Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/Wu8RQNkJfHwn9Y_pW2JmKtFi51g.roa
File: Wu8RQNkJfHwn9Y_pW2JmKtFi51g.roa (raw, json)
Hash identifier: +yYFXPGLu2Kk48in+MKs7yXL3vAac29C1oVAuonuPEE=
Subject key identifier: 5A:EF:11:40:D9:09:7C:7C:27:F5:8F:E9:5B:62:66:2A:D1:62:E7:58
Certificate issuer: /CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Certificate serial: 019447D268E1D53623D9261C6752045BB412
Authority key identifier: 06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/Wu8RQNkJfHwn9Y_pW2JmKtFi51g.roa
Signing time: Wed 08 Jan 2025 21:29:19 +0000
ROA not before: Wed 08 Jan 2025 21:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 195.66.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 22:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:d2:68:e1:d5:36:23:d9:26:1c:67:52:04:5b:b4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Validity
Not Before: Jan 8 21:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aef1140d9097c7c27f58fe95b62662ad162e758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5b:2c:83:c5:4a:c0:10:10:15:73:6d:b7:c4:
c3:f8:97:ba:2f:02:ec:f9:d5:0a:69:19:04:55:58:
bd:ae:c1:3b:0f:54:55:47:e1:d6:10:63:f4:88:c2:
cf:c7:6e:12:a7:e4:be:6a:7f:08:10:db:75:b9:84:
0f:6c:4f:86:6b:d1:0d:19:90:08:20:d4:94:6d:8f:
c0:ba:39:dd:44:03:0c:16:b7:b4:66:d1:96:b9:dd:
95:0f:2b:3a:e7:41:87:72:33:47:a0:d4:50:f7:c1:
f6:ba:2d:f0:b1:de:f1:aa:af:e9:32:9e:1d:6b:bf:
79:6c:da:72:ea:26:6c:38:96:9c:66:0a:ac:61:da:
f1:e6:8b:42:0d:92:35:c1:7e:e4:5a:87:5c:22:51:
d0:28:04:e5:a9:0c:b8:d3:ca:c9:d0:1c:09:84:a9:
53:e4:20:72:4d:1c:31:7e:2d:78:27:4f:d1:65:4a:
e3:7d:7e:7d:a3:41:cd:b9:2f:9c:6f:15:10:d8:99:
3e:24:7e:ea:39:1e:07:3a:32:ba:d9:68:bf:99:e5:
81:b2:42:ae:f1:da:2a:35:79:fb:33:fb:a7:90:c7:
a4:75:5f:34:f4:74:d0:a7:fd:57:01:05:a3:1b:dd:
52:12:b1:f7:d9:07:3e:86:38:f3:48:c1:08:8d:58:
1d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:EF:11:40:D9:09:7C:7C:27:F5:8F:E9:5B:62:66:2A:D1:62:E7:58
X509v3 Authority Key Identifier:
keyid:06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/Wu8RQNkJfHwn9Y_pW2JmKtFi51g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.101.0/24
Signature Algorithm: sha256WithRSAEncryption
45:4e:76:9b:5b:6e:93:0a:3e:f5:b3:5a:0d:f2:8f:fc:92:40:
70:f4:7a:04:c0:5c:a3:86:6a:c6:9d:97:74:a2:a5:1c:03:35:
f9:2e:87:54:a7:c8:a8:ad:4d:12:12:24:a5:7c:5c:ee:21:bb:
11:33:ce:8f:ad:fd:6a:22:64:76:7a:80:5e:57:eb:c3:08:94:
05:63:5b:2b:9e:9c:98:c8:1a:68:c7:bc:09:88:24:79:28:13:
54:04:0a:8c:1d:70:84:e9:d0:b7:a2:12:51:eb:73:ea:67:71:
6b:0f:36:f6:a3:42:7c:34:24:6f:7d:64:e6:5e:8c:c7:c5:9a:
72:bb:26:9c:92:cd:4b:48:e6:00:34:4d:b5:86:fe:58:23:19:
3a:2b:7d:7a:a4:e6:f6:30:b0:c0:92:bf:56:37:dd:d9:32:fd:
fc:50:45:6c:12:23:9c:02:ab:34:27:67:af:7e:aa:65:de:43:
1e:8e:05:06:18:07:b5:d4:89:ee:40:fe:a8:28:a3:e4:e9:24:
7a:bd:08:ce:63:73:2a:38:46:d4:cd:71:f4:2f:eb:71:66:98:
96:a2:fe:0d:56:70:0d:24:25:db:02:0b:5e:8e:63:ca:a0:6c:
67:36:91:f4:bb:41:ca:98:0b:fb:29:10:4b:71:0c:35:13:7d:
cd:20:cf:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRH0mjh1TYj2SYcZ1IEW7QSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NWE0NzBkYmFiOWMxYzMzNGYwZjg1ZjQxN2NkMWFhNDI1
ZTlmMTMwHhcNMjUwMTA4MjEyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWVmMTE0MGQ5MDk3YzdjMjdmNThmZTk1YjYyNjYyYWQxNjJlNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vssg8VKwBAQFXNtt8TD+Je6LwLs
+dUKaRkEVVi9rsE7D1RVR+HWEGP0iMLPx24Sp+S+an8IENt1uYQPbE+Ga9ENGZAI
INSUbY/AujndRAMMFre0ZtGWud2VDys650GHcjNHoNRQ98H2ui3wsd7xqq/pMp4d
a795bNpy6iZsOJacZgqsYdrx5otCDZI1wX7kWodcIlHQKATlqQy408rJ0BwJhKlT
5CByTRwxfi14J0/RZUrjfX59o0HNuS+cbxUQ2Jk+JH7qOR4HOjK62Wi/meWBskKu
8doqNXn7M/unkMekdV809HTQp/1XAQWjG91SErH32Qc+hjjzSMEIjVgdpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrvEUDZCXx8J/WP6VtiZirRYudYMB8GA1UdIwQY
MBaAFAZaRw26ucHDNPD4X0F80apCXp8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2Mt
NjUwNzhhN2Y2NWI4LzEvV3U4UlFOa0pmSHduOVlfcFcySm1LdEZpNTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2MtNjUwNzhhN2Y2NWI4
LzEvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JlMA0G
CSqGSIb3DQEBCwUAA4IBAQBFTnabW26TCj71s1oN8o/8kkBw9HoEwFyjhmrGnZd0
oqUcAzX5LodUp8iorU0SEiSlfFzuIbsRM86Prf1qImR2eoBeV+vDCJQFY1srnpyY
yBpox7wJiCR5KBNUBAqMHXCE6dC3ohJR63PqZ3FrDzb2o0J8NCRvfWTmXozHxZpy
uyacks1LSOYANE21hv5YIxk6K316pOb2MLDAkr9WN93ZMv38UEVsEiOcAqs0J2ev
fqpl3kMejgUGGAe11InuQP6oKKPk6SR6vQjOY3MqOEbUzXH0L+txZpiWov4NVnAN
JCXbAgtejmPKoGxnNpH0u0HKmAv7KRBLcQw1E33NIM+s
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:36 2025 by rpki-client