Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wBi4Ycp1DrTYXmpsIpYybD_RouA.roa
File: wBi4Ycp1DrTYXmpsIpYybD_RouA.roa (raw, json)
Hash identifier: Jtjto6EMqO7XOEv1wvMWweqXmV0nnnwbRCHiSAtjurk=
Subject key identifier: C0:18:B8:61:CA:75:0E:B4:D8:5E:6A:6C:22:96:32:6C:3F:D1:A2:E0
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0195FA0B75E7C992D7E9C3674D524CF1A5BD
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wBi4Ycp1DrTYXmpsIpYybD_RouA.roa
Signing time: Thu 03 Apr 2025 05:06:49 +0000
ROA not before: Thu 03 Apr 2025 05:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 45.152.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 03 Apr 2025 07:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:0b:75:e7:c9:92:d7:e9:c3:67:4d:52:4c:f1:a5:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Apr 3 05:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c018b861ca750eb4d85e6a6c2296326c3fd1a2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:36:23:fd:86:4b:f4:1b:b0:95:a3:2f:94:c3:
af:53:b8:59:b8:e7:8e:67:1e:8a:c4:f2:ca:d9:0a:
09:81:39:8f:25:86:29:ca:b6:7f:43:c4:89:f5:a7:
94:0f:e2:b7:eb:91:78:d3:c2:a8:c4:b2:74:70:30:
5c:54:b2:40:39:81:75:54:db:48:65:02:e7:2a:ca:
ab:cb:e5:f1:e2:b6:70:42:5b:b3:f0:8d:9a:50:13:
5d:b8:a3:5f:b2:f7:aa:59:9e:61:82:3c:cc:34:60:
37:bf:4b:1c:3e:23:20:60:fb:1a:65:9f:ac:c9:3a:
e5:a0:69:2c:65:e6:23:26:f6:64:14:f0:eb:2c:bc:
41:b7:24:26:73:d8:89:d3:8f:78:bd:cd:be:58:3f:
99:0b:ef:6f:f2:f8:8e:e2:78:93:23:75:e7:e3:20:
ad:44:dc:f8:c8:f1:33:17:ad:9e:89:55:88:a0:4e:
d2:4f:c4:d4:d1:63:bf:e6:5d:eb:fb:f6:44:80:26:
7a:ef:94:a8:f8:b0:af:4d:35:7a:df:12:6a:f2:13:
5c:8d:08:29:dc:cb:11:b2:aa:1c:a7:f4:a3:78:64:
e2:64:59:e3:3b:2a:da:c4:87:fd:e5:36:08:68:82:
ec:e6:89:d6:eb:38:27:c7:38:cd:5b:84:b2:eb:54:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:18:B8:61:CA:75:0E:B4:D8:5E:6A:6C:22:96:32:6C:3F:D1:A2:E0
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wBi4Ycp1DrTYXmpsIpYybD_RouA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:c3:ec:01:c6:2b:fe:ec:ac:f3:cb:02:68:71:e3:78:c0:7c:
a7:f6:01:09:71:a0:d4:be:8c:9b:69:ba:2a:2e:63:32:51:c4:
01:f7:54:86:b1:9b:70:ea:6d:65:58:32:1c:36:06:4d:7d:ab:
c4:e0:6a:aa:46:fc:0f:fc:a1:0f:d5:c3:f5:83:95:51:9a:b5:
bf:98:b9:ea:7e:5a:0b:ac:1e:6c:e8:89:fc:1e:19:f3:6a:e3:
5a:7e:28:67:64:52:bf:f9:60:8d:dd:5a:e0:8f:78:10:cb:5b:
41:04:84:bc:fc:b8:d0:85:0c:c6:48:9d:96:29:e2:5e:e6:7a:
35:04:02:cc:4a:35:0f:7e:4e:a0:53:ca:56:19:2e:1b:10:b2:
b8:32:5c:a3:73:38:a3:7b:25:39:91:94:50:37:96:01:81:7a:
5f:d7:bd:71:de:77:23:da:09:49:3b:56:bb:e1:96:d3:1a:48:
c0:8c:55:71:60:c0:c7:07:71:b0:1e:20:77:2f:21:f1:9e:7f:
e1:43:ac:44:20:41:43:49:f3:94:bb:20:56:d9:b3:0f:55:ff:
b0:18:12:d3:93:16:1c:de:e3:c3:8a:a3:b7:2a:72:26:c4:e2:
a6:cb:e6:ba:df:40:7c:8a:f1:f9:e1:5d:3c:5c:f4:ef:f8:32:
7a:25:42:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX6C3XnyZLX6cNnTVJM8aW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNDAzMDUwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDE4Yjg2MWNhNzUwZWI0ZDg1ZTZhNmMyMjk2MzI2YzNmZDFhMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zYj/YZL9BuwlaMvlMOvU7hZuOeO
Zx6KxPLK2QoJgTmPJYYpyrZ/Q8SJ9aeUD+K365F408KoxLJ0cDBcVLJAOYF1VNtI
ZQLnKsqry+Xx4rZwQluz8I2aUBNduKNfsveqWZ5hgjzMNGA3v0scPiMgYPsaZZ+s
yTrloGksZeYjJvZkFPDrLLxBtyQmc9iJ0494vc2+WD+ZC+9v8viO4niTI3Xn4yCt
RNz4yPEzF62eiVWIoE7ST8TU0WO/5l3r+/ZEgCZ675So+LCvTTV63xJq8hNcjQgp
3MsRsqocp/SjeGTiZFnjOyraxIf95TYIaILs5onW6zgnxzjNW4Sy61S2MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAYuGHKdQ602F5qbCKWMmw/0aLgMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvd0JpNFljcDFEclRZWG1wc0lwWXliRF9Sb3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZikMA0G
CSqGSIb3DQEBCwUAA4IBAQCpw+wBxiv+7KzzywJoceN4wHyn9gEJcaDUvoybaboq
LmMyUcQB91SGsZtw6m1lWDIcNgZNfavE4GqqRvwP/KEP1cP1g5VRmrW/mLnqfloL
rB5s6In8HhnzauNafihnZFK/+WCN3Vrgj3gQy1tBBIS8/LjQhQzGSJ2WKeJe5no1
BALMSjUPfk6gU8pWGS4bELK4MlyjczijeyU5kZRQN5YBgXpf171x3ncj2glJO1a7
4ZbTGkjAjFVxYMDHB3GwHiB3LyHxnn/hQ6xEIEFDSfOUuyBW2bMPVf+wGBLTkxYc
3uPDiqO3KnImxOKmy+a630B8ivH54V08XPTv+DJ6JULI
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:52:30 2025 by rpki-client