Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UTWz1p5ion0iPuzaSUYW5aIAL6s.roa
File: UTWz1p5ion0iPuzaSUYW5aIAL6s.roa (raw, json)
Hash identifier: SGgC2g+LO3Ak6My3h7pIz2jeRJnRGTaac8WCUJWIaNw=
Subject key identifier: 51:35:B3:D6:9E:62:A2:7D:22:3E:EC:DA:49:46:16:E5:A2:00:2F:AB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196D804BA74DCB10C6880F80D91280FBCC6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UTWz1p5ion0iPuzaSUYW5aIAL6s.roa
Signing time: Fri 16 May 2025 07:35:10 +0000
ROA not before: Fri 16 May 2025 07:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.94.47.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
2a0f:8100::/29 maxlen: 29
2a0f:e7c4:10::/48 maxlen: 48
2a11:3500::/29 maxlen: 29
2a13:8c86:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 13:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:04:ba:74:dc:b1:0c:68:80:f8:0d:91:28:0f:bc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 16 07:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5135b3d69e62a27d223eecda494616e5a2002fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:95:c0:d3:fe:be:6d:fc:f7:fd:2d:56:32:9c:
92:01:d7:80:0e:d7:72:5a:b6:ec:c3:81:fb:01:5f:
b3:73:3a:bf:7c:6b:e2:bb:8a:e9:8d:64:66:32:68:
06:1f:01:62:df:30:64:af:51:5b:53:ac:8a:57:a2:
7d:c6:13:cc:5d:bc:ac:5f:31:5f:94:6d:18:92:18:
a9:13:67:b2:ef:db:90:2d:38:69:6c:cf:0b:d0:d8:
cc:51:c6:02:0f:0f:f4:73:31:e3:53:bd:71:e8:28:
f4:ce:7a:ce:a9:e2:cc:24:40:e5:ee:9d:6b:99:16:
84:09:f7:56:cf:a7:df:d5:bb:2d:f5:7e:23:a9:12:
e9:26:10:98:a4:9e:d0:48:8f:3d:f6:9f:58:18:35:
f8:42:14:de:5d:6c:0e:5f:a6:ae:4b:95:13:ae:a6:
37:49:a4:c4:48:ad:77:67:09:1a:c2:10:a1:f0:c4:
4d:8f:e4:a7:79:e3:e6:38:76:7a:d6:de:23:53:4d:
c0:2a:04:95:ba:1e:19:3e:b4:7b:ad:93:b8:82:8e:
a1:f6:80:b4:96:a6:28:67:14:c8:84:05:a4:69:be:
1e:54:95:96:79:01:e2:68:13:04:ba:dc:c1:e1:da:
c2:b2:09:be:fe:97:c4:19:f8:15:1c:f5:78:0d:5b:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:35:B3:D6:9E:62:A2:7D:22:3E:EC:DA:49:46:16:E5:A2:00:2F:AB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UTWz1p5ion0iPuzaSUYW5aIAL6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.47.0/24
195.66.26.0/24
IPv6:
2a0f:8100::/29
2a0f:e7c4:10::/48
2a11:3500::/29
2a13:8c86:120::/48
Signature Algorithm: sha256WithRSAEncryption
97:b4:7d:be:15:f3:52:be:36:78:d2:28:96:74:a1:da:60:03:
5c:67:aa:ac:45:d8:af:74:c5:9e:92:93:59:7b:28:86:f0:03:
3f:2b:0b:77:99:77:61:d7:ab:c5:d7:95:e0:cc:8c:96:f8:a1:
f0:26:06:5e:a5:a1:f3:00:39:01:03:5c:b7:1a:8a:74:5d:1f:
81:e3:b8:cb:1a:60:ed:d7:92:e3:84:b2:ff:ce:ca:a0:8b:a6:
16:1a:f8:de:2c:d9:a3:07:2d:aa:76:07:d4:e7:6c:9c:8b:12:
7e:b8:28:53:e7:07:90:ea:ba:31:ce:52:f0:3e:e2:93:65:67:
b9:ac:96:94:68:c8:64:3d:54:2c:b7:12:7c:fe:ec:55:1a:91:
e5:af:e5:8c:a3:1f:e5:e3:2f:23:59:b6:25:0e:af:ca:d7:36:
ac:82:1a:0f:53:5f:7d:ab:3a:f4:cd:72:3c:36:9b:5d:9b:2b:
69:2f:a1:c1:55:30:1c:74:5d:ca:0c:fc:3b:c2:25:6a:09:ec:
a4:d0:16:5f:e4:84:5a:dd:6e:a5:f3:6e:43:73:74:de:41:07:
cc:fc:a1:da:ed:3f:f2:0c:f2:a7:8a:3e:3e:3a:8a:a5:67:67:
11:3e:e9:88:a9:5b:be:e7:ee:78:53:11:6e:17:ce:d9:9c:ee:
d6:ff:c8:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZbYBLp03LEMaID4DZEoD7zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTE2MDczNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM1YjNkNjllNjJhMjdkMjIzZWVjZGE0OTQ2MTZlNWEyMDAyZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZXA0/6+bfz3/S1WMpySAdeADtdy
Wrbsw4H7AV+zczq/fGviu4rpjWRmMmgGHwFi3zBkr1FbU6yKV6J9xhPMXbysXzFf
lG0YkhipE2ey79uQLThpbM8L0NjMUcYCDw/0czHjU71x6Cj0znrOqeLMJEDl7p1r
mRaECfdWz6ff1bst9X4jqRLpJhCYpJ7QSI899p9YGDX4QhTeXWwOX6auS5UTrqY3
SaTESK13ZwkawhCh8MRNj+SneePmOHZ61t4jU03AKgSVuh4ZPrR7rZO4go6h9oC0
lqYoZxTIhAWkab4eVJWWeQHiaBMEutzB4drCsgm+/pfEGfgVHPV4DVtIbQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFE1s9aeYqJ9Ij7s2klGFuWiAC+rMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVVRXejFwNWlvbjBpUHV6YVNVWVc1YUlBTDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDASBAIAATAMAwQALV4vAwQA
w0IaMCYEAgACMCADBQMqD4EAAwcAKg/nxAAQAwUDKhE1AAMHACoTjIYBIDANBgkq
hkiG9w0BAQsFAAOCAQEAl7R9vhXzUr42eNIolnSh2mADXGeqrEXYr3TFnpKTWXso
hvADPysLd5l3YderxdeV4MyMlvih8CYGXqWh8wA5AQNctxqKdF0fgeO4yxpg7deS
44Sy/87KoIumFhr43izZowctqnYH1OdsnIsSfrgoU+cHkOq6Mc5S8D7ik2VnuayW
lGjIZD1ULLcSfP7sVRqR5a/ljKMf5eMvI1m2JQ6vytc2rIIaD1Nffas69M1yPDab
XZsraS+hwVUwHHRdygz8O8IlagnspNAWX+SEWt1upfNuQ3N03kEHzPyh2u0/8gzy
p4o+PjqKpWdnET7piKlbvufueFMRbhfO2Zzu1v/I7g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:33:22 2025 by rpki-client