Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1-3OaFvbnFb25yiGe3eRaR1ibzBw.roa
File: 1-3OaFvbnFb25yiGe3eRaR1ibzBw.roa (raw, json)
Hash identifier: TDc9eJ50KmK5GUqxXzWt8ixW8r8RsYDHfROMw7slneA=
Subject key identifier: FB:73:9A:16:F6:E7:15:BD:B9:CA:21:9E:DD:E4:5A:47:58:9B:CC:1C
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 01970C3B69DD829D534602CD9D338E9CF61E
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1-3OaFvbnFb25yiGe3eRaR1ibzBw.roa
Signing time: Mon 26 May 2025 10:55:09 +0000
ROA not before: Mon 26 May 2025 10:55:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 145.4.224.0/20 maxlen: 20
145.15.108.0/22 maxlen: 22
145.15.108.0/24 maxlen: 24
145.15.109.0/24 maxlen: 24
145.15.110.0/24 maxlen: 24
145.15.111.0/24 maxlen: 24
145.15.114.0/24 maxlen: 24
145.15.115.0/24 maxlen: 24
145.15.208.0/21 maxlen: 21
145.78.0.0/16 maxlen: 16
145.78.28.0/24 maxlen: 24
145.119.0.0/18 maxlen: 21
145.119.64.0/18 maxlen: 18
145.119.64.0/19 maxlen: 19
145.119.128.0/18 maxlen: 18
145.119.160.0/19 maxlen: 19
145.119.192.0/18 maxlen: 21
145.119.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:3b:69:dd:82:9d:53:46:02:cd:9d:33:8e:9c:f6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: May 26 10:55:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb739a16f6e715bdb9ca219edde45a47589bcc1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cf:1e:6b:a7:19:a4:d0:13:37:73:a1:8f:7f:
42:b5:8a:ac:d3:fd:c8:82:5b:5f:7c:81:ab:42:f2:
55:b2:df:78:a2:62:bc:b0:c4:e3:1f:7e:b7:6c:44:
4a:00:ab:7d:fc:eb:80:30:6f:d2:fd:85:57:a6:ec:
51:59:e6:25:3e:dd:41:7f:84:a7:5f:81:33:ab:d6:
ca:2e:aa:70:c2:64:fd:4b:12:68:55:49:60:bb:69:
3f:4a:46:d1:7b:af:9c:96:4c:9b:78:ce:2c:0b:de:
b3:7d:74:cd:bd:81:70:a9:92:d5:39:85:0f:7a:e8:
50:b2:cd:59:54:f0:0f:f3:b1:ab:79:7f:c2:9a:c4:
96:74:54:0c:40:ee:97:43:49:b9:f9:b7:f8:78:70:
bd:c6:ab:e7:f6:83:ee:ca:26:f5:0a:e5:37:8a:81:
90:29:53:25:92:9a:65:8d:43:00:27:33:60:55:4f:
82:0e:bd:fa:33:09:05:33:8a:be:50:ab:24:ec:8f:
87:65:28:c2:5a:e5:41:58:d0:57:31:17:ae:e7:00:
72:45:b0:51:3a:0a:91:b1:3b:aa:a1:f5:ea:75:92:
85:15:4e:0d:64:13:59:ff:2f:f7:70:74:4d:92:8e:
9b:85:bd:12:9c:47:6a:83:4e:a6:3e:13:c8:f0:4f:
ab:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:73:9A:16:F6:E7:15:BD:B9:CA:21:9E:DD:E4:5A:47:58:9B:CC:1C
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1-3OaFvbnFb25yiGe3eRaR1ibzBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.4.224.0/20
145.15.108.0/22
145.15.114.0/23
145.15.208.0/21
145.78.0.0/16
145.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:a5:27:d9:90:8a:2d:f3:48:c9:32:41:eb:fd:9d:7d:f1:bc:
a3:9e:ea:1a:cd:d0:74:32:9c:af:72:d7:b2:93:d0:4e:41:44:
f4:60:6d:1e:42:be:a7:a4:99:38:88:1b:c2:25:da:c6:a7:db:
9a:b8:6f:c8:22:2b:7d:4b:2f:13:59:59:d5:dc:5d:7d:7a:47:
ad:4b:4d:ba:e7:f8:e4:7a:2d:ab:a0:ea:23:e2:57:ac:a9:90:
e1:aa:97:41:a3:ae:3f:d6:b9:39:29:f9:b6:0e:08:b1:1b:7c:
5d:4e:d4:e2:e9:fe:2d:25:ad:d9:31:25:e9:3b:77:32:90:39:
83:71:bc:29:03:6e:58:70:a5:45:20:3c:b5:76:9c:e1:b4:10:
fc:3f:79:7c:b3:d3:b7:d6:52:63:fb:69:82:4b:7e:09:b8:6c:
e4:c0:a3:2f:88:2d:61:f1:be:39:17:b5:6a:fc:2b:75:bf:00:
cf:c2:bf:d0:66:9d:32:f4:36:3e:c6:47:3f:15:f9:08:3c:1d:
0a:b5:13:af:b9:e4:5c:76:ec:8d:cb:83:87:e6:d4:cb:e5:47:
e2:81:05:23:6a:e5:fc:18:a8:01:93:23:5e:86:dc:e6:26:85:
fe:cc:ac:1e:35:a1:81:a7:89:0b:48:0c:95:0e:20:85:54:d1:
39:dd:25:f1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcMO2ndgp1TRgLNnTOOnPYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwNTI2MTA1NTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjczOWExNmY2ZTcxNWJkYjljYTIxOWVkZGU0NWE0NzU4OWJjYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt88ea6cZpNATN3Ohj39CtYqs0/3I
gltffIGrQvJVst94omK8sMTjH363bERKAKt9/OuAMG/S/YVXpuxRWeYlPt1Bf4Sn
X4Ezq9bKLqpwwmT9SxJoVUlgu2k/SkbRe6+clkybeM4sC96zfXTNvYFwqZLVOYUP
euhQss1ZVPAP87GreX/CmsSWdFQMQO6XQ0m5+bf4eHC9xqvn9oPuyib1CuU3ioGQ
KVMlkppljUMAJzNgVU+CDr36MwkFM4q+UKsk7I+HZSjCWuVBWNBXMReu5wByRbBR
OgqRsTuqofXqdZKFFU4NZBNZ/y/3cHRNko6bhb0SnEdqg06mPhPI8E+rNwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPtzmhb25xW9ucohnt3kWkdYm8wcMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvMS0zT2FGdmJuRmIyNXlpR2UzZVJhUjFpYnpCdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5
ZC8xL0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIgMEBJEE4AME
ApEPbAMEAZEPcgMEA5EP0AMDAJFOAwMAkXcwDQYJKoZIhvcNAQELBQADggEBAJCl
J9mQii3zSMkyQev9nX3xvKOe6hrN0HQynK9y17KT0E5BRPRgbR5CvqekmTiIG8Il
2san25q4b8giK31LLxNZWdXcXX16R61LTbrn+OR6Laug6iPiV6ypkOGql0Gjrj/W
uTkp+bYOCLEbfF1O1OLp/i0lrdkxJek7dzKQOYNxvCkDblhwpUUgPLV2nOG0EPw/
eXyz07fWUmP7aYJLfgm4bOTAoy+ILWHxvjkXtWr8K3W/AM/Cv9BmnTL0Nj7GRz8V
+Qg8HQq1E6+55Fx27I3Lg4fm1MvlR+KBBSNq5fwYqAGTI16G3OYmhf7MrB41oYGn
iQtIDJUOIIVU0TndJfE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:51:59 2025 by rpki-client