Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/yrONWCSosPftAgBjkhEBBt6jrEI.roa
File: yrONWCSosPftAgBjkhEBBt6jrEI.roa (raw, json)
Hash identifier: m2jcM7zrzBLAGt4Ko/E6DJwNnR/YrKG385+xxXxedRE=
Subject key identifier: CA:B3:8D:58:24:A8:B0:F7:ED:02:00:63:92:11:01:06:DE:A3:AC:42
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0197551968041B124136FC25E41AA0B9DA7A
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/yrONWCSosPftAgBjkhEBBt6jrEI.roa
Signing time: Mon 09 Jun 2025 14:30:17 +0000
ROA not before: Mon 09 Jun 2025 14:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.140.58.0/24 maxlen: 24
45.149.4.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 09:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:19:68:04:1b:12:41:36:fc:25:e4:1a:a0:b9:da:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jun 9 14:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cab38d5824a8b0f7ed02006392110106dea3ac42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:a3:2c:de:3f:2a:43:79:7a:ff:29:fd:3c:
13:ec:20:82:a3:6b:80:2a:52:eb:ce:4e:98:64:d0:
d8:ef:e1:12:2b:10:02:84:62:9e:e6:90:9d:ae:0f:
21:6b:b3:69:02:a7:75:98:29:33:96:52:48:dc:ee:
87:e5:13:1a:f8:1f:71:62:b1:a3:d1:fa:ba:80:d9:
c0:fe:f2:42:dc:87:93:30:5a:8f:1e:bd:9f:6b:c8:
fc:da:64:fe:d6:d8:db:83:8b:82:22:01:b7:d1:81:
4e:a1:95:d0:ef:1f:4c:20:b8:b5:61:99:d1:be:e8:
4a:17:b3:ff:28:11:e6:b7:17:0e:3a:91:47:41:6f:
2a:8d:1a:89:5d:58:76:a3:9c:d5:82:48:33:6c:09:
1c:55:17:44:36:00:0b:f7:5e:1b:bc:12:07:7d:d3:
de:32:ab:bf:2e:2f:56:5e:99:5b:5b:6b:03:49:78:
0e:2f:15:f0:fc:9a:24:9e:01:b2:5e:b9:18:42:08:
0a:3b:5a:31:ea:db:91:98:9b:b9:de:0b:17:57:74:
02:90:dc:f0:08:8c:d4:8b:2f:8f:c7:f8:77:49:19:
2e:ee:ee:b0:c4:6e:bc:95:37:91:4e:3e:b5:12:45:
59:76:81:93:81:71:22:45:82:01:02:06:6c:a0:67:
ba:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B3:8D:58:24:A8:B0:F7:ED:02:00:63:92:11:01:06:DE:A3:AC:42
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/yrONWCSosPftAgBjkhEBBt6jrEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.58.0/24
45.149.4.0/24
212.81.47.0/24
Signature Algorithm: sha256WithRSAEncryption
82:4a:30:5b:97:0f:bb:08:d7:f9:ba:19:27:8a:8a:83:d8:85:
d0:69:5c:ac:54:0c:09:fc:e6:d1:b3:fb:f6:e1:ac:1c:b4:07:
0f:47:21:9f:f9:7f:a9:6b:23:e9:1d:63:b3:e9:0b:f3:12:50:
d2:1c:ce:b8:e5:55:4d:6f:30:b6:46:3f:f1:a1:6b:60:98:5e:
e8:95:19:a8:7b:22:3a:8a:48:ce:a4:45:7e:47:d6:0d:c3:5e:
21:7a:70:bf:06:30:7b:ec:e6:71:fd:b2:c2:27:09:5b:2b:ee:
76:4c:8b:e7:7f:4d:ed:14:70:84:fa:e5:2f:40:88:34:8e:41:
3a:82:fe:b1:cd:04:3f:05:a0:b6:22:27:99:5b:a9:15:e3:bc:
98:86:ef:db:a5:f2:d5:b2:9a:de:ca:01:d6:4c:9e:0b:7a:1a:
7e:ac:69:3f:6d:85:ff:23:4d:4a:25:2f:26:d4:69:57:aa:12:
d2:b3:f5:00:3e:37:85:fb:3f:86:2e:84:c8:0b:29:68:1f:c6:
27:db:78:46:fa:d5:db:8c:c9:62:4c:0a:2b:09:8b:50:7e:3d:
46:c4:34:4b:f9:bb:40:68:c0:b4:ac:fd:3e:d5:ca:55:58:07:
e8:7f:58:e7:ac:b6:38:53:d5:8f:77:b2:c2:f5:8e:5f:52:91:
07:ce:67:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdVGWgEGxJBNvwl5Bqgudp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwNjA5MTQzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIzOGQ1ODI0YThiMGY3ZWQwMjAwNjM5MjExMDEwNmRlYTNhYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW6jLN4/KkN5ev8p/TwT7CCCo2uA
KlLrzk6YZNDY7+ESKxAChGKe5pCdrg8ha7NpAqd1mCkzllJI3O6H5RMa+B9xYrGj
0fq6gNnA/vJC3IeTMFqPHr2fa8j82mT+1tjbg4uCIgG30YFOoZXQ7x9MILi1YZnR
vuhKF7P/KBHmtxcOOpFHQW8qjRqJXVh2o5zVgkgzbAkcVRdENgAL914bvBIHfdPe
Mqu/Li9WXplbW2sDSXgOLxXw/JokngGyXrkYQggKO1ox6tuRmJu53gsXV3QCkNzw
CIzUiy+Px/h3SRku7u6wxG68lTeRTj61EkVZdoGTgXEiRYIBAgZsoGe6zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMqzjVgkqLD37QIAY5IRAQbeo6xCMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEveXJPTldDU29zUGZ0QWdCamtoRUJCdDZqckVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYw6AwQA
LZUEAwQA1FEvMA0GCSqGSIb3DQEBCwUAA4IBAQCCSjBblw+7CNf5uhknioqD2IXQ
aVysVAwJ/ObRs/v24awctAcPRyGf+X+payPpHWOz6QvzElDSHM645VVNbzC2Rj/x
oWtgmF7olRmoeyI6ikjOpEV+R9YNw14henC/BjB77OZx/bLCJwlbK+52TIvnf03t
FHCE+uUvQIg0jkE6gv6xzQQ/BaC2IieZW6kV47yYhu/bpfLVspreygHWTJ4Lehp+
rGk/bYX/I01KJS8m1GlXqhLSs/UAPjeF+z+GLoTICyloH8Yn23hG+tXbjMliTAor
CYtQfj1GxDRL+btAaMC0rP0+1cpVWAfof1jnrLY4U9WPd7LC9Y5fUpEHzmf6
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:13:42 2025 by rpki-client