Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w3igBQtG0t2Tcgw2vBOVkdS87Ps.roa
File: w3igBQtG0t2Tcgw2vBOVkdS87Ps.roa (raw, json)
Hash identifier: 43CdoNbVSSBYpHMwM4CA0FTgZYC2wYp9Wf+iHtxjUsM=
Subject key identifier: C3:78:A0:05:0B:46:D2:DD:93:72:0C:36:BC:13:95:91:D4:BC:EC:FB
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018CC8DE4AAEF651C02DCBFD75855202E2F7
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w3igBQtG0t2Tcgw2vBOVkdS87Ps.roa
Signing time: Tue 02 Jan 2024 06:31:00 +0000
ROA not before: Tue 02 Jan 2024 06:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 178.159.93.0/24 maxlen: 24
178.159.95.0/24 maxlen: 24
194.113.239.0/24 maxlen: 24
45.88.103.0/24 maxlen: 24
45.88.102.0/24 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:4a:ae:f6:51:c0:2d:cb:fd:75:85:52:02:e2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 2 06:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c378a0050b46d2dd93720c36bc139591d4bcecfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:2e:14:52:e8:2b:ba:1b:e5:be:fc:e6:60:
8d:37:a0:a0:9a:df:12:ed:ff:cb:03:28:60:3d:3a:
f6:6e:ea:88:4d:c5:7a:f2:f1:98:77:80:93:99:99:
21:d7:be:4f:9f:39:41:3b:1f:9a:35:68:fd:4f:7a:
78:c5:3c:37:2e:60:47:ac:9a:01:b2:ab:c3:20:f4:
7a:83:55:8c:6c:84:a8:ab:49:46:58:21:1d:31:b6:
5f:99:1f:e8:88:c7:9c:cf:73:bc:98:17:23:29:12:
6d:b3:79:8a:2f:23:dd:ca:69:b0:ce:50:06:4b:37:
db:b6:6f:73:b0:e9:6e:ff:e0:c0:37:d5:e2:f7:e3:
52:53:be:e9:6b:30:5e:b0:ef:33:28:7a:f9:0b:5b:
cd:e9:ef:97:f6:77:3f:8f:50:00:58:f3:38:8f:93:
9f:96:58:ce:df:a2:9a:cc:a4:a0:3b:18:3e:5c:75:
e2:d0:c3:5a:86:bc:ba:ac:ba:83:52:56:15:3d:b4:
93:55:81:7b:33:a2:d4:18:3a:6a:02:fe:e1:6b:7c:
d1:e9:5c:71:a7:b7:51:3c:12:32:37:8d:f4:cb:3d:
18:03:c9:31:0f:8f:c8:ec:1f:39:ab:e1:ed:23:45:
20:93:3b:64:e6:b9:a9:15:02:a1:35:64:d6:4e:01:
b5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:78:A0:05:0B:46:D2:DD:93:72:0C:36:BC:13:95:91:D4:BC:EC:FB
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w3igBQtG0t2Tcgw2vBOVkdS87Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.102.0/23
178.159.93.0/24
178.159.95.0/24
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
07:52:7c:fc:2a:4e:2c:e1:94:98:1e:12:06:cf:3f:5a:a2:e7:
5b:6a:5b:92:bc:ce:b8:66:51:06:23:d4:fc:62:2a:40:10:92:
5b:22:dd:cd:37:40:ee:aa:10:64:3c:cb:fe:f7:b9:33:91:4d:
f2:ba:9e:21:c1:53:75:79:8d:dd:55:e2:7e:33:22:e4:37:e9:
3d:7e:98:22:94:c0:b2:59:04:db:13:85:2d:de:34:33:54:cc:
4e:91:f9:01:ce:fb:9f:8e:c0:4f:5f:5b:9b:86:aa:3f:8a:d1:
c7:db:3c:9c:e8:18:95:62:04:e4:79:bd:c4:db:2b:3f:32:b9:
ef:a3:bc:6f:af:bd:69:52:c6:bc:65:84:34:50:1b:9e:e7:a6:
39:50:d1:1f:6f:f9:0f:71:7d:4b:0f:d1:57:f5:5f:5a:07:43:
af:01:14:f6:fc:51:bb:e5:ce:7a:a9:24:17:55:f6:4e:5b:fd:
8e:27:b8:24:9c:7c:80:cb:ec:41:f0:53:11:3f:c1:a6:26:62:
0b:89:d2:9a:89:fb:f1:3a:52:74:e0:a6:39:50:e9:39:ae:2a:
89:78:93:6f:07:37:d7:e1:cc:53:c2:40:43:ec:06:a9:9b:1f:
96:c7:1a:d1:b8:2c:db:13:96:a5:82:04:89:9e:cd:3a:3b:7d:
ff:e9:8d:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3kqu9lHALcv9dYVSAuL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjQwMTAyMDYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc4YTAwNTBiNDZkMmRkOTM3MjBjMzZiYzEzOTU5MWQ0YmNlY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLIuFFLoK7ob5b785mCNN6Cgmt8S
7f/LAyhgPTr2buqITcV68vGYd4CTmZkh175PnzlBOx+aNWj9T3p4xTw3LmBHrJoB
sqvDIPR6g1WMbISoq0lGWCEdMbZfmR/oiMecz3O8mBcjKRJts3mKLyPdymmwzlAG
Szfbtm9zsOlu/+DAN9Xi9+NSU77pazBesO8zKHr5C1vN6e+X9nc/j1AAWPM4j5Of
lljO36KazKSgOxg+XHXi0MNahry6rLqDUlYVPbSTVYF7M6LUGDpqAv7ha3zR6Vxx
p7dRPBIyN430yz0YA8kxD4/I7B85q+HtI0Ugkztk5rmpFQKhNWTWTgG1WwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMN4oAULRtLdk3IMNrwTlZHUvOz7MB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvdzNpZ0JRdEcwdDJUY2d3MnZCT1ZrZFM4N1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVhmAwQA
sp9dAwQAsp9fAwQCue5YAwQAwnHvMA0GCSqGSIb3DQEBCwUAA4IBAQAHUnz8Kk4s
4ZSYHhIGzz9aoudbaluSvM64ZlEGI9T8YipAEJJbIt3NN0DuqhBkPMv+97kzkU3y
up4hwVN1eY3dVeJ+MyLkN+k9fpgilMCyWQTbE4Ut3jQzVMxOkfkBzvufjsBPX1ub
hqo/itHH2zyc6BiVYgTkeb3E2ys/Mrnvo7xvr71pUsa8ZYQ0UBue56Y5UNEfb/kP
cX1LD9FX9V9aB0OvART2/FG75c56qSQXVfZOW/2OJ7gknHyAy+xB8FMRP8GmJmIL
idKaifvxOlJ04KY5UOk5riqJeJNvBzfX4cxTwkBD7Aapmx+WxxrRuCzbE5alggSJ
ns06O33/6Y1M
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:23:49 2025 by rpki-client