Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/zkyxm9EbKi71wbfWUkX6iWT2PBw.roa
File: zkyxm9EbKi71wbfWUkX6iWT2PBw.roa (raw, json)
Hash identifier: AjD7hY8tjG6DW9nJ+Fp3W6WZLOJLN7YL0JbC/Gfep3c=
Subject key identifier: CE:4C:B1:9B:D1:1B:2A:2E:F5:C1:B7:D6:52:45:FA:89:64:F6:3C:1C
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D70BE4CBDADBEAAC8905162AC92D50
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/zkyxm9EbKi71wbfWUkX6iWT2PBw.roa
Signing time: Wed 01 Jan 2025 21:48:03 +0000
ROA not before: Wed 01 Jan 2025 21:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 45.43.72.0/22 maxlen: 24
45.43.88.0/23 maxlen: 24
45.43.90.0/23 maxlen: 24
87.239.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 13:46:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0b:e4:cb:da:db:ea:ac:89:05:16:2a:c9:2d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce4cb19bd11b2a2ef5c1b7d65245fa8964f63c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:39:f3:3c:9a:a0:3f:b7:dd:66:25:83:2d:26:
af:c8:e9:c6:8c:39:f5:01:3d:e1:78:fc:30:e0:d5:
e6:01:68:80:3b:1c:2e:da:1f:f1:ce:78:70:ec:63:
f3:17:ef:d3:66:97:09:5b:25:ae:1a:f6:04:01:b5:
79:b4:9e:a9:ee:bd:72:a9:7d:a6:32:73:5b:a3:0f:
74:90:f4:55:c1:57:69:76:a9:2c:ba:c7:82:94:76:
fb:ad:77:54:b6:9e:ec:bf:2b:15:fa:0d:9d:d0:b9:
89:75:f4:4e:a5:ec:ed:76:50:fc:84:c2:2d:cd:77:
a8:48:0c:24:d3:79:71:ca:14:db:75:35:c1:8a:bf:
5f:85:27:f1:3a:dd:71:94:b1:95:a0:22:a9:9a:41:
a2:37:86:5e:5f:c5:00:f9:de:f7:0b:8f:70:81:6a:
d8:6f:88:8c:29:43:53:c4:88:56:91:41:8a:10:33:
a9:77:50:3c:bd:60:19:92:c4:1b:96:67:1b:4d:af:
3c:fe:cd:eb:63:29:91:94:8d:44:20:12:4e:61:47:
6f:19:dd:18:94:fe:b0:23:79:74:9e:42:6e:60:90:
1e:47:96:fc:b4:7e:e7:29:84:3e:f6:d7:67:2b:9e:
78:f1:48:75:85:c1:bd:05:2f:06:2c:fa:25:18:c2:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4C:B1:9B:D1:1B:2A:2E:F5:C1:B7:D6:52:45:FA:89:64:F6:3C:1C
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/zkyxm9EbKi71wbfWUkX6iWT2PBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.72.0/22
45.43.88.0/22
87.239.250.0/23
Signature Algorithm: sha256WithRSAEncryption
61:97:2b:12:46:ca:67:43:cc:32:0e:df:01:c2:1d:9f:7d:a5:
84:d1:bf:ba:82:18:80:44:a5:a4:c0:93:8c:ff:7a:10:49:37:
59:a1:86:71:37:0e:25:3b:34:ee:e6:eb:8f:2e:e7:cd:d0:c4:
0e:a1:0d:0c:54:39:ed:99:fb:67:71:95:de:b9:e7:86:da:72:
fa:f7:e1:08:d3:c0:3b:77:5f:db:d6:4f:5e:b2:8a:50:da:63:
24:98:c7:bb:1a:3d:30:4e:0a:ef:7a:f8:b2:20:d9:86:31:af:
d4:b4:ea:8b:32:8c:45:75:4c:63:77:c6:19:c9:a5:29:77:a1:
99:61:83:77:e6:cd:29:93:60:f7:7d:be:28:95:a4:9f:90:e7:
d5:9a:1e:55:09:02:5f:4e:13:1c:0f:dd:cf:10:3d:2d:3f:57:
4b:dd:a4:c8:7e:cf:a2:93:a1:be:90:88:28:01:ff:3b:88:d5:
03:69:fc:db:43:3f:f0:52:f3:75:85:7a:f3:af:2c:5b:ce:79:
5e:a8:6a:63:f7:fb:44:cb:77:57:d6:a8:63:73:c3:89:b3:63:
f2:c3:8e:74:a8:d4:0e:2f:b3:b8:14:05:03:50:0a:7d:99:ad:
9b:9f:17:f3:54:08:15:bd:4f:2a:09:ce:9a:12:7b:f7:85:63:
c7:83:4f:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj1wvky9rb6qyJBRYqyS1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRjYjE5YmQxMWIyYTJlZjVjMWI3ZDY1MjQ1ZmE4OTY0ZjYzYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjnzPJqgP7fdZiWDLSavyOnGjDn1
AT3hePww4NXmAWiAOxwu2h/xznhw7GPzF+/TZpcJWyWuGvYEAbV5tJ6p7r1yqX2m
MnNbow90kPRVwVdpdqksuseClHb7rXdUtp7svysV+g2d0LmJdfROpeztdlD8hMIt
zXeoSAwk03lxyhTbdTXBir9fhSfxOt1xlLGVoCKpmkGiN4ZeX8UA+d73C49wgWrY
b4iMKUNTxIhWkUGKEDOpd1A8vWAZksQblmcbTa88/s3rYymRlI1EIBJOYUdvGd0Y
lP6wI3l0nkJuYJAeR5b8tH7nKYQ+9tdnK5548Uh1hcG9BS8GLPolGML2HwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM5MsZvRGyou9cG31lJF+olk9jwcMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvemt5eG05RWJLaTcxd2JmV1VrWDZpV1QyUEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLStIAwQC
LStYAwQBV+/6MA0GCSqGSIb3DQEBCwUAA4IBAQBhlysSRspnQ8wyDt8Bwh2ffaWE
0b+6ghiARKWkwJOM/3oQSTdZoYZxNw4lOzTu5uuPLufN0MQOoQ0MVDntmftncZXe
ueeG2nL69+EI08A7d1/b1k9esopQ2mMkmMe7Gj0wTgrveviyINmGMa/UtOqLMoxF
dUxjd8YZyaUpd6GZYYN35s0pk2D3fb4olaSfkOfVmh5VCQJfThMcD93PED0tP1dL
3aTIfs+ik6G+kIgoAf87iNUDafzbQz/wUvN1hXrzryxbznleqGpj9/tEy3dX1qhj
c8OJs2Pyw450qNQOL7O4FAUDUAp9ma2bnxfzVAgVvU8qCc6aEnv3hWPHg0/K
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:12:48 2025 by rpki-client