Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/RBL9KvJn4Z6LF6Lv_aNjS2HVR-U.roa
File: RBL9KvJn4Z6LF6Lv_aNjS2HVR-U.roa (raw, json)
Hash identifier: NP4KRCGo3Ljqg4Eze3XSBXZxYUwfkkvdN2sm3o+jER4=
Subject key identifier: 44:12:FD:2A:F2:67:E1:9E:8B:17:A2:EF:FD:A3:63:4B:61:D5:47:E5
Certificate issuer: /CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Certificate serial: 019425FBF81CE3C6FD722E3E2668F036A34A
Authority key identifier: 03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/RBL9KvJn4Z6LF6Lv_aNjS2HVR-U.roa
Signing time: Thu 02 Jan 2025 07:47:37 +0000
ROA not before: Thu 02 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41653
IP address blocks: 45.141.172.0/22 maxlen: 24
91.199.0.0/24 maxlen: 24
95.128.40.0/21 maxlen: 24
178.212.228.0/24 maxlen: 24
185.66.232.0/22 maxlen: 24
194.105.152.0/23 maxlen: 24
195.14.22.0/24 maxlen: 24
2a02:ec0::/32 maxlen: 40
Validation: Failed, certificate revoked on Wed 02 Apr 2025 08:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f8:1c:e3:c6:fd:72:2e:3e:26:68:f0:36:a3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Validity
Not Before: Jan 2 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4412fd2af267e19e8b17a2effda3634b61d547e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:8e:51:85:8f:4b:55:e5:bb:e7:5e:cd:05:
7b:6a:01:7c:0b:86:af:fd:ed:85:b0:ad:d8:21:74:
9d:c5:ca:cb:75:72:22:7e:4a:32:4e:dd:88:d5:f5:
7d:6c:d3:17:d6:46:a6:cc:57:31:90:4c:9a:53:63:
84:f0:04:ac:15:f3:3a:65:62:bc:e6:8b:6b:1e:2b:
7d:19:09:e8:97:ca:47:ed:67:8c:49:12:59:82:f4:
0b:46:41:9b:5c:36:b7:d9:2e:9b:0d:63:db:3b:7c:
30:0c:b7:1d:42:d7:f0:e9:7d:d6:37:90:e7:2f:19:
56:11:53:3f:08:b1:a1:88:05:9e:fb:10:13:3f:0a:
41:e1:84:42:9c:62:8d:f0:6d:7e:03:b3:29:dd:dc:
aa:30:9e:fc:fe:9e:7b:b3:2f:d0:68:2d:3f:c9:df:
e4:ac:48:b8:77:d0:1d:5d:92:db:38:70:0a:88:7c:
71:5c:9f:44:49:d5:74:c1:82:f8:52:69:55:6d:dd:
41:bd:8f:cf:55:0a:65:e5:62:b1:26:01:9b:5c:06:
fb:84:da:ff:76:7f:d2:0a:d6:ea:b2:0e:27:d6:a5:
5b:fa:b3:7f:6c:a6:a7:e9:d6:60:d9:82:52:05:14:
72:32:25:98:c0:79:bd:fb:a0:d5:33:45:d7:a1:46:
1f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:12:FD:2A:F2:67:E1:9E:8B:17:A2:EF:FD:A3:63:4B:61:D5:47:E5
X509v3 Authority Key Identifier:
keyid:03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/RBL9KvJn4Z6LF6Lv_aNjS2HVR-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/AxGHu2TIff3S-gLy2F1HnsJoPlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.172.0/22
91.199.0.0/24
95.128.40.0/21
178.212.228.0/24
185.66.232.0/22
194.105.152.0/23
195.14.22.0/24
IPv6:
2a02:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
