Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/PN0f8Rswel52LIJO55yQOP4IaIk.roa
File: PN0f8Rswel52LIJO55yQOP4IaIk.roa (raw, json)
Hash identifier: +WO4vQCfxhc5HKsHLWyi1qRsP2itH3XGUJnaMSNtf/s=
Subject key identifier: 3C:DD:1F:F1:1B:30:7A:5E:76:2C:82:4E:E7:9C:90:38:FE:08:68:89
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 01963901A217546701DF98B7903D5C40FC3A
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/PN0f8Rswel52LIJO55yQOP4IaIk.roa
Signing time: Tue 15 Apr 2025 10:32:10 +0000
ROA not before: Tue 15 Apr 2025 10:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 984
IP address blocks: 45.8.28.0/24 maxlen: 24
45.8.31.0/24 maxlen: 24
45.80.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 02:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:01:a2:17:54:67:01:df:98:b7:90:3d:5c:40:fc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Apr 15 10:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cdd1ff11b307a5e762c824ee79c9038fe086889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3e:64:21:2b:46:06:20:64:be:29:ca:8b:8f:
33:90:08:66:d7:d0:cb:2f:99:9c:4d:b9:6d:00:51:
61:f6:1e:bd:50:e9:f8:de:7b:01:26:c4:71:e3:01:
52:67:33:19:78:45:f4:52:0b:94:03:f6:b2:0f:ac:
cd:a5:6e:32:76:de:93:fd:92:43:d0:f5:20:1b:dd:
94:09:b5:3a:c3:e4:4f:75:5b:bf:2a:d2:bc:55:a0:
b0:bd:1a:d4:cc:e9:04:da:63:bb:29:f4:9c:f1:07:
e7:34:63:35:fe:a7:55:47:10:38:e3:25:e1:54:93:
11:62:4e:7e:2a:2d:27:f4:36:fa:96:43:50:65:0e:
97:10:e5:2f:67:3e:7b:8f:ea:de:51:ec:e9:e8:69:
f3:08:5a:aa:ee:b0:e7:c1:6f:42:35:d9:e0:84:85:
57:c5:68:50:10:9e:f8:ef:94:48:b5:53:5d:b8:ee:
3f:71:8d:b0:7f:cd:f2:e5:e3:e2:03:9c:6f:ce:2d:
bc:04:c6:3a:dd:21:f9:02:43:96:a6:3d:4f:9b:bc:
9b:b5:9e:f5:50:aa:c0:ef:90:73:22:b9:b7:7e:dc:
2a:2a:19:b6:86:0c:ad:42:ee:91:80:ca:2c:da:15:
16:31:ed:73:f7:9c:65:b8:2e:3d:8b:78:0a:6d:b9:
c1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DD:1F:F1:1B:30:7A:5E:76:2C:82:4E:E7:9C:90:38:FE:08:68:89
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/PN0f8Rswel52LIJO55yQOP4IaIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.28.0/24
45.8.31.0/24
45.80.112.0/24
Signature Algorithm: sha256WithRSAEncryption
18:94:82:10:a9:ff:02:c8:4f:a4:19:42:5e:8d:9d:c8:f2:e8:
c6:2f:b4:ba:b7:c5:97:9b:f7:7b:1d:08:49:73:06:63:7d:90:
c5:93:c5:ff:e9:e8:c9:2b:5f:64:da:99:97:37:eb:bf:10:ed:
32:5e:8d:96:eb:43:d9:fa:f9:e6:d4:7d:5c:50:2c:34:b4:a3:
38:bb:bb:45:78:79:b3:06:6a:0a:1c:30:60:cc:7a:4b:2f:d4:
25:70:41:7e:6d:70:c8:3b:ca:02:48:7d:8a:67:d1:0a:20:01:
f2:28:f9:f5:bf:9c:8d:0f:78:10:03:54:d0:fc:64:29:8f:5a:
c1:34:5b:a6:17:0d:39:05:62:7a:f0:dd:5a:65:55:a2:c7:c5:
66:62:e4:dd:87:f0:16:41:cc:04:22:5f:36:f3:bf:cc:ea:b4:
4c:e3:73:97:8e:86:f4:57:7b:8d:3f:fe:0e:73:e2:57:6a:e8:
69:b5:ce:f9:63:eb:1d:b0:d0:dd:03:01:2f:31:19:fd:ee:81:
9f:ac:f5:7d:7d:53:50:6e:09:7b:ce:28:90:13:7d:fa:85:ea:
b9:52:63:ba:a0:4b:9c:e3:46:f6:7e:89:05:7a:37:d0:ef:d6:
0a:77:cf:8c:8e:dd:4a:45:4d:86:8c:8b:15:85:99:80:5c:7c:
9c:f8:10:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY5AaIXVGcB35i3kD1cQPw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNDE1MTAzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RkMWZmMTFiMzA3YTVlNzYyYzgyNGVlNzljOTAzOGZlMDg2ODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz5kIStGBiBkvinKi48zkAhm19DL
L5mcTbltAFFh9h69UOn43nsBJsRx4wFSZzMZeEX0UguUA/ayD6zNpW4ydt6T/ZJD
0PUgG92UCbU6w+RPdVu/KtK8VaCwvRrUzOkE2mO7KfSc8QfnNGM1/qdVRxA44yXh
VJMRYk5+Ki0n9Db6lkNQZQ6XEOUvZz57j+reUezp6GnzCFqq7rDnwW9CNdnghIVX
xWhQEJ7475RItVNduO4/cY2wf83y5ePiA5xvzi28BMY63SH5AkOWpj1Pm7ybtZ71
UKrA75BzIrm3ftwqKhm2hgytQu6RgMos2hUWMe1z95xluC49i3gKbbnBvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDzdH/EbMHpediyCTueckDj+CGiJMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvUE4wZjhSc3dlbDUyTElKTzU1eVFPUDRJYUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQgcAwQA
LQgfAwQALVBwMA0GCSqGSIb3DQEBCwUAA4IBAQAYlIIQqf8CyE+kGUJejZ3I8ujG
L7S6t8WXm/d7HQhJcwZjfZDFk8X/6ejJK19k2pmXN+u/EO0yXo2W60PZ+vnm1H1c
UCw0tKM4u7tFeHmzBmoKHDBgzHpLL9QlcEF+bXDIO8oCSH2KZ9EKIAHyKPn1v5yN
D3gQA1TQ/GQpj1rBNFumFw05BWJ68N1aZVWix8VmYuTdh/AWQcwEIl8287/M6rRM
43OXjob0V3uNP/4Oc+JXauhptc75Y+sdsNDdAwEvMRn97oGfrPV9fVNQbgl7ziiQ
E336heq5UmO6oEuc40b2fokFejfQ79YKd8+Mjt1KRU2GjIsVhZmAXHyc+BB/
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:29:55 2025 by rpki-client