Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wJuhgcqOeQg5NmYyxIGMUmkPHAk.roa
File: wJuhgcqOeQg5NmYyxIGMUmkPHAk.roa (raw, json)
Hash identifier: 33de9EomYBKplTC2inZpXDgpeAYxMiCbTavtCSUzAbQ=
Subject key identifier: C0:9B:A1:81:CA:8E:79:08:39:36:66:32:C4:81:8C:52:69:0F:1C:09
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220176F40C6ADE541DF8AC7166F183E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wJuhgcqOeQg5NmYyxIGMUmkPHAk.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.147.224.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 12:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:17:6f:40:c6:ad:e5:41:df:8a:c7:16:6f:18:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c09ba181ca8e790839366632c4818c52690f1c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:74:60:5d:f5:6c:52:a2:7d:31:95:80:15:
f5:a8:a5:e5:6d:dd:8d:40:70:e8:d5:0f:61:39:c4:
e8:a1:3e:66:be:7d:15:3d:6e:43:86:bd:f9:2f:93:
c9:90:a7:98:b0:4d:cc:2e:83:05:d8:a9:ab:e3:91:
4a:4a:94:7b:fa:54:d0:c0:7e:e7:7a:bb:0f:c3:49:
0f:43:91:46:62:89:1f:5a:6a:d1:95:6a:ed:26:67:
7d:d7:60:f9:cb:da:88:2f:a0:93:4a:29:cb:8c:36:
10:6d:47:f6:84:a2:fb:87:44:d2:c7:5a:83:01:79:
00:18:9e:1e:bc:6c:2a:12:e8:ec:a9:22:04:4f:33:
4c:6a:7a:c3:48:59:47:d9:5d:01:1d:04:f4:3c:38:
9d:5f:8a:d6:fe:76:a6:04:c6:33:ed:24:5d:3c:cf:
1d:7f:58:f0:37:2b:21:d2:82:df:eb:83:0c:b7:20:
7c:7d:5d:28:ad:db:42:0e:a1:1e:81:04:12:30:4e:
fc:58:10:9a:61:19:94:60:78:bf:a1:60:38:22:13:
1e:7b:fe:52:a7:8d:97:14:97:f4:83:75:bb:d8:ff:
cf:03:b8:eb:10:c7:5b:e9:14:6d:0d:87:8d:67:9e:
65:b8:a5:a6:68:50:5d:5d:58:9b:85:9f:1b:8c:5f:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9B:A1:81:CA:8E:79:08:39:36:66:32:C4:81:8C:52:69:0F:1C:09
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wJuhgcqOeQg5NmYyxIGMUmkPHAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
194.5.67.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8e:52:55:3a:1c:48:95:f2:63:23:a4:34:1c:12:03:48:6b:
c4:d6:f9:c9:1f:18:78:a3:51:e4:b0:7c:12:ba:6b:25:ee:59:
23:fb:ec:d3:b4:89:43:cd:a0:ef:be:e4:8f:95:d2:24:80:1c:
bb:87:e8:ee:ab:11:a5:bb:a1:46:39:ee:1d:19:aa:fa:56:72:
1e:ae:8c:2f:d7:da:60:c3:20:b2:08:8b:0c:fd:00:20:af:cf:
19:ed:a1:a1:e1:31:11:d0:40:e5:91:e0:1f:ab:16:3f:83:f1:
5b:b6:bc:5d:93:39:85:cc:8b:b8:8b:4e:cb:64:81:ed:e6:8a:
9f:f3:6d:1d:bc:a4:dc:ed:b8:1f:0e:35:e9:51:07:2a:9e:b0:
7d:16:84:70:b1:8d:26:b2:c6:ea:18:a7:34:b8:f1:5e:f0:00:
18:74:71:3a:c5:3d:21:5e:16:6d:1b:b1:02:de:b4:8f:2d:97:
be:1c:2c:78:f5:63:e6:3c:7e:fa:d9:6c:40:82:56:1e:e8:13:
6a:10:28:b5:a4:f5:79:a2:6f:b6:b7:38:89:fc:84:7d:75:ad:
49:91:aa:e1:75:c7:45:f2:7f:e4:4d:35:71:53:16:aa:74:f6:
fc:bf:6f:c4:e3:f3:b0:e6:7d:dc:cc:65:12:c8:fa:1b:d2:6f:
7b:1f:5c:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiIBdvQMat5UHfiscWbxg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDliYTE4MWNhOGU3OTA4MzkzNjY2MzJjNDgxOGM1MjY5MGYxYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS10YF31bFKifTGVgBX1qKXlbd2N
QHDo1Q9hOcTooT5mvn0VPW5Dhr35L5PJkKeYsE3MLoMF2Kmr45FKSpR7+lTQwH7n
ersPw0kPQ5FGYokfWmrRlWrtJmd912D5y9qIL6CTSinLjDYQbUf2hKL7h0TSx1qD
AXkAGJ4evGwqEujsqSIETzNManrDSFlH2V0BHQT0PDidX4rW/namBMYz7SRdPM8d
f1jwNysh0oLf64MMtyB8fV0ordtCDqEegQQSME78WBCaYRmUYHi/oWA4IhMee/5S
p42XFJf0g3W72P/PA7jrEMdb6RRtDYeNZ55luKWmaFBdXVibhZ8bjF+jlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMCboYHKjnkIOTZmMsSBjFJpDxwJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvd0p1aGdjcU9lUWc1Tm1ZeXhJR01VbWtQSEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZPgAwQA
ud4eAwQAwgVDMA0GCSqGSIb3DQEBCwUAA4IBAQBhjlJVOhxIlfJjI6Q0HBIDSGvE
1vnJHxh4o1HksHwSumsl7lkj++zTtIlDzaDvvuSPldIkgBy7h+juqxGlu6FGOe4d
Gar6VnIerowv19pgwyCyCIsM/QAgr88Z7aGh4TER0EDlkeAfqxY/g/FbtrxdkzmF
zIu4i07LZIHt5oqf820dvKTc7bgfDjXpUQcqnrB9FoRwsY0mssbqGKc0uPFe8AAY
dHE6xT0hXhZtG7EC3rSPLZe+HCx49WPmPH762WxAglYe6BNqECi1pPV5om+2tziJ
/IR9da1JkarhdcdF8n/kTTVxUxaqdPb8v2/E4/Ow5n3czGUSyPob0m97H1zp
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:57 2025 by rpki-client