Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/80fcb9-ca84-46a2-b1b0-fd5e4465d144/1/WUwwHXiKn0G28aflbQEuETaXlN0.roa
File: WUwwHXiKn0G28aflbQEuETaXlN0.roa (raw, json)
Hash identifier: RGaZkEepXJ+W+6HB7wNZVBJdKpWkDHcB778hvpmj8xg=
Subject key identifier: 59:4C:30:1D:78:8A:9F:41:B6:F1:A7:E5:6D:01:2E:11:36:97:94:DD
Certificate issuer: /CN=78950ba19b4f17a3473127fd077a9a2002ebea36
Certificate serial: 01942521D67B7FED1DE8453E9BF1229F84E3
Authority key identifier: 78:95:0B:A1:9B:4F:17:A3:47:31:27:FD:07:7A:9A:20:02:EB:EA:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eJULoZtPF6NHMSf9B3qaIALr6jY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/80fcb9-ca84-46a2-b1b0-fd5e4465d144/1/WUwwHXiKn0G28aflbQEuETaXlN0.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207044
IP address blocks: 45.87.224.0/24 maxlen: 24
45.87.225.0/24 maxlen: 24
2a0d:f700:400::/38 maxlen: 38
2a0d:f700:800::/38 maxlen: 38
2a0d:f700:c00::/38 maxlen: 38
2a0d:f700:1000::/38 maxlen: 38
Validation: Failed, certificate revoked on Tue 01 Apr 2025 13:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d6:7b:7f:ed:1d:e8:45:3e:9b:f1:22:9f:84:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78950ba19b4f17a3473127fd077a9a2002ebea36
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=594c301d788a9f41b6f1a7e56d012e11369794dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:06:e8:cb:f1:5b:d0:38:39:47:fa:88:74:00:
b8:b2:b4:3e:f5:a8:46:ee:07:03:e2:7d:b4:84:66:
0d:be:f1:c4:a8:9a:ec:fa:6b:a4:7e:ee:b2:19:04:
d2:63:1b:10:e7:5a:92:37:1c:be:e6:9e:f8:4e:8e:
39:49:03:6e:33:8d:53:17:dc:d6:6e:3c:a2:c7:73:
1a:4d:e3:29:fd:19:2e:59:ba:a3:2a:ef:53:fa:76:
53:ae:9b:d4:84:9c:72:35:92:2f:76:82:d8:da:fe:
b5:78:39:40:54:52:34:21:6a:60:32:67:19:66:29:
3d:92:ba:22:e0:89:54:21:e8:98:df:7f:40:b1:5b:
6a:a9:0d:0e:91:1e:0a:aa:76:65:8d:b4:39:67:ac:
b1:c5:38:54:11:d5:06:fd:ec:ce:c3:4b:c8:a5:0f:
c6:c2:97:fc:84:55:6a:29:4f:97:cc:0e:78:50:89:
dc:3f:8e:14:44:57:32:ec:60:d6:7e:42:09:6f:d8:
dd:88:11:7c:b3:78:5a:e1:22:f6:55:bf:31:2b:25:
da:64:30:86:3b:8a:10:e4:dd:e0:88:ab:60:66:82:
ea:77:4e:65:c7:80:99:a3:ef:55:6d:b1:3f:e4:21:
ca:17:d5:49:22:f2:03:d3:fa:39:9c:39:f0:f2:71:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4C:30:1D:78:8A:9F:41:B6:F1:A7:E5:6D:01:2E:11:36:97:94:DD
X509v3 Authority Key Identifier:
keyid:78:95:0B:A1:9B:4F:17:A3:47:31:27:FD:07:7A:9A:20:02:EB:EA:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eJULoZtPF6NHMSf9B3qaIALr6jY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/80fcb9-ca84-46a2-b1b0-fd5e4465d144/1/WUwwHXiKn0G28aflbQEuETaXlN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/80fcb9-ca84-46a2-b1b0-fd5e4465d144/1/eJULoZtPF6NHMSf9B3qaIALr6jY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.224.0/23
