Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/rL34Zx3MRADUFrzSQt9bwM1D_JI.roa
File: rL34Zx3MRADUFrzSQt9bwM1D_JI.roa (raw, json)
Hash identifier: oPsZprb4foVFPn2N6OkKBvbOQ+MMDT4IltrbvZikcNs=
Subject key identifier: AC:BD:F8:67:1D:CC:44:00:D4:16:BC:D2:42:DF:5B:C0:CD:43:FC:92
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0195FABA53DB51A5AB58C50A63C368085891
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/rL34Zx3MRADUFrzSQt9bwM1D_JI.roa
Signing time: Thu 03 Apr 2025 08:17:49 +0000
ROA not before: Thu 03 Apr 2025 08:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 45.152.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 03 Apr 2025 10:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:ba:53:db:51:a5:ab:58:c5:0a:63:c3:68:08:58:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Apr 3 08:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acbdf8671dcc4400d416bcd242df5bc0cd43fc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:69:61:34:c5:17:4e:50:72:ff:c8:4e:41:
92:f0:05:49:91:72:76:9f:75:df:22:d4:1d:2e:dc:
df:49:0f:7a:ac:09:65:aa:67:74:42:ed:a7:6a:b7:
da:b9:98:a9:a2:aa:bc:10:e3:78:03:b5:0f:cb:18:
9b:3f:81:e3:46:f4:54:49:f2:e2:a5:f3:b6:33:13:
0e:08:c8:5a:98:8d:83:b2:b1:53:e1:a5:05:96:70:
f4:38:d8:03:45:9c:0c:52:4e:04:5b:18:2e:90:09:
52:a9:5a:10:59:22:9b:3e:87:a2:81:fd:09:82:f0:
e8:e3:93:f6:e4:28:2a:0d:dd:83:8c:2a:bd:0d:02:
12:25:52:18:72:64:55:c8:a8:9c:6b:19:f0:4b:b8:
8f:45:87:7d:2f:da:9b:c9:83:0c:d5:65:c1:23:8d:
17:13:5e:80:39:33:3e:34:40:dd:ac:9a:49:d9:7f:
f3:67:bd:95:ed:1b:16:3c:a0:02:7f:a2:78:10:71:
0b:44:24:d8:8e:e2:3b:b6:e8:68:87:ce:e1:42:b7:
bb:45:c3:7e:99:63:3a:72:d5:70:85:2d:35:ad:03:
20:68:03:32:82:80:67:ad:83:66:f7:da:ab:73:77:
3a:7c:e7:b3:c3:2a:8c:70:66:30:f9:50:42:93:77:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:BD:F8:67:1D:CC:44:00:D4:16:BC:D2:42:DF:5B:C0:CD:43:FC:92
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/rL34Zx3MRADUFrzSQt9bwM1D_JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.164.0/22
Signature Algorithm: sha256WithRSAEncryption
21:67:2e:6c:06:e8:04:67:ea:1e:2a:83:bd:70:a7:bd:e4:97:
80:c4:21:e3:c9:e1:58:23:d5:4c:4d:76:04:66:86:92:c0:f1:
64:da:90:ea:2c:c0:af:03:d4:f8:7d:5d:2b:91:07:83:5a:aa:
1a:a5:85:65:ff:a9:93:5b:89:d0:85:01:a9:d9:a5:64:95:57:
86:cb:78:8a:7a:54:a1:45:b6:bc:6d:a7:f4:da:fa:a0:0b:d6:
fc:e8:39:2a:04:a0:e1:a5:56:62:41:0d:1f:4a:83:f3:c6:ca:
5e:a4:80:d7:21:f0:8a:a5:88:d4:89:e0:c2:ef:78:8a:89:26:
c0:4d:ad:fa:aa:a2:c6:ce:46:7c:16:32:2c:78:3d:7e:36:c7:
c5:1f:57:47:63:05:3c:5c:7e:e5:ac:3c:cb:7d:a4:2d:67:2b:
9f:a1:3d:46:38:10:59:b3:b7:cc:52:15:df:4c:72:ef:bf:ea:
61:32:99:59:f9:a7:c2:84:ab:54:7c:be:28:5c:b5:15:e0:ab:
b0:c0:4b:ef:01:cd:8e:61:fe:82:ad:e8:23:28:f6:76:8c:8f:
e1:62:4b:3f:ff:24:c1:e7:c4:d7:a5:c0:f4:06:5b:e6:7f:d2:
8e:b3:93:bd:0c:62:9f:5d:1d:52:f1:b5:64:ec:2d:90:28:c9:
03:59:cd:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX6ulPbUaWrWMUKY8NoCFiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNDAzMDgxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2JkZjg2NzFkY2M0NDAwZDQxNmJjZDI0MmRmNWJjMGNkNDNmYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SppYTTFF05Qcv/ITkGS8AVJkXJ2
n3XfItQdLtzfSQ96rAllqmd0Qu2narfauZipoqq8EON4A7UPyxibP4HjRvRUSfLi
pfO2MxMOCMhamI2DsrFT4aUFlnD0ONgDRZwMUk4EWxgukAlSqVoQWSKbPoeigf0J
gvDo45P25CgqDd2DjCq9DQISJVIYcmRVyKicaxnwS7iPRYd9L9qbyYMM1WXBI40X
E16AOTM+NEDdrJpJ2X/zZ72V7RsWPKACf6J4EHELRCTYjuI7tuhoh87hQre7RcN+
mWM6ctVwhS01rQMgaAMygoBnrYNm99qrc3c6fOezwyqMcGYw+VBCk3ePrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKy9+GcdzEQA1Ba80kLfW8DNQ/ySMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvckwzNFp4M01SQURVRnJ6U1F0OWJ3TTFEX0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZikMA0G
CSqGSIb3DQEBCwUAA4IBAQAhZy5sBugEZ+oeKoO9cKe95JeAxCHjyeFYI9VMTXYE
ZoaSwPFk2pDqLMCvA9T4fV0rkQeDWqoapYVl/6mTW4nQhQGp2aVklVeGy3iKelSh
Rba8baf02vqgC9b86DkqBKDhpVZiQQ0fSoPzxspepIDXIfCKpYjUieDC73iKiSbA
Ta36qqLGzkZ8FjIseD1+NsfFH1dHYwU8XH7lrDzLfaQtZyufoT1GOBBZs7fMUhXf
THLvv+phMplZ+afChKtUfL4oXLUV4KuwwEvvAc2OYf6CregjKPZ2jI/hYks//yTB
58TXpcD0Blvmf9KOs5O9DGKfXR1S8bVk7C2QKMkDWc0X
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:08:14 2025 by rpki-client