Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/RflQd289g1m4-jQvOHg38FqANJI.roa
File: RflQd289g1m4-jQvOHg38FqANJI.roa (raw, json)
Hash identifier: hIye1MtYDgBSNTEvSJYxMvEniZsc2QWJM3cwgGGlGjQ=
Subject key identifier: 45:F9:50:77:6F:3D:83:59:B8:FA:34:2F:38:78:37:F0:5A:80:34:92
Certificate issuer: /CN=addd2a815060aa7e621a2094349758b2036896f0
Certificate serial: 0194B109613DDD196E47FC4A4E1DBF9C4B30
Authority key identifier: AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/RflQd289g1m4-jQvOHg38FqANJI.roa
Signing time: Wed 29 Jan 2025 07:49:29 +0000
ROA not before: Wed 29 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 37.44.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:09:61:3d:dd:19:6e:47:fc:4a:4e:1d:bf:9c:4b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=addd2a815060aa7e621a2094349758b2036896f0
Validity
Not Before: Jan 29 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45f950776f3d8359b8fa342f387837f05a803492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:40:12:6e:74:1f:dd:65:14:ad:2f:56:8d:2a:
ab:d7:92:8c:ee:f4:cc:9b:5b:80:91:0a:76:38:08:
64:22:8e:f6:44:fb:45:2c:3b:ff:25:db:95:99:4e:
47:d3:cb:b2:10:1e:3a:80:d9:42:0c:4d:85:69:9d:
ac:94:6b:ba:59:fd:8f:44:5b:de:d7:44:41:4b:60:
30:45:04:01:95:95:71:77:f7:2f:65:85:9d:15:72:
29:a4:84:97:46:81:1a:92:87:92:d3:3a:d8:25:3c:
08:8b:63:91:eb:01:02:9d:47:d4:75:57:d9:17:22:
6a:a7:6e:b6:9c:f0:e1:85:2d:d2:ac:b8:74:22:0b:
fe:5e:9e:d9:53:c5:13:fb:31:b2:44:9a:bb:16:e6:
ba:4b:3a:6f:4c:d6:f2:6b:83:57:07:59:8a:87:25:
4f:a4:ac:b6:f1:bb:78:d5:ac:65:1e:48:be:1b:ff:
68:aa:34:68:27:2c:00:a6:80:7f:dd:a2:3b:4a:15:
c0:d9:73:32:8d:98:f7:ec:0a:24:00:6a:27:f2:51:
71:96:78:36:2a:9e:18:89:1d:ea:cf:40:83:76:cf:
d5:4e:9d:03:97:86:7b:b6:cf:a5:54:c8:f9:a4:8f:
9c:fa:56:1f:d9:4a:11:1b:3e:c5:33:f3:f3:60:d7:
d9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F9:50:77:6F:3D:83:59:B8:FA:34:2F:38:78:37:F0:5A:80:34:92
X509v3 Authority Key Identifier:
keyid:AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/RflQd289g1m4-jQvOHg38FqANJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.252.0/22
Signature Algorithm: sha256WithRSAEncryption
58:6a:db:45:73:bd:91:a8:e5:87:6d:fd:70:c0:b9:29:12:2a:
a4:84:ca:e6:43:48:ac:99:57:ae:95:2b:86:30:e9:cf:55:9a:
86:e3:60:05:c3:93:44:cb:a8:cc:eb:82:52:6a:25:13:08:15:
bb:ab:9a:e8:41:14:c7:5e:b3:d0:cf:01:77:7d:16:8d:93:19:
d1:a6:c9:07:58:40:39:53:96:04:63:7c:e7:52:bd:13:a9:84:
11:e0:b1:91:f5:56:60:dc:0f:a0:e6:7a:bc:5e:ed:27:eb:85:
0e:11:b7:1b:68:68:e0:09:a7:a3:3d:53:db:eb:e7:31:90:76:
8b:c2:cd:7c:b4:a4:48:a4:4a:80:f2:7c:63:57:47:a9:67:1b:
06:e5:e6:3a:32:17:c1:01:f0:db:2e:e5:06:82:10:c5:51:bb:
a6:04:60:0b:07:d2:e3:d0:14:19:81:ad:21:87:0f:af:8b:38:
f5:91:c2:89:c7:87:fb:6f:7a:40:05:fb:4d:a3:4f:21:2e:90:
3b:84:c5:15:08:40:06:08:9c:b4:8b:e5:36:89:52:ae:eb:ea:
01:94:79:a8:c6:a5:57:02:c4:22:8c:b9:ae:5a:ad:60:04:02:
37:d6:79:39:73:92:20:88:15:4b:ab:c2:a5:1b:43:11:1e:1f:
08:55:ee:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSxCWE93RluR/xKTh2/nEswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZGQyYTgxNTA2MGFhN2U2MjFhMjA5NDM0OTc1OGIyMDM2
ODk2ZjAwHhcNMjUwMTI5MDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY5NTA3NzZmM2Q4MzU5YjhmYTM0MmYzODc4MzdmMDVhODAzNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00ASbnQf3WUUrS9WjSqr15KM7vTM
m1uAkQp2OAhkIo72RPtFLDv/JduVmU5H08uyEB46gNlCDE2FaZ2slGu6Wf2PRFve
10RBS2AwRQQBlZVxd/cvZYWdFXIppISXRoEakoeS0zrYJTwIi2OR6wECnUfUdVfZ
FyJqp262nPDhhS3SrLh0Igv+Xp7ZU8UT+zGyRJq7Fua6SzpvTNbya4NXB1mKhyVP
pKy28bt41axlHki+G/9oqjRoJywApoB/3aI7ShXA2XMyjZj37AokAGon8lFxlng2
Kp4YiR3qz0CDds/VTp0Dl4Z7ts+lVMj5pI+c+lYf2UoRGz7FM/PzYNfZlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEX5UHdvPYNZuPo0Lzh4N/BagDSSMB8GA1UdIwQY
MBaAFK3dKoFQYKp+YhoglDSXWLIDaJbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmQwcWdWQmdxbjVpR2lDVU5KZFlzZ05vbHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNGZhNDgtM2JlOC00ZmEzLWE0MzYt
OGEwZDBiZjBiNTc3LzEvUmZsUWQyODlnMW00LWpRdk9IZzM4RnFBTkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNGZhNDgtM2JlOC00ZmEzLWE0MzYtOGEwZDBiZjBiNTc3
LzEvcmQwcWdWQmdxbjVpR2lDVU5KZFlzZ05vbHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJSz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBYattFc72RqOWHbf1wwLkpEiqkhMrmQ0ismVeulSuG
MOnPVZqG42AFw5NEy6jM64JSaiUTCBW7q5roQRTHXrPQzwF3fRaNkxnRpskHWEA5
U5YEY3znUr0TqYQR4LGR9VZg3A+g5nq8Xu0n64UOEbcbaGjgCaejPVPb6+cxkHaL
ws18tKRIpEqA8nxjV0epZxsG5eY6MhfBAfDbLuUGghDFUbumBGALB9Lj0BQZga0h
hw+vizj1kcKJx4f7b3pABftNo08hLpA7hMUVCEAGCJy0i+U2iVKu6+oBlHmoxqVX
AsQijLmuWq1gBAI31nk5c5IgiBVLq8KlG0MRHh8IVe4T
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:35:01 2025 by rpki-client