IPv6:
2a0d:f700:400::-2a0d:f700:13ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:6a:0b:22:0c:ab:63:8c:00:ed:40:b1:fd:a5:92:44:1f:00:
57:6e:d6:48:40:1e:07:08:cd:72:63:fb:a5:97:df:19:68:37:
15:eb:b9:12:8d:af:88:e2:5a:51:eb:13:a0:90:11:05:f6:74:
82:64:3c:35:bb:4e:40:fd:1d:6d:25:27:6d:bc:2b:d6:be:8b:
35:e5:3d:50:e5:18:7e:57:b0:02:b8:18:e1:0d:75:19:04:11:
d3:10:b0:a8:c9:c2:28:dd:de:9e:74:33:73:3d:d5:5b:ed:db:
32:45:8c:fc:2f:c7:5e:b9:1c:c1:71:e0:c5:fd:e9:4c:f1:e3:
27:c6:ca:41:3a:47:cc:8d:6c:ba:3d:98:14:0e:3d:b0:d7:0f:
11:fd:2a:7d:9f:6a:f5:ed:f0:5e:0e:52:4b:35:11:bf:7d:71:
39:65:58:23:51:bc:a1:ad:df:bd:52:5c:f8:61:cc:4a:12:30:
16:ff:23:b5:ce:e8:90:d5:e6:82:bf:62:95:2b:ec:ee:f8:e8:
b4:22:3d:00:2b:e3:47:6d:b1:72:a1:db:cc:31:28:6b:ce:62:
a9:f2:a3:db:ef:66:f9:26:be:33:48:a1:41:47:ab:ff:67:1c:
44:6e:89:9e:de:47:0e:8a:09:29:b2:47:35:4b:1f:f5:a9:31:
51:7a:6f:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIdZ7f+0d6EU+m/Ein4TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OTUwYmExOWI0ZjE3YTM0NzMxMjdmZDA3N2E5YTIwMDJl
YmVhMzYwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTRjMzAxZDc4OGE5ZjQxYjZmMWE3ZTU2ZDAxMmUxMTM2OTc5NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwboy/Fb0Dg5R/qIdAC4srQ+9ahG
7gcD4n20hGYNvvHEqJrs+mukfu6yGQTSYxsQ51qSNxy+5p74To45SQNuM41TF9zW
bjyix3MaTeMp/RkuWbqjKu9T+nZTrpvUhJxyNZIvdoLY2v61eDlAVFI0IWpgMmcZ
Zik9kroi4IlUIeiY339AsVtqqQ0OkR4KqnZljbQ5Z6yxxThUEdUG/ezOw0vIpQ/G
wpf8hFVqKU+XzA54UIncP44URFcy7GDWfkIJb9jdiBF8s3ha4SL2Vb8xKyXaZDCG
O4oQ5N3giKtgZoLqd05lx4CZo+9VbbE/5CHKF9VJIvID0/o5nDnw8nHgVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFlMMB14ip9BtvGn5W0BLhE2l5TdMB8GA1UdIwQY
MBaAFHiVC6GbTxejRzEn/Qd6miAC6+o2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUpVTG9adFBGNk5ITVNmOUIzcWFJQUxyNmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MGZjYjktY2E4NC00NmEyLWIxYjAt
ZmQ1ZTQ0NjVkMTQ0LzEvV1V3d0hYaUtuMEcyOGFmbGJRRXVFVGFYbE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84MGZjYjktY2E4NC00NmEyLWIxYjAtZmQ1ZTQ0NjVkMTQ0
LzEvZUpVTG9adFBGNk5ITVNmOUIzcWFJQUxyNmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBLVfgMBgE
AgACMBIwEAMGAioN9wAEAwYCKg33ABAwDQYJKoZIhvcNAQELBQADggEBADpqCyIM
q2OMAO1Asf2lkkQfAFdu1khAHgcIzXJj+6WX3xloNxXruRKNr4jiWlHrE6CQEQX2
dIJkPDW7TkD9HW0lJ228K9a+izXlPVDlGH5XsAK4GOENdRkEEdMQsKjJwijd3p50
M3M91Vvt2zJFjPwvx165HMFx4MX96Uzx4yfGykE6R8yNbLo9mBQOPbDXDxH9Kn2f
avXt8F4OUks1Eb99cTllWCNRvKGt371SXPhhzEoSMBb/I7XO6JDV5oK/YpUr7O74
6LQiPQAr40dtsXKh28wxKGvOYqnyo9vvZvkmvjNIoUFHq/9nHERuiZ7eRw6KCSmy
RzVLH/WpMVF6b/s=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:31:50 2025 by rpki-client