Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/07cd4d-7d35-44e1-aba3-c9b220a4d6f0/1/wXgCWNsdt3X6qDiXUhqDrLTeeGY.roa
File: wXgCWNsdt3X6qDiXUhqDrLTeeGY.roa (raw, json)
Hash identifier: PFwW+u5c1T8MOvlXecF10OIC2HTBFiiwRtz9DOAcb2U=
Subject key identifier: C1:78:02:58:DB:1D:B7:75:FA:A8:38:97:52:1A:83:AC:B4:DE:78:66
Certificate issuer: /CN=a4c7bfe415604f6136ceaa216356495bf6d5cc41
Certificate serial: 018CC26D5304CDC4B37269C9E0451654B375
Authority key identifier: A4:C7:BF:E4:15:60:4F:61:36:CE:AA:21:63:56:49:5B:F6:D5:CC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMe_5BVgT2E2zqohY1ZJW_bVzEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/07cd4d-7d35-44e1-aba3-c9b220a4d6f0/1/wXgCWNsdt3X6qDiXUhqDrLTeeGY.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208230
IP address blocks: 45.152.111.0/24 maxlen: 24
45.152.110.0/24 maxlen: 24
45.152.109.0/24 maxlen: 24
45.152.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:53:04:cd:c4:b3:72:69:c9:e0:45:16:54:b3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4c7bfe415604f6136ceaa216356495bf6d5cc41
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1780258db1db775faa83897521a83acb4de7866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bc:53:ff:8a:29:af:d6:b2:27:75:2e:4a:94:
19:22:3e:8c:b7:dc:7b:59:72:88:93:4b:83:14:72:
85:86:83:f3:d5:55:66:ca:85:8b:4d:0e:cc:a3:1d:
2e:63:cf:cc:56:8e:7a:bf:ed:e3:b2:da:34:d3:5e:
d7:0f:b9:23:bd:fe:11:cb:93:20:e3:05:f3:99:81:
d0:46:f9:28:f4:a2:9b:68:41:d3:b4:71:04:bb:7a:
11:60:e7:f0:a0:e1:27:01:62:60:91:4c:cf:f6:c1:
97:be:57:2a:07:df:c6:49:4d:1e:ff:78:d4:12:0d:
fc:57:50:5e:e1:b9:aa:e9:1e:10:0e:f9:49:b1:ca:
59:3b:74:d3:79:c7:6e:4b:18:f4:e0:19:fc:c2:93:
6f:44:66:37:b5:0e:79:1c:49:31:de:c3:38:f5:12:
08:61:ca:13:39:36:68:e9:ee:bf:57:bf:99:e7:5b:
06:d3:ef:3e:9d:28:4b:f1:36:b4:72:f8:88:af:04:
6f:0f:6e:c4:6d:74:3e:90:b5:0d:30:e4:e0:3f:28:
b9:f0:ff:37:fd:bc:d0:45:c9:88:21:e9:61:ec:46:
24:8e:92:a5:0b:1e:0a:cb:d3:9d:8f:d6:e4:6d:e6:
2d:4d:98:58:a1:46:72:40:e2:c9:11:69:f9:46:98:
c0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:78:02:58:DB:1D:B7:75:FA:A8:38:97:52:1A:83:AC:B4:DE:78:66
X509v3 Authority Key Identifier:
keyid:A4:C7:BF:E4:15:60:4F:61:36:CE:AA:21:63:56:49:5B:F6:D5:CC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMe_5BVgT2E2zqohY1ZJW_bVzEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/07cd4d-7d35-44e1-aba3-c9b220a4d6f0/1/wXgCWNsdt3X6qDiXUhqDrLTeeGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/07cd4d-7d35-44e1-aba3-c9b220a4d6f0/1/pMe_5BVgT2E2zqohY1ZJW_bVzEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.108.0/22
