Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z5C1ElXWKkikyWOSUxHBL6ensOw.roa
File: Z5C1ElXWKkikyWOSUxHBL6ensOw.roa (raw, json)
Hash identifier: tmhHTa6TSQRUUquFKmLjPy6E+GNFSysLWRWiCHlbEXU=
Subject key identifier: 67:90:B5:12:55:D6:2A:48:A4:C9:63:92:53:11:C1:2F:A7:A7:B0:EC
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428275572102CA7FD6300A88AC77348A0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z5C1ElXWKkikyWOSUxHBL6ensOw.roa
Signing time: Thu 02 Jan 2025 17:54:13 +0000
ROA not before: Thu 02 Jan 2025 17:54:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 45.144.172.0/24 maxlen: 24
45.144.174.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
93.113.171.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.208.110.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 21:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:55:72:10:2c:a7:fd:63:00:a8:8a:c7:73:48:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6790b51255d62a48a4c963925311c12fa7a7b0ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:3a:87:46:56:49:29:08:d0:2b:f1:18:df:
b8:09:8b:6c:b4:ab:19:bd:67:d5:71:d4:2b:db:18:
4f:4b:31:20:9f:3f:7f:c0:86:c7:ba:55:db:b9:e3:
f6:2d:f9:3a:cb:25:ce:17:40:00:e3:24:84:39:49:
2c:8a:d1:d1:93:96:38:e7:59:cc:2c:53:ab:e4:57:
71:ad:41:2a:ce:82:05:8c:06:88:9d:c7:f8:37:56:
82:64:c4:7c:31:54:f2:b6:93:4a:d5:7f:0a:94:14:
c9:a8:82:33:f7:86:53:07:74:4c:84:21:fe:b4:84:
f1:96:bb:ce:43:d8:22:b7:e7:7c:35:45:df:8d:e5:
5d:35:65:b1:41:38:b4:ee:84:b6:e2:80:4e:a8:63:
87:7c:50:8f:0c:29:4e:a6:ad:93:f0:fc:19:ee:20:
c2:d0:aa:0a:22:d5:2b:52:3b:a7:7b:09:a4:90:a6:
e7:d9:a7:0c:b0:57:a8:79:30:16:37:9d:14:e9:93:
66:c4:8e:f7:db:a5:3c:55:77:60:40:60:f3:30:8e:
3f:79:ae:46:30:50:40:f1:68:24:65:87:00:30:7f:
4e:f8:dd:3e:47:1c:5e:18:bb:b7:3a:38:da:a8:78:
b8:fe:4f:19:1f:ba:9d:dd:ac:8f:d5:4a:0c:e0:89:
92:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:90:B5:12:55:D6:2A:48:A4:C9:63:92:53:11:C1:2F:A7:A7:B0:EC
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z5C1ElXWKkikyWOSUxHBL6ensOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.172.0/24
45.144.174.0/24
86.107.100.0/24
92.114.54.0/24
93.113.171.0/24
185.141.219.0/24
185.198.235.0/24
188.208.110.0/24
212.192.12.0/23
212.192.15.0/24
212.192.23.0/24
Signature Algorithm: sha256WithRSAEncryption
71:69:79:39:f5:7b:87:98:54:66:17:75:8e:80:b6:54:71:c9:
a3:d7:4a:85:0f:8a:0d:c8:fc:c0:22:c1:e1:bf:18:7b:36:04:
7c:65:52:f6:1b:93:86:3f:8a:51:53:07:56:b7:78:67:11:9b:
83:7a:31:25:7a:00:00:06:b8:f5:8b:5a:6d:4a:83:dd:cf:fc:
b9:c5:b5:9b:c8:1b:1d:e3:b8:10:0a:d3:6d:5a:ca:04:c2:8e:
0a:08:58:26:20:13:ed:7f:8a:c0:a4:41:61:c0:31:dc:67:21:
f2:45:c3:cf:da:42:01:5d:de:28:86:1d:4a:67:4f:16:f4:ec:
40:99:45:1a:20:4b:cb:f1:53:21:a2:e2:0e:fe:0d:d4:db:0c:
18:1a:a6:3b:8c:4a:dd:c9:3e:97:fb:90:8b:d9:23:8a:ae:5b:
59:b3:b4:db:a7:84:98:4f:ce:d4:5d:84:ba:74:bc:3a:5e:67:
14:2d:50:11:2d:48:13:07:76:41:41:b4:e0:b5:5e:4a:12:72:
09:28:e6:2c:ad:05:28:16:cb:59:f7:50:a1:83:c9:61:8c:bf:
6c:13:57:de:05:d3:66:d8:f2:ec:7f:dc:80:81:06:f8:e5:38:
54:30:f5:b7:e9:68:d5:70:34:78:2d:47:69:14:22:d5:24:4c:
52:2b:ef:c4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQoJ1VyECyn/WMAqIrHc0igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkwYjUxMjU1ZDYyYTQ4YTRjOTYzOTI1MzExYzEyZmE3YTdiMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjU6h0ZWSSkI0CvxGN+4CYtstKsZ
vWfVcdQr2xhPSzEgnz9/wIbHulXbueP2Lfk6yyXOF0AA4ySEOUksitHRk5Y451nM
LFOr5FdxrUEqzoIFjAaIncf4N1aCZMR8MVTytpNK1X8KlBTJqIIz94ZTB3RMhCH+
tITxlrvOQ9git+d8NUXfjeVdNWWxQTi07oS24oBOqGOHfFCPDClOpq2T8PwZ7iDC
0KoKItUrUjunewmkkKbn2acMsFeoeTAWN50U6ZNmxI7326U8VXdgQGDzMI4/ea5G
MFBA8WgkZYcAMH9O+N0+RxxeGLu3OjjaqHi4/k8ZH7qd3ayP1UoM4ImSKQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGeQtRJV1ipIpMljklMRwS+np7DsMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWjVDMUVsWFdLa2lreVdPU1V4SEJMNmVuc093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZCsAwQA
LZCuAwQAVmtkAwQAXHI2AwQAXXGrAwQAuY3bAwQAucbrAwQAvNBuAwQB1MAMAwQA
1MAPAwQA1MAXMA0GCSqGSIb3DQEBCwUAA4IBAQBxaXk59XuHmFRmF3WOgLZUccmj
10qFD4oNyPzAIsHhvxh7NgR8ZVL2G5OGP4pRUwdWt3hnEZuDejElegAABrj1i1pt
SoPdz/y5xbWbyBsd47gQCtNtWsoEwo4KCFgmIBPtf4rApEFhwDHcZyHyRcPP2kIB
Xd4ohh1KZ08W9OxAmUUaIEvL8VMhouIO/g3U2wwYGqY7jErdyT6X+5CL2SOKrltZ
s7Tbp4SYT87UXYS6dLw6XmcULVARLUgTB3ZBQbTgtV5KEnIJKOYsrQUoFstZ91Ch
g8lhjL9sE1feBdNm2PLsf9yAgQb45ThUMPW36WjVcDR4LUdpFCLVJExSK+/E
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:19 2025 by rpki-client