Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/MszMtL9y3v5YDTMaOZk5_m_ufh8.roa
File: MszMtL9y3v5YDTMaOZk5_m_ufh8.roa (raw, json)
Hash identifier: +knoXBZ3wJNerY3s5JDflKxqV6yLqt5OJVQtUE79ohY=
Subject key identifier: 32:CC:CC:B4:BF:72:DE:FE:58:0D:33:1A:39:99:39:FE:6F:EE:7E:1F
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 019873A72054AEC931B4FE8C025E874AB754
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/MszMtL9y3v5YDTMaOZk5_m_ufh8.roa
Signing time: Mon 04 Aug 2025 05:56:29 +0000
ROA not before: Mon 04 Aug 2025 05:56:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 12:08:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:a7:20:54:ae:c9:31:b4:fe:8c:02:5e:87:4a:b7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Aug 4 05:56:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ccccb4bf72defe580d331a399939fe6fee7e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:73:7c:e3:6b:6f:98:30:c0:45:4e:23:24:3e:
ec:50:b0:f6:f7:2d:47:88:03:75:4c:e0:1a:78:d3:
3a:e3:02:6f:a5:1c:e4:5e:6c:5f:a0:77:f0:d7:92:
f3:63:60:c2:65:41:96:6a:5a:4d:99:cd:ba:1c:13:
eb:b0:78:c9:3a:0f:63:16:0a:62:aa:90:6d:53:45:
7b:bc:76:b4:33:35:9f:b5:87:87:15:d1:2c:b8:09:
52:a5:52:d4:be:78:90:8a:e6:ba:d7:8e:b6:6d:7d:
71:c6:f8:1e:8b:e3:cd:25:06:09:8a:e6:1b:7b:20:
a9:56:98:33:93:a8:1a:9a:89:87:cf:39:88:16:51:
28:54:aa:2d:26:82:89:fc:4f:d3:dd:5f:98:0f:4c:
1b:fc:52:60:1c:8d:a5:9a:23:6c:9a:e8:fd:e9:a9:
de:57:7f:1f:fd:b1:ae:94:81:1e:37:55:6c:f6:91:
c7:ff:12:05:81:0f:fc:89:9e:7a:8a:1a:81:62:71:
59:67:f8:7c:91:9c:00:23:09:0c:0d:39:e6:9a:f8:
36:b1:bd:1f:4c:39:98:f6:ae:a7:d1:2a:62:d7:c3:
ac:05:77:1d:d2:ba:7a:7a:fd:97:c4:d8:9d:d7:06:
fc:1f:56:4d:c1:fc:66:a1:61:1e:ec:0f:67:6a:78:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CC:CC:B4:BF:72:DE:FE:58:0D:33:1A:39:99:39:FE:6F:EE:7E:1F
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/MszMtL9y3v5YDTMaOZk5_m_ufh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.164.0/24
Signature Algorithm: sha256WithRSAEncryption
40:41:87:95:85:05:bd:52:f0:68:6b:22:8c:e0:4c:12:3c:ca:
8f:9e:28:43:1a:b3:77:4f:3e:bd:dc:d6:b4:da:f1:36:e4:b9:
31:43:a9:55:55:59:80:5a:c6:ac:f6:24:07:ed:bd:77:27:a1:
19:8e:59:65:4a:37:e3:07:e3:e1:11:0b:e4:99:5e:c9:e4:e6:
79:70:8e:50:5d:d4:4d:6b:26:40:3e:23:ce:17:a9:00:5a:cf:
8f:27:70:69:3f:83:7b:8a:ba:9a:c7:8b:3d:2f:8a:4f:af:a7:
8b:6e:4f:20:02:66:c0:f4:e0:38:75:24:74:f5:d9:8d:ab:ef:
05:4a:bb:87:3d:0f:d9:bd:50:25:19:8c:39:93:96:46:0a:f5:
4f:87:ef:d7:d7:f0:73:9e:aa:b1:2b:e2:5e:42:fd:86:75:a0:
b0:6f:29:2d:08:c0:12:fc:c8:44:e4:4b:75:66:fb:10:9c:bc:
02:f6:f0:23:33:78:0b:1a:b7:0b:35:a6:6e:38:a5:91:dc:b9:
f6:c8:14:94:99:4d:6d:87:1d:f6:6a:4c:34:90:36:5b:8e:e9:
44:4d:c3:b1:8f:41:69:84:fe:62:c7:cb:5e:e4:bc:c5:94:36:
2c:59:03:1e:ff:87:66:75:69:b7:b7:05:8c:ed:81:c0:0e:c6:
4e:79:fe:fe
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZhzpyBUrskxtP6MAl6HSrdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjUwODA0MDU1NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNjY2NiNGJmNzJkZWZlNTgwZDMzMWEzOTk5MzlmZTZmZWU3ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nN842tvmDDARU4jJD7sULD29y1H
iAN1TOAaeNM64wJvpRzkXmxfoHfw15LzY2DCZUGWalpNmc26HBPrsHjJOg9jFgpi
qpBtU0V7vHa0MzWftYeHFdEsuAlSpVLUvniQiua61462bX1xxvgei+PNJQYJiuYb
eyCpVpgzk6gamomHzzmIFlEoVKotJoKJ/E/T3V+YD0wb/FJgHI2lmiNsmuj96ane
V38f/bGulIEeN1Vs9pHH/xIFgQ/8iZ56ihqBYnFZZ/h8kZwAIwkMDTnmmvg2sb0f
TDmY9q6n0Spi18OsBXcd0rp6ev2XxNid1wb8H1ZNwfxmoWEe7A9naniD6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDLMzLS/ct7+WA0zGjmZOf5v7n4fMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL01zek10TDl5M3Y1WURUTWFPWms1X21fdWZoOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtm6Qw
DQYJKoZIhvcNAQELBQADggEBAEBBh5WFBb1S8GhrIozgTBI8yo+eKEMas3dPPr3c
1rTa8TbkuTFDqVVVWYBaxqz2JAftvXcnoRmOWWVKN+MH4+ERC+SZXsnk5nlwjlBd
1E1rJkA+I84XqQBaz48ncGk/g3uKuprHiz0vik+vp4tuTyACZsD04Dh1JHT12Y2r
7wVKu4c9D9m9UCUZjDmTlkYK9U+H79fX8HOeqrEr4l5C/YZ1oLBvKS0IwBL8yETk
S3Vm+xCcvAL28CMzeAsatws1pm44pZHcufbIFJSZTW2HHfZqTDSQNluO6URNw7GP
QWmE/mLHy17kvMWUNixZAx7/h2Z1abe3BYztgcAOxk55/v4=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:13:20 2025 by rpki-client