Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/bK_Jkny-8kvYeBclSc4AeW8jdXs.roa
File: bK_Jkny-8kvYeBclSc4AeW8jdXs.roa (raw, json)
Hash identifier: Vk6a9x+2z/1hPxgDLsuDnDYRPpppcp5A6p3/LGA1hss=
Subject key identifier: 6C:AF:C9:92:7C:BE:F2:4B:D8:78:17:25:49:CE:00:79:6F:23:75:7B
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01954E11201BCABD65BD8416AAB5018520EF
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/bK_Jkny-8kvYeBclSc4AeW8jdXs.roa
Signing time: Fri 28 Feb 2025 19:38:20 +0000
ROA not before: Fri 28 Feb 2025 19:38:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.188.0/22 maxlen: 24
45.65.114.0/24 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 20:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:11:20:1b:ca:bd:65:bd:84:16:aa:b5:01:85:20:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Feb 28 19:38:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cafc9927cbef24bd878172549ce00796f23757b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:57:d2:c2:05:fc:0f:57:ad:a3:ac:e5:f7:d6:
19:52:08:34:ea:cf:b2:63:d2:ea:b3:14:71:05:83:
f7:95:b0:97:47:df:f7:f4:64:a6:19:ae:7a:52:9b:
4d:35:cb:f6:ef:4d:d8:41:c7:ed:06:82:ca:8c:e8:
92:06:8c:75:dd:23:20:64:8b:44:b2:c9:a9:5a:e9:
df:f1:b5:94:9c:fc:8e:b7:7b:fb:6d:91:a7:75:ca:
91:b3:88:11:54:3e:9b:c1:62:27:f3:8a:16:e4:55:
89:4b:31:cb:49:39:14:1b:39:88:2e:81:b4:ec:9b:
35:e9:c0:21:29:5a:56:5b:17:5b:a6:93:76:1c:38:
4d:89:7b:8b:b3:0e:5c:97:ed:1d:03:7a:56:ab:bb:
e7:70:9a:f3:3e:ed:a0:2f:2b:8e:28:e7:aa:e6:29:
f8:e9:c5:9b:f3:61:bc:90:43:28:04:e1:87:77:e0:
07:4f:fa:97:06:9b:3a:02:54:4d:46:ce:27:a3:cb:
5d:a6:10:76:4b:cf:38:a1:60:5a:fc:1a:1d:1c:0b:
f0:84:7a:d8:78:53:fa:e8:52:90:83:b2:a1:13:8f:
40:33:db:a4:aa:32:71:4d:72:25:62:01:d0:74:ef:
6c:6f:0a:51:48:0c:79:e9:f3:63:ed:59:8e:99:d1:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AF:C9:92:7C:BE:F2:4B:D8:78:17:25:49:CE:00:79:6F:23:75:7B
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/bK_Jkny-8kvYeBclSc4AeW8jdXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/22
45.65.114.0/24
188.209.131.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
03:c1:de:b2:1f:5f:e3:c5:63:a4:07:b8:9e:48:1c:5d:7c:01:
fb:07:5b:1c:d4:56:4f:e0:f6:42:ac:3c:06:34:04:a4:39:6e:
b5:70:50:c7:5f:79:26:56:e7:0a:40:1c:a1:3d:aa:67:65:87:
c3:95:11:1d:e9:d7:80:cd:4b:80:1d:94:75:c0:c1:c4:86:14:
58:c8:84:ea:d1:eb:6c:0c:b1:04:27:fb:5d:81:8c:62:97:68:
fb:ee:a0:f8:74:ac:36:7d:e5:dd:ae:67:79:f2:67:fe:ce:48:
a5:f3:fb:dc:27:48:77:d3:21:f7:75:40:30:a9:c7:ef:26:fd:
3b:21:7b:0d:7f:41:8e:8d:c3:14:b1:f7:f3:41:67:29:91:0f:
96:fc:d8:df:84:43:be:23:59:fe:56:9d:d6:69:5d:57:d2:08:
4f:bc:0b:b6:d7:8d:06:be:3a:1f:39:67:65:3c:36:4f:f6:bf:
ea:e1:52:73:69:a1:35:1b:b2:c4:6f:ce:c6:de:cc:30:46:ad:
d0:d8:44:4d:69:b3:ff:71:b2:3e:34:9b:48:2b:ff:41:80:e1:
55:35:f4:b9:58:c8:53:f3:26:28:9b:05:64:3d:dd:63:0d:34:
42:80:a8:f8:e1:02:7c:fb:52:ba:fb:a3:5a:11:20:98:24:4a:
7a:00:e0:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVOESAbyr1lvYQWqrUBhSDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMjI4MTkzODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FmYzk5MjdjYmVmMjRiZDg3ODE3MjU0OWNlMDA3OTZmMjM3NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51fSwgX8D1eto6zl99YZUgg06s+y
Y9LqsxRxBYP3lbCXR9/39GSmGa56UptNNcv2703YQcftBoLKjOiSBox13SMgZItE
ssmpWunf8bWUnPyOt3v7bZGndcqRs4gRVD6bwWIn84oW5FWJSzHLSTkUGzmILoG0
7Js16cAhKVpWWxdbppN2HDhNiXuLsw5cl+0dA3pWq7vncJrzPu2gLyuOKOeq5in4
6cWb82G8kEMoBOGHd+AHT/qXBps6AlRNRs4no8tdphB2S884oWBa/BodHAvwhHrY
eFP66FKQg7KhE49AM9ukqjJxTXIlYgHQdO9sbwpRSAx56fNj7VmOmdHN/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGyvyZJ8vvJL2HgXJUnOAHlvI3V7MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvYktfSmtueS04a3ZZZUJjbFNjNEFlVzhqZFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQu8AwQA
LUFyAwQAvNGDAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQADwd6yH1/jxWOkB7ie
SBxdfAH7B1sc1FZP4PZCrDwGNASkOW61cFDHX3kmVucKQByhPapnZYfDlREd6deA
zUuAHZR1wMHEhhRYyITq0etsDLEEJ/tdgYxil2j77qD4dKw2feXdrmd58mf+zkil
8/vcJ0h30yH3dUAwqcfvJv07IXsNf0GOjcMUsffzQWcpkQ+W/NjfhEO+I1n+Vp3W
aV1X0ghPvAu2140GvjofOWdlPDZP9r/q4VJzaaE1G7LEb87G3swwRq3Q2ERNabP/
cbI+NJtIK/9BgOFVNfS5WMhT8yYomwVkPd1jDTRCgKj44QJ8+1K6+6NaESCYJEp6
AODf
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:57:21 2025 by rpki-client