Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa
File: waSwrOEjPu3cp57xhVanE8mRxsg.roa (raw, json)
Hash identifier: 314DppQruUn8IpZtFn/TypWkZ84EJgnYFKt8K/Gsjfg=
Subject key identifier: C1:A4:B0:AC:E1:23:3E:ED:DC:A7:9E:F1:85:56:A7:13:C9:91:C6:C8
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DB1CC438E274E3DD10614A2143981F
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa
Signing time: Sun 06 Jul 2025 22:28:42 +0000
ROA not before: Sun 06 Jul 2025 22:28:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 45.142.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:db:1c:c4:38:e2:74:e3:dd:10:61:4a:21:43:98:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:28:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1a4b0ace1233eeddca79ef18556a713c991c6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:4b:f4:20:71:8a:3e:f7:0b:cb:b5:86:ea:
57:7b:e0:60:d5:7d:a9:4e:76:61:bc:1e:9d:e1:fe:
c5:43:21:65:97:36:e5:95:8d:9a:d5:d5:f2:84:b1:
aa:d8:38:84:6e:a3:20:b4:38:15:63:46:b5:7f:7c:
2b:9c:5e:f8:81:ac:eb:57:81:7d:74:7f:88:e5:61:
b2:8a:4d:96:07:c1:bc:ab:2a:05:49:2a:10:58:55:
bf:bc:99:7c:ab:8d:bb:cd:d5:7f:33:48:0d:61:c3:
22:76:52:dc:43:a4:01:06:eb:49:45:2f:08:18:77:
3d:62:34:25:0e:39:8c:91:32:31:74:9e:31:bc:24:
d2:f9:9e:3d:a4:fe:5b:a6:65:19:66:62:97:7a:12:
b3:52:6d:4c:68:1a:1c:52:55:02:ac:dc:cc:48:20:
b8:b6:74:8d:d6:f6:0f:e2:30:a5:f8:f1:ca:1f:43:
74:f4:05:60:1d:59:1a:3f:4f:55:24:87:98:3a:82:
73:a0:76:e8:bc:4f:18:04:68:cc:6e:db:9c:72:d1:
72:e4:79:12:6c:c4:bd:1c:bc:64:77:68:c9:9e:23:
40:4d:51:58:0a:52:3b:ae:7f:d0:33:7d:6c:a8:20:
a8:9f:4a:34:59:7b:fc:9c:7c:fe:5c:21:2e:28:88:
72:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A4:B0:AC:E1:23:3E:ED:DC:A7:9E:F1:85:56:A7:13:C9:91:C6:C8
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:cc:19:06:10:2a:73:e4:07:47:c1:16:35:d0:5a:8e:99:fd:
a4:90:96:af:18:95:b3:0f:8f:49:73:c3:45:63:e9:f1:e4:94:
4f:fa:74:34:05:44:9b:2a:60:7b:5e:24:93:77:21:9a:46:ac:
d5:6e:a5:0d:f4:a1:7a:f0:09:ab:7a:e9:d2:7e:fe:ab:dd:44:
28:ad:6f:db:ce:45:86:1c:59:d7:b1:ad:08:89:5c:68:07:04:
9b:f8:7f:19:70:ca:40:4e:5d:e4:48:8b:f8:13:56:a9:05:2c:
fa:21:32:b4:85:7d:58:cc:39:55:3c:3f:68:48:1d:3f:96:a3:
d5:33:79:b4:ec:9f:28:33:08:f6:4b:fe:46:b5:aa:65:84:e2:
69:62:9c:3d:e6:3c:40:9f:7c:67:98:b8:23:14:62:7f:5d:cc:
56:e4:1b:61:84:00:c8:26:d8:aa:a6:b7:e3:33:d1:ee:e0:61:
7d:98:e9:e8:51:3a:a0:32:2d:b8:f6:cd:69:c4:54:d6:91:e1:
71:cd:cb:f3:fa:1d:3d:e9:9c:02:a8:94:12:78:11:37:89:c7:
85:58:fe:2a:d9:b7:24:29:de:29:81:d9:9d:9f:73:ab:92:ea:
c8:d3:3f:66:46:2d:9d:64:cf:74:ec:bc:03:e4:e1:ee:00:ac:
94:5a:18:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2xzEOOJ0490QYUohQ5gfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE0YjBhY2UxMjMzZWVkZGNhNzllZjE4NTU2YTcxM2M5OTFjNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjVL9CBxij73C8u1hupXe+Bg1X2p
TnZhvB6d4f7FQyFllzbllY2a1dXyhLGq2DiEbqMgtDgVY0a1f3wrnF74gazrV4F9
dH+I5WGyik2WB8G8qyoFSSoQWFW/vJl8q427zdV/M0gNYcMidlLcQ6QBButJRS8I
GHc9YjQlDjmMkTIxdJ4xvCTS+Z49pP5bpmUZZmKXehKzUm1MaBocUlUCrNzMSCC4
tnSN1vYP4jCl+PHKH0N09AVgHVkaP09VJIeYOoJzoHbovE8YBGjMbtucctFy5HkS
bMS9HLxkd2jJniNATVFYClI7rn/QM31sqCCon0o0WXv8nHz+XCEuKIhyHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGksKzhIz7t3Kee8YVWpxPJkcbIMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvd2FTd3JPRWpQdTNjcDU3eGhWYW5FOG1SeHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY54MA0G
CSqGSIb3DQEBCwUAA4IBAQCgzBkGECpz5AdHwRY10FqOmf2kkJavGJWzD49Jc8NF
Y+nx5JRP+nQ0BUSbKmB7XiSTdyGaRqzVbqUN9KF68AmreunSfv6r3UQorW/bzkWG
HFnXsa0IiVxoBwSb+H8ZcMpATl3kSIv4E1apBSz6ITK0hX1YzDlVPD9oSB0/lqPV
M3m07J8oMwj2S/5GtaplhOJpYpw95jxAn3xnmLgjFGJ/XcxW5BthhADIJtiqprfj
M9Hu4GF9mOnoUTqgMi249s1pxFTWkeFxzcvz+h096ZwCqJQSeBE3iceFWP4q2bck
Kd4pgdmdn3OrkurI0z9mRi2dZM907LwD5OHuAKyUWhhc
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:01:13 2025 by rpki-client