Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZWlPGTqFpOboktBJn9OXY4f9mYQ.roa
File: ZWlPGTqFpOboktBJn9OXY4f9mYQ.roa (raw, json)
Hash identifier: nkfpFJ5VJJ012PLA4Vsk+c6W1SbRBw1REpVUhMFKuns=
Subject key identifier: 65:69:4F:19:3A:85:A4:E6:E8:92:D0:49:9F:D3:97:63:87:FD:99:84
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01970275F7E7A894587E73B6BC553758BF03
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZWlPGTqFpOboktBJn9OXY4f9mYQ.roa
Signing time: Sat 24 May 2025 13:22:55 +0000
ROA not before: Sat 24 May 2025 13:22:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205125
IP address blocks: 45.95.201.0/24 maxlen: 24
2a03:e2c0::/32 maxlen: 32
2a0d:8340::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 11:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:02:75:f7:e7:a8:94:58:7e:73:b6:bc:55:37:58:bf:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 24 13:22:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65694f193a85a4e6e892d0499fd3976387fd9984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d3:f9:c9:5d:12:d4:df:c6:06:f8:26:b0:ad:
52:36:40:cd:e6:1e:e4:53:82:d0:b6:f7:ab:a5:d3:
76:ac:a2:d0:a3:c4:9f:1c:b0:a2:24:e8:eb:f3:fb:
86:a7:12:14:cc:9d:4b:d3:56:90:ed:9a:33:c6:72:
4d:f7:cc:66:f6:15:56:51:d6:67:e8:5f:9a:a0:59:
19:f5:4a:fa:3f:1b:10:63:93:4e:25:6c:3b:bb:7a:
74:c2:a4:c4:6e:83:65:4a:80:ce:01:f8:d9:41:f2:
cd:2b:fa:f5:ba:d6:52:f1:99:ff:bb:3b:45:4d:80:
30:9f:57:44:0e:7f:32:d0:18:e4:02:c5:d2:a5:b0:
91:1b:4b:4f:ad:87:d9:42:c4:db:f1:43:c3:e9:29:
e6:d0:6e:1c:ec:a6:94:01:14:60:56:0f:2f:75:63:
78:c0:9a:d6:ca:ab:fe:1e:49:e8:a8:93:85:e9:b3:
bc:77:a8:13:58:e1:0a:b2:43:31:53:84:c4:11:4b:
c2:d9:ac:4e:6e:04:99:d6:8a:e9:77:89:38:4e:e4:
a4:7d:87:d9:6c:43:88:30:46:07:d8:d3:3a:f0:25:
ff:93:19:f0:83:6d:d0:ca:bf:2e:be:a3:e2:62:0c:
35:ce:e8:30:14:cc:3c:21:da:68:e6:a5:54:ad:dd:
4b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:69:4F:19:3A:85:A4:E6:E8:92:D0:49:9F:D3:97:63:87:FD:99:84
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZWlPGTqFpOboktBJn9OXY4f9mYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.201.0/24
IPv6:
2a03:e2c0::/32
2a0d:8340::/32
Signature Algorithm: sha256WithRSAEncryption
32:cd:c8:54:50:b5:2b:bf:d9:cb:74:1e:48:f0:c9:6c:53:fa:
b8:18:77:7b:d3:29:df:2e:5c:53:75:43:8d:a5:e3:e8:a1:2a:
54:e9:eb:51:cd:30:31:29:7d:c7:c9:89:4c:2e:63:04:29:6d:
f5:6a:4e:77:d4:28:09:6d:02:9c:71:83:4f:f3:af:88:e6:75:
a6:1a:6d:de:90:d1:ce:32:cb:05:12:44:d9:05:1f:9b:1f:ee:
d9:9f:81:b8:72:6c:2c:de:c2:a1:09:37:81:56:b6:61:c5:eb:
c1:cf:cc:a1:41:27:31:6e:5b:02:8f:5f:0c:68:45:57:8b:35:
8b:15:0b:89:fa:c7:9f:a7:c2:44:4c:21:78:21:b4:5e:89:9d:
15:13:7f:d4:14:1c:83:e9:46:3e:30:b9:6f:fa:27:cb:5a:fb:
b6:4d:ba:3a:0e:29:c6:3c:f5:78:af:96:e9:0e:eb:7b:94:89:
4b:b5:22:83:4e:1a:48:7a:b8:bd:c6:6f:46:81:77:2d:e6:cc:
92:1d:dc:69:07:c4:4d:83:b2:af:5a:7d:0a:87:bf:6a:de:28:
24:63:da:84:d7:db:93:3c:f8:65:51:d6:26:9b:f6:fa:07:25:
b9:f3:94:cf:68:33:31:22:66:5d:65:1d:41:d1:97:64:69:1a:
8d:7f:39:a8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZcCdffnqJRYfnO2vFU3WL8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNTI0MTMyMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY5NGYxOTNhODVhNGU2ZTg5MmQwNDk5ZmQzOTc2Mzg3ZmQ5OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9P5yV0S1N/GBvgmsK1SNkDN5h7k
U4LQtverpdN2rKLQo8SfHLCiJOjr8/uGpxIUzJ1L01aQ7ZozxnJN98xm9hVWUdZn
6F+aoFkZ9Ur6PxsQY5NOJWw7u3p0wqTEboNlSoDOAfjZQfLNK/r1utZS8Zn/uztF
TYAwn1dEDn8y0BjkAsXSpbCRG0tPrYfZQsTb8UPD6Snm0G4c7KaUARRgVg8vdWN4
wJrWyqv+HknoqJOF6bO8d6gTWOEKskMxU4TEEUvC2axObgSZ1orpd4k4TuSkfYfZ
bEOIMEYH2NM68CX/kxnwg23Qyr8uvqPiYgw1zugwFMw8Idpo5qVUrd1LtwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGVpTxk6haTm6JLQSZ/Tl2OH/ZmEMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWldsUEdUcUZwT2Jva3RCSm45T1hZNGY5bVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQALV/JMBQE
AgACMA4DBQAqA+LAAwUAKg2DQDANBgkqhkiG9w0BAQsFAAOCAQEAMs3IVFC1K7/Z
y3QeSPDJbFP6uBh3e9Mp3y5cU3VDjaXj6KEqVOnrUc0wMSl9x8mJTC5jBClt9WpO
d9QoCW0CnHGDT/OviOZ1phpt3pDRzjLLBRJE2QUfmx/u2Z+BuHJsLN7CoQk3gVa2
YcXrwc/MoUEnMW5bAo9fDGhFV4s1ixULifrHn6fCREwheCG0XomdFRN/1BQcg+lG
PjC5b/ony1r7tk26Og4pxjz1eK+W6Q7re5SJS7Uig04aSHq4vcZvRoF3LebMkh3c
aQfETYOyr1p9Coe/at4oJGPahNfbkzz4ZVHWJpv2+gclufOUz2gzMSJmXWUdQdGX
ZGkajX85qA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:46:22 2025 by rpki-client