Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WmwWxLsD1pDMx-gnGEUJRpjTL2Y.roa
File: WmwWxLsD1pDMx-gnGEUJRpjTL2Y.roa (raw, json)
Hash identifier: Hj4/YCUm+VDGWAdcFQeoMIrrf9DZ5gVpWJSr70HotYo=
Subject key identifier: 5A:6C:16:C4:BB:03:D6:90:CC:C7:E8:27:18:45:09:46:98:D3:2F:66
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01980867117AF4DEB28E898CD81F8A14C338
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WmwWxLsD1pDMx-gnGEUJRpjTL2Y.roa
Signing time: Mon 14 Jul 2025 10:07:09 +0000
ROA not before: Mon 14 Jul 2025 10:07:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 94.183.168.0/24 maxlen: 24
217.60.239.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Jul 2025 08:23:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:67:11:7a:f4:de:b2:8e:89:8c:d8:1f:8a:14:c3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 14 10:07:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a6c16c4bb03d690ccc7e8271845094698d32f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:47:57:7b:87:16:b1:52:2f:5f:77:f0:43:df:
96:19:b0:5a:3c:1d:9f:96:ad:bd:e8:9b:a4:cc:37:
57:8d:50:98:dc:6c:90:ea:55:ba:3d:99:6d:8f:ad:
c1:e9:24:a2:03:93:c6:1a:8c:e1:f1:43:47:2c:d8:
5a:93:06:1f:5b:63:47:25:18:79:34:e1:ed:99:41:
3a:dd:53:c1:23:2f:12:11:b2:a1:1e:8b:96:77:46:
86:2e:35:2d:3e:26:1d:a9:f6:18:46:11:cf:cf:db:
63:ae:54:3e:f4:98:9b:9d:c4:6d:a9:6f:e0:d6:15:
c8:f3:c2:93:c2:86:2c:c9:8c:59:7b:13:b4:05:79:
ac:d0:0e:21:dd:4d:96:16:eb:14:2d:68:1f:5d:1b:
d4:7a:dd:e2:22:bf:34:8a:7c:8e:89:e9:a7:28:dc:
e4:e7:45:af:42:64:ff:f8:9b:7f:16:aa:a3:88:b5:
7c:65:8b:c1:9e:5b:f0:91:cb:30:84:0f:57:8f:24:
b7:0a:9c:78:e9:28:23:09:50:78:89:f8:f7:07:5d:
16:d4:ae:d6:41:ff:24:ed:54:fc:cb:17:7c:1e:73:
80:b2:d3:ac:50:e5:08:d2:14:08:10:fb:cd:d3:c6:
0c:f1:cb:3c:7b:30:76:0a:72:f5:11:ad:e3:0d:70:
53:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6C:16:C4:BB:03:D6:90:CC:C7:E8:27:18:45:09:46:98:D3:2F:66
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WmwWxLsD1pDMx-gnGEUJRpjTL2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.168.0/24
217.60.239.0/24
217.60.247.0/24
Signature Algorithm: sha256WithRSAEncryption
04:85:35:d5:60:db:19:85:9e:2d:d2:4f:4e:bb:19:c9:8f:84:
ed:c6:8d:2e:68:74:e9:a3:5b:24:cb:55:b0:75:f5:cf:ef:e6:
ff:96:5b:4c:c7:be:f9:47:1e:5a:05:f4:c6:99:f8:63:d0:db:
15:fc:ad:45:7b:f3:64:d9:f0:fc:1d:16:ae:03:ee:f9:72:74:
9f:bd:e4:ec:22:5f:f4:d1:48:3f:db:79:d8:ba:1e:6f:63:8b:
3b:04:24:98:18:ed:a0:6e:ef:19:ef:cb:3c:dc:16:6f:ee:35:
ef:7a:98:79:0a:a6:98:62:8c:ff:67:7f:62:31:fd:19:75:ae:
49:26:50:75:ac:8e:0d:e6:62:72:98:14:ca:e9:c0:48:2e:30:
3c:42:2a:4c:17:f7:7d:d7:d9:b0:04:ea:b5:8c:c7:64:62:36:
7d:60:fd:fb:69:0a:04:47:21:f5:f7:ec:e5:cc:36:49:36:66:
c2:6b:85:df:09:80:13:79:a6:6e:fe:de:5b:8d:ce:63:78:ce:
5f:a4:5e:25:52:f2:b0:df:ce:9b:1e:71:e3:ee:9c:40:28:93:
0e:03:aa:01:4c:1c:3c:44:ce:fd:cb:aa:e8:5b:ab:fb:ed:b9:
9b:69:db:1b:aa:2e:4a:74:31:66:52:16:36:8a:ac:ad:48:b2:
0a:d4:1b:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgIZxF69N6yjomM2B+KFMM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzE0MTAwNzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZjMTZjNGJiMDNkNjkwY2NjN2U4MjcxODQ1MDk0Njk4ZDMyZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0dXe4cWsVIvX3fwQ9+WGbBaPB2f
lq296JukzDdXjVCY3GyQ6lW6PZltj63B6SSiA5PGGozh8UNHLNhakwYfW2NHJRh5
NOHtmUE63VPBIy8SEbKhHouWd0aGLjUtPiYdqfYYRhHPz9tjrlQ+9JibncRtqW/g
1hXI88KTwoYsyYxZexO0BXms0A4h3U2WFusULWgfXRvUet3iIr80inyOiemnKNzk
50WvQmT/+Jt/FqqjiLV8ZYvBnlvwkcswhA9XjyS3Cpx46SgjCVB4ifj3B10W1K7W
Qf8k7VT8yxd8HnOAstOsUOUI0hQIEPvN08YM8cs8ezB2CnL1Ea3jDXBTMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFpsFsS7A9aQzMfoJxhFCUaY0y9mMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV213V3hMc0QxcERNeC1nbkdFVUpScGpUTDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXreoAwQA
2TzvAwQA2Tz3MA0GCSqGSIb3DQEBCwUAA4IBAQAEhTXVYNsZhZ4t0k9OuxnJj4Tt
xo0uaHTpo1sky1WwdfXP7+b/lltMx775Rx5aBfTGmfhj0NsV/K1Fe/Nk2fD8HRau
A+75cnSfveTsIl/00Ug/23nYuh5vY4s7BCSYGO2gbu8Z78s83BZv7jXveph5CqaY
Yoz/Z39iMf0Zda5JJlB1rI4N5mJymBTK6cBILjA8QipMF/d919mwBOq1jMdkYjZ9
YP37aQoERyH19+zlzDZJNmbCa4XfCYATeaZu/t5bjc5jeM5fpF4lUvKw386bHnHj
7pxAKJMOA6oBTBw8RM79y6roW6v77bmbadsbqi5KdDFmUhY2iqytSLIK1Bsc
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:36:16 2025 by rpki-client