Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/aa037c-32ce-4406-b0bc-89949fcc7afb/1/woGpwO2CoGl0NbymJgYJREYWz94.roa
File: woGpwO2CoGl0NbymJgYJREYWz94.roa (raw, json)
Hash identifier: MQU34Fd2wYlYih6TW0DUj+Mq4I7yBnMn7zmYEOx4TN8=
Subject key identifier: C2:81:A9:C0:ED:82:A0:69:74:35:BC:A6:26:06:09:44:46:16:CF:DE
Certificate issuer: /CN=7832d060932d4785a10ca47de8002f65c1ef33ae
Certificate serial: 018CC42473D2583EB40099C88B17C6BAB677
Authority key identifier: 78:32:D0:60:93:2D:47:85:A1:0C:A4:7D:E8:00:2F:65:C1:EF:33:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eDLQYJMtR4WhDKR96AAvZcHvM64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/aa037c-32ce-4406-b0bc-89949fcc7afb/1/woGpwO2CoGl0NbymJgYJREYWz94.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50107
IP address blocks: 45.66.24.0/22 maxlen: 22
45.66.25.0/24 maxlen: 24
2a09:6140::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:73:d2:58:3e:b4:00:99:c8:8b:17:c6:ba:b6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7832d060932d4785a10ca47de8002f65c1ef33ae
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c281a9c0ed82a0697435bca6260609444616cfde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:06:f1:9b:bd:6a:e0:f9:f8:c8:62:48:73:ea:
98:b1:ee:ad:8a:2a:c7:81:88:bc:7b:b0:4b:57:88:
8e:4b:6d:75:14:97:0d:aa:00:ad:3f:a3:63:25:d6:
e8:63:27:6d:3d:07:ea:82:df:ca:39:24:43:a6:32:
84:f4:c7:72:07:ca:e9:58:ad:0d:ac:a9:ac:a6:a8:
e9:bd:ca:f5:0a:55:90:7a:98:35:77:f2:fb:03:78:
88:07:4b:3f:8b:d0:e0:62:8b:04:45:8e:cb:ca:8a:
98:b3:2c:6a:84:a0:ef:ef:89:65:7e:ec:e8:e1:0e:
b9:fb:9e:9e:6f:0e:c0:d7:8e:b1:82:a0:9e:c8:e2:
cf:9f:64:19:cd:11:0e:24:95:ed:3b:9a:cf:69:f4:
95:08:ef:df:8f:5c:cc:9b:e9:05:58:00:06:fc:27:
7c:e7:57:53:e6:58:7f:3f:ed:b0:66:8a:cc:4a:22:
f5:5b:d5:33:d1:62:31:74:01:f8:d0:03:61:00:94:
1d:72:8a:d3:f6:5c:56:92:a6:8f:e2:95:d4:1b:cd:
fa:d5:70:96:26:99:ee:fa:ec:a6:a2:da:29:1b:a2:
93:1e:d5:5d:ff:44:27:ed:32:d6:9c:83:e3:d1:b2:
e5:75:af:7a:8d:ba:17:4e:e2:56:f3:d9:26:7b:49:
78:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:81:A9:C0:ED:82:A0:69:74:35:BC:A6:26:06:09:44:46:16:CF:DE
X509v3 Authority Key Identifier:
keyid:78:32:D0:60:93:2D:47:85:A1:0C:A4:7D:E8:00:2F:65:C1:EF:33:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDLQYJMtR4WhDKR96AAvZcHvM64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/aa037c-32ce-4406-b0bc-89949fcc7afb/1/woGpwO2CoGl0NbymJgYJREYWz94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/aa037c-32ce-4406-b0bc-89949fcc7afb/1/eDLQYJMtR4WhDKR96AAvZcHvM64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.24.0/22
