Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bWPWhoCkN8vkCAqYW2CSlaAhJWw.roa
File: bWPWhoCkN8vkCAqYW2CSlaAhJWw.roa (raw, json)
Hash identifier: rK2pzgDIYHimgsFCT4Feny+oD4r5xg6dxrqfVD7fe8M=
Subject key identifier: 6D:63:D6:86:80:A4:37:CB:E4:08:0A:98:5B:60:92:95:A0:21:25:6C
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01977872B6D748123A4B577DABE006F46854
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bWPWhoCkN8vkCAqYW2CSlaAhJWw.roa
Signing time: Mon 16 Jun 2025 11:14:33 +0000
ROA not before: Mon 16 Jun 2025 11:14:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jun 2025 14:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:72:b6:d7:48:12:3a:4b:57:7d:ab:e0:06:f4:68:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 16 11:14:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d63d68680a437cbe4080a985b609295a021256c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:29:4b:89:a5:bb:23:a8:86:b5:53:04:db:50:
96:98:ac:f9:bd:71:f0:9d:70:13:7b:7c:58:0a:b3:
e2:62:7b:df:ae:84:96:5e:c4:cf:62:b9:a0:5d:b8:
b4:d2:54:49:23:bb:0e:e4:fa:65:c5:36:5b:d0:fc:
2c:44:e9:c0:6f:27:74:33:d1:4b:fc:26:85:a2:85:
cd:c4:e6:39:60:ec:fb:98:db:49:a0:94:e1:98:58:
d2:ac:30:ce:c9:9e:cb:ad:21:6c:99:32:39:f3:8d:
98:83:39:e3:67:72:4b:4e:49:9e:39:5d:0c:9b:1c:
e2:7d:5a:70:dc:7d:fb:6e:cc:73:61:bc:26:93:a7:
24:a5:b8:39:8c:b4:0d:91:12:5a:b5:56:33:29:73:
83:3f:33:93:8b:7e:74:94:dd:37:92:83:de:2d:02:
a1:f4:c4:2d:ad:f7:be:6a:1c:52:25:f7:85:1d:dc:
6f:58:97:cf:44:86:09:38:45:a9:3e:d9:75:2f:9d:
1e:79:38:2b:50:34:95:0c:26:55:0f:59:81:99:4a:
9d:ac:45:93:ed:3e:39:aa:bf:3a:dd:c8:77:d6:47:
2f:6a:98:7a:42:1b:9a:0b:bf:a9:26:46:e4:38:b4:
c6:e3:ac:bb:c4:b5:88:5a:87:9f:1a:1b:71:8d:ec:
f3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:63:D6:86:80:A4:37:CB:E4:08:0A:98:5B:60:92:95:A0:21:25:6C
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bWPWhoCkN8vkCAqYW2CSlaAhJWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.8.0/23
45.148.244.0/24
78.40.116.0/23
93.185.167.0/24
Signature Algorithm: sha256WithRSAEncryption
91:5d:4a:eb:ec:35:54:04:66:da:c6:78:d2:07:bf:a3:ac:3f:
70:34:a5:aa:05:60:5b:05:d6:55:ad:16:55:5c:8b:24:06:33:
45:7e:7f:46:57:73:08:9c:8d:06:4d:1d:d3:f7:25:44:47:86:
9a:a3:df:bb:7b:2b:7c:c0:d9:61:49:57:43:92:78:2d:11:ef:
de:4f:19:d4:3e:cb:f7:d1:ba:f1:08:e1:d4:98:77:34:db:d1:
2f:47:8d:c7:e7:99:3f:60:89:4a:ae:7c:61:b3:28:5f:e5:12:
e3:4c:fc:5e:e0:a9:1a:86:bc:93:d6:b9:21:4c:a7:9b:3a:c9:
3f:ef:53:be:81:46:c1:d4:79:19:ec:26:ec:e4:f1:4f:6d:b1:
b3:06:d8:fe:18:5a:b1:68:9d:6c:5d:17:b2:fe:e2:9d:17:bd:
83:27:bf:31:46:11:7f:74:df:b1:4d:d4:68:d4:aa:53:ec:a3:
e4:c2:2d:82:29:44:3c:3e:79:e8:6e:73:eb:f6:07:3b:a6:77:
bc:85:15:12:d7:bb:5a:d5:e4:33:72:7d:2f:39:48:4c:44:d9:
fd:4b:4d:63:8f:bb:86:b2:e8:bf:5f:c1:97:a2:33:f7:a0:3a:
5c:b3:b5:16:8a:5c:23:31:b3:d9:73:25:de:ba:ed:a7:bf:f3:
ff:f2:61:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZd4crbXSBI6S1d9q+AG9GhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNjE2MTExNDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDYzZDY4NjgwYTQzN2NiZTQwODBhOTg1YjYwOTI5NWEwMjEyNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ClLiaW7I6iGtVME21CWmKz5vXHw
nXATe3xYCrPiYnvfroSWXsTPYrmgXbi00lRJI7sO5PplxTZb0PwsROnAbyd0M9FL
/CaFooXNxOY5YOz7mNtJoJThmFjSrDDOyZ7LrSFsmTI5842YgznjZ3JLTkmeOV0M
mxzifVpw3H37bsxzYbwmk6ckpbg5jLQNkRJatVYzKXODPzOTi350lN03koPeLQKh
9MQtrfe+ahxSJfeFHdxvWJfPRIYJOEWpPtl1L50eeTgrUDSVDCZVD1mBmUqdrEWT
7T45qr863ch31kcvaph6QhuaC7+pJkbkOLTG46y7xLWIWoefGhtxjezzywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG1j1oaApDfL5AgKmFtgkpWgISVsMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvYldQV2hvQ2tOOHZrQ0FxWVcyQ1NsYUFoSld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLV0IAwQA
LZT0AwQBTih0AwQAXbmnMA0GCSqGSIb3DQEBCwUAA4IBAQCRXUrr7DVUBGbaxnjS
B7+jrD9wNKWqBWBbBdZVrRZVXIskBjNFfn9GV3MInI0GTR3T9yVER4aao9+7eyt8
wNlhSVdDkngtEe/eTxnUPsv30brxCOHUmHc029EvR43H55k/YIlKrnxhsyhf5RLj
TPxe4KkahryT1rkhTKebOsk/71O+gUbB1HkZ7Cbs5PFPbbGzBtj+GFqxaJ1sXRey
/uKdF72DJ78xRhF/dN+xTdRo1KpT7KPkwi2CKUQ8PnnobnPr9gc7pne8hRUS17ta
1eQzcn0vOUhMRNn9S01jj7uGsui/X8GXojP3oDpcs7UWilwjMbPZcyXeuu2nv/P/
8mEA
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:19:36 2025 by rpki-client