79:20:d3:db:93:9c:fb:6a:26:ae:06:d9:74:99:e3:8d:13:76:
1e:09:4f:4f:13:3c:ff:ee:c9:2d:4a:00:3c:b1:b6:c8:8b:6d:
9a:6a:6e:14:b8:cf:46:67:d8:10:7e:e0:b4:15:b3:1c:a9:c2:
12:5f:91:dd:35:e0:ad:24:1f:e8:19:ab:06:c2:1c:3c:73:6e:
8b:41:95:3c:30:c7:97:51:10:99:ff:4a:3b:76:73:e5:4f:9f:
87:a9:c1:9e:34:62:0c:7a:19:72:63:3a:74:a6:4c:cb:dd:9e:
e5:71:5e:4d:31:f2:99:1c:dc:ab:61:b5:bc:01:07:19:2f:03:
b9:7b:e2:0e:7c:1c:62:8f:41:eb:a9:15:28:ac:bc:bf:d9:7e:
e9:e3:3d:02:d0:e1:e8:17:8c:56:a2:2a:80:97:b4:de:27:31:
48:3a:78:f5:94:92:51:42:87:7f:45:38:a5:f0:64:a5:5f:3c:
7e:0c:a9:4d:be:6f:b3:37:f1:57:21:39:11:a2:c9:2c:62:69:
a9:10:b4:cd:87:c9:9f:2b:1c:2d:c4:1e:e7:c5:c7:47:16:53:
c4:c5:96:cc:25:ea:1c:dd:df:d1:b8:4f:83:f9:8c:e5:0f:a2:
e7:87:8f:bc:ea:41:ee:94:d5:6d:01:f5:ca:bb:9f:da:d4:aa:
62:39:3b:4f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQl+/gc48b9ci4+JmjwNqNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMTE4N2JiNjRjODdkZmRkMmZhMDJmMmQ4NWQ0NzllYzI2
ODNlNTcwHhcNMjUwMTAyMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDEyZmQyYWYyNjdlMTllOGIxN2EyZWZmZGEzNjM0YjYxZDU0N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvOOUYWPS1Xlu+dezQV7agF8C4av
/e2FsK3YIXSdxcrLdXIifkoyTt2I1fV9bNMX1kamzFcxkEyaU2OE8ASsFfM6ZWK8
5otrHit9GQnol8pH7WeMSRJZgvQLRkGbXDa32S6bDWPbO3wwDLcdQtfw6X3WN5Dn
LxlWEVM/CLGhiAWe+xATPwpB4YRCnGKN8G1+A7Mp3dyqMJ78/p57sy/QaC0/yd/k
rEi4d9AdXZLbOHAKiHxxXJ9ESdV0wYL4UmlVbd1BvY/PVQpl5WKxJgGbXAb7hNr/
dn/SCtbqsg4n1qVb+rN/bKan6dZg2YJSBRRyMiWYwHm9+6DVM0XXoUYfnwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEQS/SryZ+Geixei7/2jY0th1UflMB8GA1UdIwQY
MBaAFAMRh7tkyH390voC8thdR57CaD5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXhHSHUyVElmZjNTLWdMeTJGMUhuc0pvUGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9jMWVkMmMtYjQxZS00ZWJkLWFhZmIt
ZjIxNGYwY2MyNjJiLzEvUkJMOUt2Sm40WjZMRjZMdl9hTmpTMkhWUi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9jMWVkMmMtYjQxZS00ZWJkLWFhZmItZjIxNGYwY2MyNjJi
LzEvQXhHSHUyVElmZjNTLWdMeTJGMUhuc0pvUGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLY2sAwQA
W8cAAwQDX4AoAwQAstTkAwQCuULoAwQBwmmYAwQAww4WMA0EAgACMAcDBQAqAg7A
MA0GCSqGSIb3DQEBCwUAA4IBAQB5INPbk5z7aiauBtl0meONE3YeCU9PEzz/7skt
SgA8sbbIi22aam4UuM9GZ9gQfuC0FbMcqcISX5HdNeCtJB/oGasGwhw8c26LQZU8
MMeXURCZ/0o7dnPlT5+HqcGeNGIMehlyYzp0pkzL3Z7lcV5NMfKZHNyrYbW8AQcZ
LwO5e+IOfBxij0HrqRUorLy/2X7p4z0C0OHoF4xWoiqAl7TeJzFIOnj1lJJRQod/
RTil8GSlXzx+DKlNvm+zN/FXITkRosksYmmpELTNh8mfKxwtxB7nxcdHFlPExZbM
Jeoc3d/RuE+D+YzlD6Lnh4+86kHulNVtAfXKu5/a1KpiOTtP
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:20:56 2025 by rpki-client