IPv6:
2a09:6140::/29
Signature Algorithm: sha256WithRSAEncryption
37:49:3b:70:c2:da:e9:73:1f:ca:ca:83:74:e9:6d:48:bf:d3:
53:c3:57:5f:a1:0a:2a:8d:6d:c1:53:23:79:3c:47:b8:b7:27:
24:e6:26:b7:71:a0:a1:20:e5:a9:34:23:55:84:ea:69:f7:d4:
47:31:57:69:80:4e:a4:57:d5:43:7b:9d:9f:8c:57:07:5c:07:
fc:ad:bb:f3:b5:8c:08:6e:4d:c6:94:b8:cb:93:e2:70:7c:06:
17:82:4f:d8:c7:ed:45:e9:3e:1d:78:17:cc:aa:07:81:8a:b0:
c0:33:15:ff:63:4b:31:70:74:02:6a:fe:11:9e:1b:e3:7e:8d:
a2:10:25:53:b8:74:96:bc:fd:c0:5f:d1:aa:9e:df:97:4c:d7:
74:cf:f6:0f:b6:a0:d5:15:21:0c:d5:b7:1d:c6:b2:6e:a2:15:
00:db:7e:dd:6d:bb:bc:3b:bf:c9:47:e3:26:4a:8d:99:66:ce:
30:48:99:77:2b:97:bf:25:03:71:ed:d2:d9:38:bd:ff:c9:62:
fd:29:41:6e:d3:bf:74:cb:f6:08:76:5f:2b:03:95:93:bf:c4:
7f:fb:c8:95:c1:a0:a9:d5:44:01:da:47:90:37:75:14:ca:88:
32:bc:f6:9c:97:49:13:c5:aa:cb:42:60:1b:e6:f5:b7:d7:02:
48:c5:75:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHPSWD60AJnIixfGurZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MzJkMDYwOTMyZDQ3ODVhMTBjYTQ3ZGU4MDAyZjY1YzFl
ZjMzYWUwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjgxYTljMGVkODJhMDY5NzQzNWJjYTYyNjA2MDk0NDQ2MTZjZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wbxm71q4Pn4yGJIc+qYse6tiirH
gYi8e7BLV4iOS211FJcNqgCtP6NjJdboYydtPQfqgt/KOSRDpjKE9MdyB8rpWK0N
rKmspqjpvcr1ClWQepg1d/L7A3iIB0s/i9DgYosERY7LyoqYsyxqhKDv74llfuzo
4Q65+56ebw7A146xgqCeyOLPn2QZzREOJJXtO5rPafSVCO/fj1zMm+kFWAAG/Cd8
51dT5lh/P+2wZorMSiL1W9Uz0WIxdAH40ANhAJQdcorT9lxWkqaP4pXUG8361XCW
Jpnu+uymotopG6KTHtVd/0Qn7TLWnIPj0bLlda96jboXTuJW89kme0l4OwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMKBqcDtgqBpdDW8piYGCURGFs/eMB8GA1UdIwQY
MBaAFHgy0GCTLUeFoQykfegAL2XB7zOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURMUVlKTXRSNFdoREtSOTZBQXZaY0h2TTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9hYTAzN2MtMzJjZS00NDA2LWIwYmMt
ODk5NDlmY2M3YWZiLzEvd29HcHdPMkNvR2wwTmJ5bUpnWUpSRVlXejk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9hYTAzN2MtMzJjZS00NDA2LWIwYmMtODk5NDlmY2M3YWZi
LzEvZURMUVlKTXRSNFdoREtSOTZBQXZaY0h2TTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIYMA0E
AgACMAcDBQMqCWFAMA0GCSqGSIb3DQEBCwUAA4IBAQA3STtwwtrpcx/KyoN06W1I
v9NTw1dfoQoqjW3BUyN5PEe4tyck5ia3caChIOWpNCNVhOpp99RHMVdpgE6kV9VD
e52fjFcHXAf8rbvztYwIbk3GlLjLk+JwfAYXgk/Yx+1F6T4deBfMqgeBirDAMxX/
Y0sxcHQCav4Rnhvjfo2iECVTuHSWvP3AX9Gqnt+XTNd0z/YPtqDVFSEM1bcdxrJu
ohUA237dbbu8O7/JR+MmSo2ZZs4wSJl3K5e/JQNx7dLZOL3/yWL9KUFu0790y/YI
dl8rA5WTv8R/+8iVwaCp1UQB2keQN3UUyogyvPacl0kTxarLQmAb5vW31wJIxXX6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:02 2025 by rpki-client