd82c3MKA1uovVM5vU+kaVw3am5n
fJrMUxWvyI3Br1eUPFVDAKmCq9y7YZPfAO32Ue3RJMY2HT74bCgQDH3/BBfy5TfQ
AztUIqi/FT29F/B9dlvJpqHCaKEazM0ZqSt80R7eAVw7uz7PXgIyqTMSWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7j1EkfGwzxlJACJ0uzLZfpNf9hMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvN3VQVVNSOGJEUEdVa0FJblM3TXRsLWsxXzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqfMA0G
CSqGSIb3DQEBCwUAA4IBAQCEjTWWg6ofjx9D1Ygg6PKR7ohUXMuYSYEmKctYsjxe
4dRQOhdWvHUEQaxxGRbMsnppv8qqJdzQVb7sQ76NXKw7T+gt2IDlGQAdgbSWCCjV
xJpABF5Fd4+iiIskuxdXcbSA7oPbPd/0D625RF1qjBinfb2bHQbGU/zqnjlF1xYf
lQ6hmYqy0SsR8CXmkzSyH4bC6/Q892dYkdTPSkRlv4B/v4P6hE8bgdogRbuLjhiP
ejzc4NDwuASwM3Urq0aeo+6uSvyXhrCp6T442e+GZ6grNWwQkx1C5hL5UdjizekR
VPVWUZPcQMMELOANufcBIiXF/0XRL6QYTIi+7nVwgy+O
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:29:47 2025 by rpki-client