Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7wIpTcRpP5At26KyZJWhDesLdq4.roa
File: 7wIpTcRpP5At26KyZJWhDesLdq4.roa (raw, json)
Hash identifier: 0wYLZ5LC0J7HvVJGqlLEQtn5CG5utKHvn88Ssx6N/Sc=
Subject key identifier: EF:02:29:4D:C4:69:3F:90:2D:DB:A2:B2:64:95:A1:0D:EB:0B:76:AE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01955C70A0F541DEC60ADEF613E0054FBA6D
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7wIpTcRpP5At26KyZJWhDesLdq4.roa
Signing time: Mon 03 Mar 2025 14:37:19 +0000
ROA not before: Mon 03 Mar 2025 14:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212117
IP address blocks: 45.149.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 01 Apr 2025 08:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:70:a0:f5:41:de:c6:0a:de:f6:13:e0:05:4f:ba:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 3 14:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef02294dc4693f902ddba2b26495a10deb0b76ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a3:99:c5:e1:e9:39:b6:77:95:32:d0:5b:6e:
07:12:d3:30:b3:0e:60:2e:83:e4:c6:c1:4c:1f:2b:
4d:7c:66:88:01:90:7a:a2:62:0d:21:9e:4a:79:70:
1c:68:ab:ca:a0:8b:55:9a:9b:fc:c5:da:30:26:09:
19:bf:fc:bd:6a:0a:88:81:cf:41:25:e0:24:23:2e:
64:bb:fb:97:73:19:c1:03:c8:6e:b1:25:94:1c:db:
0e:3b:b1:4c:5f:52:0a:d7:33:58:06:f0:18:be:6b:
0d:f9:55:f8:ad:09:fa:db:29:f2:1b:b9:fc:a3:b9:
4a:ae:0a:e8:66:75:cb:37:f3:44:86:cb:30:f5:e3:
f6:4d:27:73:d2:b7:1b:7e:c2:69:47:91:90:98:4b:
96:b4:90:12:be:e1:21:57:13:76:81:3e:ee:b9:b8:
93:4a:d1:16:c9:a1:ea:44:40:20:15:50:22:12:87:
af:b2:05:07:e5:84:e9:89:b9:ae:0b:03:c1:f4:41:
f5:fd:5c:f0:27:aa:c7:14:c8:54:ea:9b:4e:de:b3:
57:c3:14:2a:25:61:da:35:63:fc:7d:93:02:28:0d:
81:9a:cc:f5:13:36:10:f8:90:f9:ac:6d:23:d3:9c:
22:5f:83:20:60:36:38:22:78:20:d0:df:a2:c2:bc:
f4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:02:29:4D:C4:69:3F:90:2D:DB:A2:B2:64:95:A1:0D:EB:0B:76:AE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7wIpTcRpP5At26KyZJWhDesLdq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.88.0/23
Signature Algorithm: sha256WithRSAEncryption
47:91:5f:44:2c:fb:9a:84:a5:64:bd:36:84:0d:9d:59:57:bb:
8a:7b:3a:3b:6e:8c:fd:48:72:05:85:20:74:57:17:d6:5c:a5:
d7:9d:07:0c:73:89:9d:7f:d8:93:3b:00:7f:f9:96:e0:20:06:
22:21:b6:40:29:5f:24:2c:06:5d:6f:30:f4:29:6e:8c:c1:0d:
af:16:ca:49:4f:02:77:da:c8:dd:ce:0f:09:70:23:89:97:2d:
09:a5:87:3a:3c:18:b2:19:01:09:8d:dc:96:fd:b2:bc:00:e1:
dc:70:92:76:ee:49:84:0d:34:6a:78:6e:82:3b:97:ca:91:e4:
0e:63:eb:45:70:d2:34:64:2e:8f:5d:7e:fe:37:b9:48:db:cb:
ef:ed:5b:6c:32:c0:01:a8:8e:1b:44:61:8d:dc:4b:3c:e7:01:
12:a3:d8:72:97:60:96:df:ec:30:fa:7b:39:00:54:0e:a7:61:
89:aa:23:3b:dd:60:42:5e:d9:51:c7:1d:94:96:38:08:2b:94:
bb:a5:e8:d4:4b:a0:68:dd:22:b0:8d:ec:ac:b7:35:1c:ac:6b:
14:f0:d1:6a:1d:7b:69:f9:00:c0:b9:7f:13:f9:ac:c5:45:bc:
9b:1d:7a:c2:73:99:83:0a:bc:39:94:60:b1:d0:0c:3d:b1:cb:
5f:d8:e9:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVccKD1Qd7GCt72E+AFT7ptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMzAzMTQzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjAyMjk0ZGM0NjkzZjkwMmRkYmEyYjI2NDk1YTEwZGViMGI3NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaOZxeHpObZ3lTLQW24HEtMwsw5g
LoPkxsFMHytNfGaIAZB6omINIZ5KeXAcaKvKoItVmpv8xdowJgkZv/y9agqIgc9B
JeAkIy5ku/uXcxnBA8husSWUHNsOO7FMX1IK1zNYBvAYvmsN+VX4rQn62ynyG7n8
o7lKrgroZnXLN/NEhssw9eP2TSdz0rcbfsJpR5GQmEuWtJASvuEhVxN2gT7uubiT
StEWyaHqREAgFVAiEoevsgUH5YTpibmuCwPB9EH1/VzwJ6rHFMhU6ptO3rNXwxQq
JWHaNWP8fZMCKA2Bmsz1EzYQ+JD5rG0j05wiX4MgYDY4Ingg0N+iwrz0rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8CKU3EaT+QLduismSVoQ3rC3auMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvN3dJcFRjUnBQNUF0MjZLeVpKV2hEZXNMZHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZVYMA0G
CSqGSIb3DQEBCwUAA4IBAQBHkV9ELPuahKVkvTaEDZ1ZV7uKezo7boz9SHIFhSB0
VxfWXKXXnQcMc4mdf9iTOwB/+ZbgIAYiIbZAKV8kLAZdbzD0KW6MwQ2vFspJTwJ3
2sjdzg8JcCOJly0JpYc6PBiyGQEJjdyW/bK8AOHccJJ27kmEDTRqeG6CO5fKkeQO
Y+tFcNI0ZC6PXX7+N7lI28vv7VtsMsABqI4bRGGN3Es85wESo9hyl2CW3+ww+ns5
AFQOp2GJqiM73WBCXtlRxx2UljgIK5S7pejUS6Bo3SKwjeystzUcrGsU8NFqHXtp
+QDAuX8T+azFRbybHXrCc5mDCrw5lGCx0Aw9sctf2Ol9
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:30:51 2025 by rpki-client