Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/WQmiwa3MhmoojKMt4QZGWPgnB5A.roa
File: WQmiwa3MhmoojKMt4QZGWPgnB5A.roa (raw, json)
Hash identifier: q/fx9leUZl/KlUEsXtkcKumwOo95LqLpeAxcSwmrw7Q=
Subject key identifier: 59:09:A2:C1:AD:CC:86:6A:28:8C:A3:2D:E1:06:46:58:F8:27:07:90
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 0195865B04C675C3863AA87AE2D816731C45
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/WQmiwa3MhmoojKMt4QZGWPgnB5A.roa
Signing time: Tue 11 Mar 2025 17:57:46 +0000
ROA not before: Tue 11 Mar 2025 17:57:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.32.0/19 maxlen: 24
94.45.32.0/21 maxlen: 24
94.45.40.0/21 maxlen: 24
94.45.48.0/21 maxlen: 24
94.45.56.0/22 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 09:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:5b:04:c6:75:c3:86:3a:a8:7a:e2:d8:16:73:1c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 11 17:57:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5909a2c1adcc866a288ca32de1064658f8270790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b1:d3:0c:af:b5:6e:a0:b9:04:f5:5a:a0:16:
50:25:e3:97:73:c6:a4:e9:9c:1e:0a:5c:a9:d2:24:
c9:f5:b8:cd:d6:73:52:7a:1d:46:b2:31:fe:97:0b:
42:8a:33:95:c1:ea:0b:61:6a:ae:cf:3f:5b:9a:b7:
79:11:ec:31:db:17:c1:e3:90:3f:d3:e2:03:ba:c8:
63:90:62:75:a0:96:ad:ce:47:be:c8:21:17:9d:28:
a3:78:ce:27:04:66:29:2e:44:3e:cd:b7:5f:5e:ac:
71:9f:8d:3b:94:8a:22:dc:2a:0c:e2:c0:8f:3c:8c:
bb:ba:0d:26:0b:d3:00:0b:c7:d9:c1:43:f5:1d:04:
51:a8:75:45:1d:a0:da:d7:a2:cb:a3:fd:f4:8b:81:
c1:f0:ee:97:14:31:7e:3e:46:a5:f3:b9:96:04:ca:
bf:b9:2a:f3:c2:09:ec:2b:e0:3a:e6:46:e7:08:37:
d7:c7:c1:5c:8f:93:07:ff:db:69:ef:e9:7f:57:7c:
06:e3:da:67:23:3e:ba:de:bf:e7:96:2e:80:96:8e:
59:e3:d8:55:de:c1:4d:69:c3:bd:ee:9f:1f:33:69:
23:de:40:84:56:43:cd:36:c8:53:38:ae:ae:32:a7:
59:f2:5f:86:c5:ab:f9:31:70:78:0f:32:2c:b7:d2:
76:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:09:A2:C1:AD:CC:86:6A:28:8C:A3:2D:E1:06:46:58:F8:27:07:90
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/WQmiwa3MhmoojKMt4QZGWPgnB5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.203.48.0/22
94.45.32.0/19
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
4b:d9:a0:d9:9a:31:80:63:18:80:76:3e:ac:8e:61:b9:6c:b8:
cf:df:3f:03:d6:63:6b:51:20:a0:59:22:bc:39:50:ed:10:d3:
ab:0f:3c:6e:5f:13:76:94:ce:8e:cf:4e:76:f6:b4:8e:e0:b3:
2c:1c:15:a3:c5:74:57:da:67:b7:a1:a8:1b:18:6a:f4:30:9b:
c8:38:af:32:48:2c:7a:25:5d:4b:f6:b5:1e:c3:17:94:82:b6:
04:fc:5b:c4:c3:9e:ea:bf:ee:0f:bb:91:98:80:31:36:ff:2b:
ee:2c:d8:b3:3b:a8:17:e8:6a:21:2c:bb:43:58:6a:31:06:2c:
0f:e7:df:d0:27:ed:00:58:d1:0a:75:28:29:d3:6a:29:2a:da:
16:0c:17:91:96:15:a4:2c:ee:c2:a4:90:53:0e:5b:33:66:8e:
5e:00:b7:4a:0d:ca:32:cd:f5:3b:bd:d0:f5:16:52:f7:7e:3a:
0c:25:57:44:c7:2a:9c:e0:22:08:96:51:83:0e:42:98:d6:67:
f5:46:e8:90:e4:89:20:d0:ad:09:b0:92:34:be:49:48:59:e3:
de:f1:52:bb:1f:20:83:55:3e:dc:e1:8d:a5:cb:89:44:d7:8f:
8c:fd:32:e3:73:26:82:0a:81:69:98:34:11:78:d1:7c:e3:04:
45:2f:3f:06
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZWGWwTGdcOGOqh64tgWcxxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzExMTc1NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTA5YTJjMWFkY2M4NjZhMjg4Y2EzMmRlMTA2NDY1OGY4MjcwNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bHTDK+1bqC5BPVaoBZQJeOXc8ak
6ZweClyp0iTJ9bjN1nNSeh1GsjH+lwtCijOVweoLYWquzz9bmrd5Eewx2xfB45A/
0+IDushjkGJ1oJatzke+yCEXnSijeM4nBGYpLkQ+zbdfXqxxn407lIoi3CoM4sCP
PIy7ug0mC9MAC8fZwUP1HQRRqHVFHaDa16LLo/30i4HB8O6XFDF+Pkal87mWBMq/
uSrzwgnsK+A65kbnCDfXx8Fcj5MH/9tp7+l/V3wG49pnIz663r/nli6Alo5Z49hV
3sFNacO97p8fM2kj3kCEVkPNNshTOK6uMqdZ8l+Gxav5MXB4DzIst9J2ZwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFkJosGtzIZqKIyjLeEGRlj4JweQMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvV1FtaXdhM01obW9vaktNdDRRWkdXUGduQjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQGThuAAwQC
W8TAAwQCW8swAwQFXi0gAwQAwd6MAwQBwfOYMA4EAgACMAgDBgQqAW2AIDANBgkq
hkiG9w0BAQsFAAOCAQEAS9mg2ZoxgGMYgHY+rI5huWy4z98/A9Zja1EgoFkivDlQ
7RDTqw88bl8TdpTOjs9Odva0juCzLBwVo8V0V9pnt6GoGxhq9DCbyDivMkgseiVd
S/a1HsMXlIK2BPxbxMOe6r/uD7uRmIAxNv8r7izYszuoF+hqISy7Q1hqMQYsD+ff
0CftAFjRCnUoKdNqKSraFgwXkZYVpCzuwqSQUw5bM2aOXgC3Sg3KMs31O73Q9RZS
9346DCVXRMcqnOAiCJZRgw5CmNZn9UbokOSJINCtCbCSNL5JSFnj3vFSux8gg1U+
3OGNpcuJRNePjP0y43MmggqBaZg0EXjRfOMERS8/Bg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:54:26 2025 by rpki-client