Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/0PZwbprIL4V6_4fEy_-cEO7mLT8.roa
File: 0PZwbprIL4V6_4fEy_-cEO7mLT8.roa (raw, json)
Hash identifier: VpR1XW4DzBzxWqc6VC7NDb2WPiV/f4vyWhFIrHXa67U=
Subject key identifier: D0:F6:70:6E:9A:C8:2F:85:7A:FF:87:C4:CB:FF:9C:10:EE:E6:2D:3F
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0193B7479710F35E5BACC221FF7C6C6E7570
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/0PZwbprIL4V6_4fEy_-cEO7mLT8.roa
Signing time: Wed 11 Dec 2024 19:52:22 +0000
ROA not before: Wed 11 Dec 2024 19:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
81.91.176.0/22 maxlen: 22
81.91.176.0/24 maxlen: 24
81.91.178.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
95.215.206.0/24 maxlen: 24
103.246.144.0/22 maxlen: 22
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 10:59:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b7:47:97:10:f3:5e:5b:ac:c2:21:ff:7c:6c:6e:75:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Dec 11 19:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0f6706e9ac82f857aff87c4cbff9c10eee62d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:93:f1:53:68:91:e0:15:18:06:91:9d:cc:4b:
cb:41:d6:0b:01:bd:9c:fc:df:2f:b6:b0:4c:06:bd:
43:6b:52:a3:2b:ee:4d:f6:73:ba:63:2f:b4:d8:39:
8f:f6:e7:cf:b6:29:f5:8a:d2:c5:16:c7:a6:89:41:
94:9a:97:2a:0b:17:9c:25:2b:91:c9:85:fe:06:98:
87:a1:a7:fa:ab:43:ab:01:46:29:c0:06:a5:ca:5d:
4f:65:a0:7f:ca:bc:23:b1:b4:e9:95:36:04:55:70:
91:c1:c0:63:fd:95:5e:e0:94:dc:13:14:7f:61:a7:
56:38:91:b2:15:0a:b6:18:70:6d:46:c6:d8:11:f5:
c1:3a:19:02:d9:13:69:ad:01:e8:c9:47:1e:d5:97:
8f:e1:71:31:7b:41:e6:1a:30:52:ac:de:1b:5b:6c:
10:fd:73:3f:6f:53:5a:bf:9c:30:f6:11:3a:8c:b3:
f0:6b:3e:16:96:c0:c6:ac:80:ab:f1:15:55:7a:56:
0a:53:55:6d:75:98:57:71:3e:b5:f9:ff:42:41:ad:
d7:09:72:08:0b:05:64:aa:2b:2e:93:64:de:af:0d:
6a:7e:6f:44:0e:ad:f8:4a:dc:34:4c:5f:1d:5c:67:
5a:2d:95:01:85:8a:b6:9a:71:8e:e5:2d:96:7b:18:
8c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F6:70:6E:9A:C8:2F:85:7A:FF:87:C4:CB:FF:9C:10:EE:E6:2D:3F
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/0PZwbprIL4V6_4fEy_-cEO7mLT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
81.91.176.0/22
95.215.205.0-95.215.206.255
103.246.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:66:a2:e9:76:2c:b8:f0:2f:51:68:52:45:c2:82:fc:84:fd:
2e:60:f9:0b:99:47:e6:ee:dc:08:e6:3a:6e:dc:01:71:c3:87:
e6:50:ec:3b:9b:f0:3a:da:59:d1:fa:98:d4:fc:15:55:26:07:
e3:bf:09:9f:2b:23:09:35:0a:9e:74:3c:c2:8e:a6:da:fe:1a:
db:2b:13:74:a3:9a:53:ea:a5:0a:69:97:15:f1:6f:d4:f3:b8:
90:28:e6:6a:48:2f:9e:b3:6b:f5:bf:fd:19:07:59:cc:0b:08:
8a:eb:09:9c:7a:45:9d:52:57:e3:18:43:d7:f1:cc:b6:ff:65:
7c:08:58:4c:78:41:35:4b:5f:a0:96:5c:94:67:a4:0b:ea:0b:
62:3e:1f:b0:c7:94:64:1b:64:c7:21:3d:37:3e:2a:55:7e:85:
2b:eb:70:3f:48:cc:33:63:cf:d0:4e:f8:1f:e5:7c:9d:e4:0e:
ce:16:bb:d6:6e:83:67:c1:7c:b1:69:24:be:71:1a:ca:81:56:
1e:d3:d3:d0:1b:05:01:91:55:41:4a:82:fe:cc:04:a8:7c:3d:
2e:33:29:a0:cd:9c:31:f7:01:38:98:8b:81:c1:06:c2:02:88:
d6:a0:7e:91:80:a5:19:b4:e1:40:13:e5:18:66:72:1c:1a:5a:
bc:b3:0a:ea
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZO3R5cQ815brMIh/3xsbnVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQxMjExMTk1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY2NzA2ZTlhYzgyZjg1N2FmZjg3YzRjYmZmOWMxMGVlZTYyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JPxU2iR4BUYBpGdzEvLQdYLAb2c
/N8vtrBMBr1Da1KjK+5N9nO6Yy+02DmP9ufPtin1itLFFsemiUGUmpcqCxecJSuR
yYX+BpiHoaf6q0OrAUYpwAalyl1PZaB/yrwjsbTplTYEVXCRwcBj/ZVe4JTcExR/
YadWOJGyFQq2GHBtRsbYEfXBOhkC2RNprQHoyUce1ZeP4XExe0HmGjBSrN4bW2wQ
/XM/b1Nav5ww9hE6jLPwaz4WlsDGrICr8RVVelYKU1VtdZhXcT61+f9CQa3XCXII
CwVkqisuk2Terw1qfm9EDq34Stw0TF8dXGdaLZUBhYq2mnGO5S2WexiMsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFND2cG6ayC+Fev+HxMv/nBDu5i0/MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvMFBad2JwcklMNFY2XzRmRXlfLWNFTzdtTFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVhOAwQC
UVuwMAwDBABf180DBABf184DBAJn9pAwDQYJKoZIhvcNAQELBQADggEBAFpmoul2
LLjwL1FoUkXCgvyE/S5g+QuZR+bu3AjmOm7cAXHDh+ZQ7Dub8DraWdH6mNT8FVUm
B+O/CZ8rIwk1Cp50PMKOptr+GtsrE3SjmlPqpQpplxXxb9TzuJAo5mpIL56za/W/
/RkHWcwLCIrrCZx6RZ1SV+MYQ9fxzLb/ZXwIWEx4QTVLX6CWXJRnpAvqC2I+H7DH
lGQbZMchPTc+KlV+hSvrcD9IzDNjz9BO+B/lfJ3kDs4Wu9Zug2fBfLFpJL5xGsqB
Vh7T09AbBQGRVUFKgv7MBKh8PS4zKaDNnDH3ATiYi4HBBsICiNagfpGApRm04UAT
5RhmchwaWryzCuo=
-----END CERTIFICATE-----
Generated at Fri Jun 13 08:47:15 2025 by rpki-client