Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SEs10PkA_SE2vZxmxnN_3RImquw.roa
File: SEs10PkA_SE2vZxmxnN_3RImquw.roa (raw, json)
Hash identifier: 6eMcvYn0KCcUFMz/uF0oeHvFqzw5izvvYq3FqYZYd7E=
Subject key identifier: 48:4B:35:D0:F9:00:FD:21:36:BD:9C:66:C6:73:7F:DD:12:26:AA:EC
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019643E65420DCFC9932BAA7D39F080FA8E8
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SEs10PkA_SE2vZxmxnN_3RImquw.roa
Signing time: Thu 17 Apr 2025 13:18:10 +0000
ROA not before: Thu 17 Apr 2025 13:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
46.249.110.0/24 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
178.173.232.0/21 maxlen: 24
185.231.172.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 14:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:e6:54:20:dc:fc:99:32:ba:a7:d3:9f:08:0f:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 17 13:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=484b35d0f900fd2136bd9c66c6737fdd1226aaec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7f:39:56:00:7e:93:5f:22:b8:6e:57:30:12:
96:e7:e3:d7:56:a7:f6:8a:27:fa:c5:88:e7:26:08:
e1:9f:42:de:08:9c:84:16:b8:ef:f8:4f:2c:22:6f:
26:d7:64:47:22:d8:76:cb:18:bb:4d:12:63:6c:14:
2f:c6:d7:bb:b8:a4:a1:81:76:6e:26:80:ae:51:71:
ea:95:01:8a:ac:68:c0:9d:fd:b7:a6:0f:8c:e1:74:
86:2c:e9:bb:36:7a:e8:8d:3e:f8:b2:75:9c:eb:6b:
2c:2c:0d:5b:6d:da:d1:96:f4:84:d8:05:c7:15:5e:
f2:8f:06:6e:64:f5:24:a4:6b:34:72:a2:a9:30:1d:
26:b0:5b:99:11:6e:1b:6b:71:81:d7:12:6b:39:b9:
1f:6c:3a:33:b9:42:08:db:35:53:33:b5:0f:98:27:
51:61:ef:9e:e6:cc:99:c9:3a:a3:20:df:be:a1:65:
04:4c:c7:32:d2:ff:c1:d1:c5:1d:c8:52:1a:f6:5f:
b9:c0:8e:6a:72:c3:7f:cd:9f:77:d6:e8:87:fe:ab:
72:6c:7d:a9:f0:c5:e0:2b:1a:3b:88:e3:46:54:10:
8a:01:64:b0:47:be:15:e4:ec:ea:10:8b:56:1b:cd:
dc:b2:96:7a:47:e6:fa:16:9e:bc:06:17:1d:ff:2f:
ea:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4B:35:D0:F9:00:FD:21:36:BD:9C:66:C6:73:7F:DD:12:26:AA:EC
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SEs10PkA_SE2vZxmxnN_3RImquw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
46.249.110.0/24
82.115.28.0/23
89.251.10.0/24
159.255.32.0/21
178.173.232.0/21
185.231.172.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
42:3e:7f:5f:ad:80:eb:a9:14:0e:5d:f8:ff:f3:48:58:59:2c:
6d:f7:29:c5:5c:b3:fe:68:fa:2c:15:c6:ee:b1:09:74:90:e9:
7b:43:e3:b3:9c:00:06:e1:1e:ad:61:43:fe:4e:f9:46:ca:0a:
5f:11:06:d3:d1:f1:da:aa:c6:5f:7a:f4:b5:f0:c0:dd:1c:d9:
e9:54:14:68:a3:9b:1f:4f:40:03:6f:52:0c:e4:42:03:3c:db:
ac:22:c1:2a:60:85:53:47:db:d0:fe:28:5f:4c:ee:16:d7:41:
56:9f:38:ec:71:a1:6e:0b:bf:12:aa:d1:2a:0f:38:43:a5:b2:
57:76:2b:af:d4:ec:44:d2:66:ed:95:4c:e7:6d:ab:90:e9:43:
aa:d7:08:03:b6:41:52:03:86:5a:ff:bf:34:06:14:9d:7c:c9:
8b:d7:5c:db:a5:38:8a:d6:1f:dc:d6:5d:94:0e:d0:53:63:94:
98:6c:ad:3f:6f:0d:cc:d6:e6:5d:f2:e1:28:60:0a:7c:b6:33:
35:df:83:08:17:97:5f:bb:ed:f4:b1:3e:0d:8d:0c:74:3d:af:
43:4a:6d:8a:65:df:c7:fc:3d:0a:3b:f7:f0:eb:97:a7:f0:c9:
b3:8a:23:76:b7:ad:f7:b4:43:91:81:84:21:da:d6:6b:fa:45:
a4:f9:26:57
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZZD5lQg3PyZMrqn058ID6joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDE3MTMxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODRiMzVkMGY5MDBmZDIxMzZiZDljNjZjNjczN2ZkZDEyMjZhYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6385VgB+k18iuG5XMBKW5+PXVqf2
iif6xYjnJgjhn0LeCJyEFrjv+E8sIm8m12RHIth2yxi7TRJjbBQvxte7uKShgXZu
JoCuUXHqlQGKrGjAnf23pg+M4XSGLOm7NnrojT74snWc62ssLA1bbdrRlvSE2AXH
FV7yjwZuZPUkpGs0cqKpMB0msFuZEW4ba3GB1xJrObkfbDozuUII2zVTM7UPmCdR
Ye+e5syZyTqjIN++oWUETMcy0v/B0cUdyFIa9l+5wI5qcsN/zZ931uiH/qtybH2p
8MXgKxo7iONGVBCKAWSwR74V5OzqEItWG83cspZ6R+b6Fp68Bhcd/y/qpQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEhLNdD5AP0hNr2cZsZzf90SJqrsMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvU0VzMTBQa0FfU0Uydlp4bXhuTl8zUkltcXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBLYsGAwQA
LvluAwQBUnMcAwQAWfsKAwQDn/8gAwQDsq3oAwQCueesAwQDvP0IAwQByoVaAwQC
1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQBCPn9frYDrqRQOXfj/80hYWSxt9ynFXLP+
aPosFcbusQl0kOl7Q+OznAAG4R6tYUP+TvlGygpfEQbT0fHaqsZfevS18MDdHNnp
VBRoo5sfT0ADb1IM5EIDPNusIsEqYIVTR9vQ/ihfTO4W10FWnzjscaFuC78SqtEq
DzhDpbJXdiuv1OxE0mbtlUznbauQ6UOq1wgDtkFSA4Za/780BhSdfMmL11zbpTiK
1h/c1l2UDtBTY5SYbK0/bw3M1uZd8uEoYAp8tjM134MIF5dfu+30sT4NjQx0Pa9D
Sm2KZd/H/D0KO/fw65en8MmziiN2t633tEORgYQh2tZr+kWk+SZX
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:17:29 2025 by rpki-client