Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zWoNhWpGjH45X2D2capOpyBmEt4.roa
File: zWoNhWpGjH45X2D2capOpyBmEt4.roa (raw, json)
Hash identifier: G5EyMUODWc71Dm91gr5hHq/qi/4NgOlzj3DkYN4WR78=
Subject key identifier: CD:6A:0D:85:6A:46:8C:7E:39:5F:60:F6:71:AA:4E:A7:20:66:12:DE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01946A76F0A7D61A95C4FC17E9CBC8CE8647
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zWoNhWpGjH45X2D2capOpyBmEt4.roa
Signing time: Wed 15 Jan 2025 14:56:07 +0000
ROA not before: Wed 15 Jan 2025 14:56:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48795
IP address blocks: 45.12.68.0/23 maxlen: 23
185.238.188.0/22 maxlen: 24
193.58.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 14:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:76:f0:a7:d6:1a:95:c4:fc:17:e9:cb:c8:ce:86:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 15 14:56:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd6a0d856a468c7e395f60f671aa4ea7206612de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d1:58:59:58:4c:59:ee:6a:ca:8f:ce:e5:85:
cb:53:68:c0:f2:57:4d:04:77:74:5c:66:19:12:42:
06:d4:33:db:96:c0:a1:74:08:c9:9a:f3:d4:a9:90:
94:89:51:33:ba:da:2d:61:bd:91:aa:57:63:43:ec:
cf:51:35:fd:9a:f4:db:35:29:28:ba:51:d6:18:af:
b0:ad:82:ba:34:7f:07:53:ba:e3:bb:c1:a5:eb:71:
a0:8a:de:7f:89:20:39:58:9b:19:ec:f6:d8:d1:36:
b0:26:0d:6b:7c:e4:42:d1:07:cb:17:dd:bd:e3:b4:
80:90:bf:25:31:77:0a:dc:91:a7:88:41:e2:0c:9f:
45:5a:14:13:e5:b2:59:45:06:0d:14:6f:5d:8c:18:
9f:68:25:e2:78:c5:b2:31:5c:23:06:66:c6:df:67:
b5:3d:8e:93:14:3a:62:3a:bf:42:3f:3b:15:24:f5:
e8:61:aa:55:01:ad:4a:5a:ec:85:68:a5:9d:52:2b:
5a:a7:ca:be:71:dd:e1:7c:8c:35:e5:a3:91:bb:a7:
10:86:a2:6c:d3:43:07:45:5e:78:9b:e1:69:08:0c:
55:03:fc:fb:6a:5d:dc:9a:ef:3f:09:7b:1d:4e:cf:
fc:84:f4:d5:cb:32:87:46:6a:27:3a:39:c1:46:ad:
ad:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6A:0D:85:6A:46:8C:7E:39:5F:60:F6:71:AA:4E:A7:20:66:12:DE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zWoNhWpGjH45X2D2capOpyBmEt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/23
185.238.188.0/22
193.58.239.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b4:65:3c:f5:07:5a:7f:7e:df:59:db:03:c0:db:d2:e5:ce:
cb:e8:b4:5b:f3:29:ff:5f:8c:e6:b5:87:6a:ad:4a:65:e0:45:
bb:d0:2a:11:2e:bc:30:a9:8a:1f:9c:80:62:b8:9c:04:39:75:
56:d5:d6:ab:d6:1b:60:71:cf:80:e8:87:8d:1d:bb:67:f6:da:
ee:0b:ea:6b:bd:10:51:22:6b:33:b8:f6:7c:1e:29:62:6a:78:
0b:5e:34:bd:7a:2d:0b:0d:53:fb:78:fa:5f:0a:d0:15:7f:81:
2f:4c:10:9f:3d:e0:14:81:ed:55:a7:a4:58:ce:8d:70:7f:16:
32:ac:f5:69:4b:41:58:b2:0c:f9:18:a5:e0:6f:db:4f:bf:f8:
62:9a:c3:a5:1e:14:9e:af:82:33:c9:46:49:6f:06:11:1e:2b:
2c:dc:68:d4:d9:80:b0:ef:c9:31:d2:07:d2:ef:5c:2c:c7:32:
4d:7f:2a:d3:f8:ca:e3:d8:5a:0f:ea:5b:bd:3e:d9:4a:ac:81:
93:2b:e2:ca:da:96:24:68:a9:21:47:b7:ce:0e:e2:07:65:3c:
6c:00:2e:d5:8b:8c:93:04:c7:aa:93:d9:93:c8:dd:cb:b8:f7:
16:74:76:15:ec:b4:dd:90:36:8f:8b:17:51:b0:f6:12:bd:55:
ee:ca:b7:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRqdvCn1hqVxPwX6cvIzoZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTE1MTQ1NjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZhMGQ4NTZhNDY4YzdlMzk1ZjYwZjY3MWFhNGVhNzIwNjYxMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNFYWVhMWe5qyo/O5YXLU2jA8ldN
BHd0XGYZEkIG1DPblsChdAjJmvPUqZCUiVEzutotYb2RqldjQ+zPUTX9mvTbNSko
ulHWGK+wrYK6NH8HU7rju8Gl63Ggit5/iSA5WJsZ7PbY0TawJg1rfORC0QfLF929
47SAkL8lMXcK3JGniEHiDJ9FWhQT5bJZRQYNFG9djBifaCXieMWyMVwjBmbG32e1
PY6TFDpiOr9CPzsVJPXoYapVAa1KWuyFaKWdUitap8q+cd3hfIw15aORu6cQhqJs
00MHRV54m+FpCAxVA/z7al3cmu8/CXsdTs/8hPTVyzKHRmonOjnBRq2t7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1qDYVqRox+OV9g9nGqTqcgZhLeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveldvTmhXcEdqSDQ1WDJEMmNhcE9weUJtRXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQxEAwQC
ue68AwQAwTrvMA0GCSqGSIb3DQEBCwUAA4IBAQAXtGU89Qdaf37fWdsDwNvS5c7L
6LRb8yn/X4zmtYdqrUpl4EW70CoRLrwwqYofnIBiuJwEOXVW1dar1htgcc+A6IeN
Hbtn9truC+prvRBRImszuPZ8HiliangLXjS9ei0LDVP7ePpfCtAVf4EvTBCfPeAU
ge1Vp6RYzo1wfxYyrPVpS0FYsgz5GKXgb9tPv/himsOlHhSer4IzyUZJbwYRHiss
3GjU2YCw78kx0gfS71wsxzJNfyrT+Mrj2FoP6lu9PtlKrIGTK+LK2pYkaKkhR7fO
DuIHZTxsAC7Vi4yTBMeqk9mTyN3LuPcWdHYV7LTdkDaPixdRsPYSvVXuyrdM
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:45:19 2025 by rpki-client