Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BKxc_yQY--jgPVTvvNbLJXZ78Pw.roa
File: BKxc_yQY--jgPVTvvNbLJXZ78Pw.roa (raw, json)
Hash identifier: AHpRStL9/E+zeWglveS698/7I5vKo4udl2pIc41cCxk=
Subject key identifier: 04:AC:5C:FF:24:18:FB:E8:E0:3D:54:EF:BC:D6:CB:25:76:7B:F0:FC
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01974F2A8CA5EFF15364A333B931CA08B8B0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BKxc_yQY--jgPVTvvNbLJXZ78Pw.roa
Signing time: Sun 08 Jun 2025 10:51:17 +0000
ROA not before: Sun 08 Jun 2025 10:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.26.0/24 maxlen: 24
89.21.84.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 13:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:2a:8c:a5:ef:f1:53:64:a3:33:b9:31:ca:08:b8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 8 10:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ac5cff2418fbe8e03d54efbcd6cb25767bf0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:81:d3:71:af:8a:3b:2b:0b:b9:d9:db:92:
f3:d5:d6:0a:9f:f7:b1:83:35:ff:cb:3e:12:f1:2e:
61:2a:c8:88:bc:6b:bd:d7:69:86:63:0b:12:31:f1:
c4:13:8d:a3:f0:4a:bb:c6:3b:b9:b5:64:35:2d:30:
9b:19:e6:81:aa:34:71:cf:5c:d2:86:90:e9:e7:fe:
65:0d:ba:b5:d4:fe:63:eb:52:f7:7c:a8:f2:49:8e:
d4:92:ea:01:d7:2a:f0:77:b7:b5:e8:d1:f7:b5:eb:
03:9e:31:c3:26:d1:7f:76:f7:9b:09:30:dd:4d:a6:
9f:12:80:2e:d0:a4:80:44:61:09:a3:67:22:12:5c:
b4:43:b1:63:d0:eb:ae:c1:11:78:d6:42:11:ce:4a:
59:bd:c3:65:dd:89:8b:c4:33:3f:69:f1:01:7a:f6:
32:ea:1e:c7:52:46:18:e3:23:f2:d2:91:07:b8:13:
d2:7b:aa:66:b9:46:ef:96:af:e1:05:b9:bf:f2:f9:
ea:e0:63:19:04:cb:3b:b6:89:09:e1:96:ad:59:b3:
23:f9:a2:e8:5f:69:89:8d:7e:03:6d:6a:4f:db:4f:
06:aa:1f:13:1a:a1:8a:97:56:31:a5:99:70:8b:7c:
e4:75:82:38:48:c8:a5:6a:ea:b8:17:26:49:92:8a:
72:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AC:5C:FF:24:18:FB:E8:E0:3D:54:EF:BC:D6:CB:25:76:7B:F0:FC
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BKxc_yQY--jgPVTvvNbLJXZ78Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.26.0/24
89.21.84.0/24
91.210.145.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8f:78:fc:b0:e6:0e:9e:16:0d:40:1b:75:5e:95:6a:68:7a:
51:73:75:d6:b6:d7:16:7a:87:e5:55:a9:c8:0c:eb:33:b2:57:
da:92:10:5e:db:f1:bd:5b:8d:e4:f0:da:9f:d2:df:07:d6:ee:
19:81:48:80:4c:42:a7:82:ae:93:f3:9a:bf:d3:4d:e6:b1:6d:
9d:f6:5a:ff:18:ac:58:ef:a0:03:90:88:60:24:b8:70:7a:9a:
5c:27:c0:04:c5:28:54:4e:31:f4:00:23:d1:df:07:8f:b1:66:
fe:7e:4b:a6:6c:f4:ad:53:59:d1:e8:fc:fa:01:09:ed:64:e1:
3b:c7:6c:54:e4:85:2d:4e:18:69:96:68:98:7b:8a:df:ed:d8:
2e:7b:f3:db:28:1a:1e:66:9b:f2:1b:50:83:33:eb:ed:97:44:
88:91:ed:18:79:82:55:22:4e:dd:04:19:86:87:ad:78:f0:a4:
8f:63:85:97:a7:74:91:11:e9:15:27:13:e4:47:b4:06:22:7f:
5d:38:55:2a:43:2f:ad:bd:e0:e8:5d:32:82:8b:9d:ae:27:ac:
76:fb:d6:c0:dc:7b:5b:d1:51:7d:7b:ef:c7:ee:a0:0f:59:59:
a3:e2:59:80:c9:f3:d9:f4:fc:58:8d:bd:d3:f5:39:8d:de:fa:
a7:a0:ed:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdPKoyl7/FTZKMzuTHKCLiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNjA4MTA1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFjNWNmZjI0MThmYmU4ZTAzZDU0ZWZiY2Q2Y2IyNTc2N2JmMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1CB03GvijsrC7nZ25Lz1dYKn/ex
gzX/yz4S8S5hKsiIvGu912mGYwsSMfHEE42j8Eq7xju5tWQ1LTCbGeaBqjRxz1zS
hpDp5/5lDbq11P5j61L3fKjySY7UkuoB1yrwd7e16NH3tesDnjHDJtF/dvebCTDd
TaafEoAu0KSARGEJo2ciEly0Q7Fj0OuuwRF41kIRzkpZvcNl3YmLxDM/afEBevYy
6h7HUkYY4yPy0pEHuBPSe6pmuUbvlq/hBbm/8vnq4GMZBMs7tokJ4ZatWbMj+aLo
X2mJjX4DbWpP208Gqh8TGqGKl1YxpZlwi3zkdYI4SMilauq4FyZJkopy6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFASsXP8kGPvo4D1U77zWyyV2e/D8MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQkt4Y195UVktLWpnUFZUdnZOYkxKWFo3OFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZUaAwQA
WRVUAwQAW9KRMA0GCSqGSIb3DQEBCwUAA4IBAQBWj3j8sOYOnhYNQBt1XpVqaHpR
c3XWttcWeoflVanIDOszslfakhBe2/G9W43k8Nqf0t8H1u4ZgUiATEKngq6T85q/
003msW2d9lr/GKxY76ADkIhgJLhweppcJ8AExShUTjH0ACPR3wePsWb+fkumbPSt
U1nR6Pz6AQntZOE7x2xU5IUtThhplmiYe4rf7dgue/PbKBoeZpvyG1CDM+vtl0SI
ke0YeYJVIk7dBBmGh6148KSPY4WXp3SREekVJxPkR7QGIn9dOFUqQy+tveDoXTKC
i52uJ6x2+9bA3Htb0VF9e+/H7qAPWVmj4lmAyfPZ9PxYjb3T9TmN3vqnoO1P
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:44:20 2025 by rpki-client