Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/iZMpzz_PvUFDl199VhIQfyF5vwY.roa
File: iZMpzz_PvUFDl199VhIQfyF5vwY.roa (raw, json)
Hash identifier: m24i8h4HtNmY95Rfvu41eppBqS10qlpTo/t/JciWgGU=
Subject key identifier: 89:93:29:CF:3F:CF:BD:41:43:97:5F:7D:56:12:10:7F:21:79:BF:06
Certificate issuer: /CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Certificate serial: 0194274877E4C69B19A5A0C79A8EF7590C5C
Authority key identifier: 71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/iZMpzz_PvUFDl199VhIQfyF5vwY.roa
Signing time: Thu 02 Jan 2025 13:50:48 +0000
ROA not before: Thu 02 Jan 2025 13:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208928
IP address blocks: 45.15.0.0/22 maxlen: 22
45.15.0.0/24 maxlen: 24
45.15.1.0/24 maxlen: 24
45.15.2.0/24 maxlen: 24
45.15.3.0/24 maxlen: 24
45.147.128.0/24 maxlen: 24
45.147.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:77:e4:c6:9b:19:a5:a0:c7:9a:8e:f7:59:0c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Validity
Not Before: Jan 2 13:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=899329cf3fcfbd4143975f7d5612107f2179bf06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:c2:b1:14:11:69:c0:04:3a:b9:96:d4:48:
49:e3:c5:66:14:48:ea:3e:ed:99:c0:87:b4:e0:a4:
eb:79:f5:b0:a7:e8:db:35:63:64:5f:ba:28:61:e8:
45:3d:58:6e:2c:38:ae:eb:06:75:6c:1e:cd:86:2c:
ae:2e:a8:97:f1:f0:d1:08:38:72:cc:5b:e5:05:51:
ad:bf:ba:38:ae:de:bb:d8:6c:91:28:1b:24:1b:62:
2d:8d:82:5a:86:f4:1a:09:6d:c9:0a:87:99:2b:81:
61:a8:8e:bc:db:20:36:48:e9:63:f3:80:e9:77:b4:
a1:28:6c:1d:b4:ea:06:71:9d:9a:12:44:63:5b:15:
57:fb:7b:fa:4f:6a:68:f7:cb:45:97:5c:99:36:1d:
f2:b3:74:dc:02:49:8a:bf:98:2c:93:d0:d9:93:9d:
b5:f5:31:d8:37:2e:ff:49:45:46:d8:2b:ac:e0:7c:
f0:ac:5e:b7:9e:76:25:ce:1b:64:20:53:c2:d3:cc:
8f:53:d0:1f:43:11:90:db:05:a8:42:6d:a2:2c:5f:
98:a1:75:07:a2:6c:34:4b:f5:76:74:a7:d8:10:a9:
1f:d7:0a:2c:6e:83:3b:9d:a8:c7:75:b0:95:71:8a:
df:fc:6c:9b:4d:13:c8:e3:9c:1f:2e:0d:29:65:df:
a4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:93:29:CF:3F:CF:BD:41:43:97:5F:7D:56:12:10:7F:21:79:BF:06
X509v3 Authority Key Identifier:
keyid:71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/iZMpzz_PvUFDl199VhIQfyF5vwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/cS_xHdDGbOZ_4PHXScCQnvNBjSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.0.0/22
45.147.128.0/23
Signature Algorithm: sha256WithRSAEncryption
49:09:8c:d7:71:9e:14:08:38:b7:ef:d2:e3:7f:79:58:6d:e4:
a5:0b:2b:f6:d9:3a:0c:f2:44:81:ae:a8:22:11:b2:52:be:6f:
a6:fc:6a:3f:5a:71:ac:53:00:e8:65:0b:32:13:36:23:90:3e:
7e:0c:98:ab:9a:c0:00:2b:0f:aa:1f:54:c6:47:c4:3f:78:86:
5c:ae:3d:60:87:60:68:6e:98:b8:51:f9:86:5c:80:69:42:ac:
3d:96:9e:83:9a:dc:3f:23:be:74:60:f3:8d:91:23:51:af:20:
f7:4c:e0:9f:f8:a8:ea:95:ba:49:72:e7:ea:6c:42:85:51:12:
14:ef:50:0c:d2:f9:d0:57:e3:31:53:ef:94:7c:9b:7a:00:ce:
11:7f:50:04:ab:b1:cc:3b:3a:98:48:8e:60:e8:68:26:f3:79:
8f:10:fd:6a:4f:ef:c1:69:33:46:6f:48:13:a7:82:62:af:26:
bb:f0:61:1f:63:76:69:e3:0a:3d:6e:83:58:df:9a:a1:0f:0b:
60:2f:5e:18:fd:f4:5a:b8:b7:6c:20:eb:f3:e7:57:49:f8:5b:
1a:27:a7:5d:9e:f5:d3:79:f2:9d:87:fa:75:ed:56:f8:12:f4:
0b:6e:4b:50:4e:86:95:31:dd:97:28:88:e9:93:96:37:1d:08:
40:38:45:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSHfkxpsZpaDHmo73WQxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmZmMTFkZDBjNjZjZTY3ZmUwZjFkNzQ5YzA5MDllZjM0
MThkMjkwHhcNMjUwMTAyMTM1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkzMjljZjNmY2ZiZDQxNDM5NzVmN2Q1NjEyMTA3ZjIxNzliZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0d7CsRQRacAEOrmW1EhJ48VmFEjq
Pu2ZwIe04KTrefWwp+jbNWNkX7ooYehFPVhuLDiu6wZ1bB7NhiyuLqiX8fDRCDhy
zFvlBVGtv7o4rt672GyRKBskG2ItjYJahvQaCW3JCoeZK4FhqI682yA2SOlj84Dp
d7ShKGwdtOoGcZ2aEkRjWxVX+3v6T2po98tFl1yZNh3ys3TcAkmKv5gsk9DZk521
9THYNy7/SUVG2Cus4HzwrF63nnYlzhtkIFPC08yPU9AfQxGQ2wWoQm2iLF+YoXUH
omw0S/V2dKfYEKkf1wosboM7najHdbCVcYrf/GybTRPI45wfLg0pZd+kRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImTKc8/z71BQ5dffVYSEH8heb8GMB8GA1UdIwQY
MBaAFHEv8R3Qxmzmf+Dx10nAkJ7zQY0pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTct
OWQ2M2IwNDc2ZTI0LzEvaVpNcHp6X1B2VUZEbDE5OVZoSVFmeUY1dndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTctOWQ2M2IwNDc2ZTI0
LzEvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ8AAwQB
LZOAMA0GCSqGSIb3DQEBCwUAA4IBAQBJCYzXcZ4UCDi379Ljf3lYbeSlCyv22ToM
8kSBrqgiEbJSvm+m/Go/WnGsUwDoZQsyEzYjkD5+DJirmsAAKw+qH1TGR8Q/eIZc
rj1gh2Bobpi4UfmGXIBpQqw9lp6Dmtw/I750YPONkSNRryD3TOCf+KjqlbpJcufq
bEKFURIU71AM0vnQV+MxU++UfJt6AM4Rf1AEq7HMOzqYSI5g6Ggm83mPEP1qT+/B
aTNGb0gTp4Jirya78GEfY3Zp4wo9boNY35qhDwtgL14Y/fRauLdsIOvz51dJ+Fsa
J6ddnvXTefKdh/p17Vb4EvQLbktQToaVMd2XKIjpk5Y3HQhAOEWp
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:13 2025 by rpki-client