Signature Algorithm: sha256WithRSAEncryption
28:1c:25:07:ba:36:45:2c:99:06:5b:56:36:55:04:14:1a:b1:
df:f2:25:f3:71:7e:6b:ad:57:20:b8:17:e6:35:d2:4f:5c:a4:
14:63:12:a0:98:dd:da:ce:1b:66:64:50:d0:03:8b:a7:4a:d7:
fb:7e:b6:b1:45:31:e7:67:95:18:61:13:bd:70:e6:e6:a2:8a:
d4:fd:2d:1e:90:e3:11:f3:bb:b8:f8:0b:0d:fa:28:4a:08:09:
a1:e8:cd:2c:36:6d:92:41:81:25:7e:f5:05:90:71:85:51:83:
fb:d9:7b:2d:c7:a8:1a:39:32:8a:1b:96:31:9c:dd:5e:f7:24:
62:cf:77:c3:e7:aa:6a:b4:15:4c:3a:78:6e:be:b4:4a:37:4d:
8a:29:2d:cc:34:18:e5:14:3e:76:f6:5e:e4:18:34:9f:80:14:
e2:e2:ef:db:f3:17:bf:ad:72:4c:42:cb:1f:3e:99:32:4f:3d:
2a:d2:94:9e:c0:e8:95:85:4d:3b:ea:37:76:61:35:e5:48:0e:
b7:a0:48:3e:b4:2a:b1:8a:f0:0c:07:18:0d:06:c5:27:0c:7e:
2b:0e:8d:e4:c0:6b:55:47:08:99:d9:fb:24:82:5d:67:f6:af:
2f:59:b3:29:a0:c3:a6:7c:16:5d:26:0e:a9:5b:78:4b:66:87:
d6:6d:c2:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVMEzcSzcmnJ4EUWVLN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YzdiZmU0MTU2MDRmNjEzNmNlYWEyMTYzNTY0OTViZjZk
NWNjNDEwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc4MDI1OGRiMWRiNzc1ZmFhODM4OTc1MjFhODNhY2I0ZGU3ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrxT/4opr9ayJ3UuSpQZIj6Mt9x7
WXKIk0uDFHKFhoPz1VVmyoWLTQ7Mox0uY8/MVo56v+3jsto0017XD7kjvf4Ry5Mg
4wXzmYHQRvko9KKbaEHTtHEEu3oRYOfwoOEnAWJgkUzP9sGXvlcqB9/GSU0e/3jU
Eg38V1Be4bmq6R4QDvlJscpZO3TTecduSxj04Bn8wpNvRGY3tQ55HEkx3sM49RII
YcoTOTZo6e6/V7+Z51sG0+8+nShL8Ta0cviIrwRvD27EbXQ+kLUNMOTgPyi58P83
/bzQRcmIIelh7EYkjpKlCx4Ky9Odj9bkbeYtTZhYoUZyQOLJEWn5RpjAHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMF4AljbHbd1+qg4l1Iag6y03nhmMB8GA1UdIwQY
MBaAFKTHv+QVYE9hNs6qIWNWSVv21cxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE1lXzVCVmdUMkUyenFvaFkxWkpXX2JWekVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wN2NkNGQtN2QzNS00NGUxLWFiYTMt
YzliMjIwYTRkNmYwLzEvd1hnQ1dOc2R0M1g2cURpWFVocURyTFRlZUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wN2NkNGQtN2QzNS00NGUxLWFiYTMtYzliMjIwYTRkNmYw
LzEvcE1lXzVCVmdUMkUyenFvaFkxWkpXX2JWekVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZhsMA0G
CSqGSIb3DQEBCwUAA4IBAQAoHCUHujZFLJkGW1Y2VQQUGrHf8iXzcX5rrVcguBfm
NdJPXKQUYxKgmN3azhtmZFDQA4unStf7fraxRTHnZ5UYYRO9cObmoorU/S0ekOMR
87u4+AsN+ihKCAmh6M0sNm2SQYElfvUFkHGFUYP72Xstx6gaOTKKG5YxnN1e9yRi
z3fD56pqtBVMOnhuvrRKN02KKS3MNBjlFD529l7kGDSfgBTi4u/b8xe/rXJMQssf
PpkyTz0q0pSewOiVhU076jd2YTXlSA63oEg+tCqxivAMBxgNBsUnDH4rDo3kwGtV
RwiZ2fskgl1n9q8vWbMpoMOmfBZdJg6pW3hLZofWbcJB
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:31:38 2025 by rpki-client