Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Z4MFymZm0FjPybdpsVJWWUds3nY.roa
File: Z4MFymZm0FjPybdpsVJWWUds3nY.roa (raw, json)
Hash identifier: mlDv9W0MLYJXiuVh/Lr1TgEtf7uvknO1MbVJjfhQHuo=
Subject key identifier: 67:83:05:CA:66:66:D0:58:CF:C9:B7:69:B1:52:56:59:47:6C:DE:76
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019457045DDEDD8F531C15724C4855EF69A4
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Z4MFymZm0FjPybdpsVJWWUds3nY.roa
Signing time: Sat 11 Jan 2025 20:18:11 +0000
ROA not before: Sat 11 Jan 2025 20:18:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Jan 2025 20:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:04:5d:de:dd:8f:53:1c:15:72:4c:48:55:ef:69:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 11 20:18:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=678305ca6666d058cfc9b769b1525659476cde76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3f:e8:2e:25:6f:a1:25:b3:53:69:9e:b4:c4:
23:90:eb:f5:8f:24:e7:cb:59:d8:61:ea:e2:a7:77:
72:19:e1:39:7b:0c:0a:d8:c0:ab:10:58:67:b8:2c:
df:e8:78:12:3c:44:4b:e6:4c:e9:66:b8:b3:55:93:
77:6c:62:f0:a6:f4:1d:14:49:11:5a:80:c5:bc:ba:
12:20:34:c7:4d:8d:bc:66:c0:63:e5:07:eb:c5:19:
b1:32:6d:cb:c4:ec:f4:34:b1:cb:57:64:5e:cc:56:
81:0c:14:1f:35:43:33:3b:65:82:d6:de:bc:b9:a7:
77:67:72:55:9b:47:97:c2:b4:f4:e4:4e:82:17:0c:
b4:7a:19:75:0e:bb:53:48:28:cb:05:cd:fa:b8:c8:
c3:a0:65:90:47:04:0b:a5:ab:0a:b3:9b:2d:f0:b1:
9b:4f:63:73:3b:94:2f:e5:53:24:36:fe:bc:5e:ad:
4f:c2:37:89:86:53:98:4e:17:e9:a3:59:2f:ba:d5:
84:99:5d:00:11:7e:12:1d:c1:a0:0e:4c:9d:74:7b:
f5:db:fc:ce:cd:0c:cd:5e:b6:22:20:b2:93:84:e6:
9f:a1:27:8b:0a:7e:f9:cb:42:8b:a6:45:fe:07:18:
bd:41:84:b7:4e:e6:8b:b0:4c:34:e4:2f:d7:aa:75:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:83:05:CA:66:66:D0:58:CF:C9:B7:69:B1:52:56:59:47:6C:DE:76
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Z4MFymZm0FjPybdpsVJWWUds3nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0-45.136.2.255
185.211.48.0-185.211.50.255
Signature Algorithm: sha256WithRSAEncryption
1d:eb:39:11:c0:41:90:89:80:3d:ef:14:a2:04:dd:20:52:b8:
99:e3:83:2c:56:ab:5c:cc:df:60:75:3a:d0:0f:e0:35:0a:6c:
24:bc:eb:6c:26:9b:65:c4:0d:ad:8c:dc:bf:ae:09:01:e8:1a:
e5:c5:27:2e:ca:68:15:9c:5c:69:59:7c:33:58:9e:e4:06:2f:
59:25:a9:df:90:b5:c0:96:f0:1b:b9:38:ca:7a:8d:34:8a:45:
60:d2:42:bb:c2:b1:7d:25:bf:9b:a4:a3:dc:47:57:8d:4b:50:
ab:5b:01:55:b6:86:7a:97:3a:a0:90:01:1f:f4:28:94:89:d8:
76:ee:26:c4:33:28:db:8d:d7:cf:cf:dc:0f:fe:78:bf:44:bb:
29:9b:f4:61:07:7e:18:d8:f3:92:f6:0b:ab:ae:53:de:8d:5d:
0c:65:73:7c:91:f6:87:3f:00:1c:51:7c:0c:1a:b3:e9:4d:33:
a0:14:11:53:c1:c5:df:5c:a4:e6:c2:45:a9:a4:14:e1:76:98:
47:c4:2e:ee:c9:73:2e:6d:f2:0d:18:ff:8d:2d:e3:94:5e:9d:
9c:cd:94:bf:be:42:ea:1f:b3:51:3b:c2:e8:9d:32:b5:92:7d:
38:13:56:5f:24:91:e9:64:7b:84:59:1c:88:06:21:a3:04:38:
2b:af:8e:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZRXBF3e3Y9THBVyTEhV72mkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTExMjAxODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzgzMDVjYTY2NjZkMDU4Y2ZjOWI3NjliMTUyNTY1OTQ3NmNkZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT/oLiVvoSWzU2metMQjkOv1jyTn
y1nYYerip3dyGeE5ewwK2MCrEFhnuCzf6HgSPERL5kzpZrizVZN3bGLwpvQdFEkR
WoDFvLoSIDTHTY28ZsBj5QfrxRmxMm3LxOz0NLHLV2RezFaBDBQfNUMzO2WC1t68
uad3Z3JVm0eXwrT05E6CFwy0ehl1DrtTSCjLBc36uMjDoGWQRwQLpasKs5st8LGb
T2NzO5Qv5VMkNv68Xq1PwjeJhlOYThfpo1kvutWEmV0AEX4SHcGgDkyddHv12/zO
zQzNXrYiILKThOafoSeLCn75y0KLpkX+Bxi9QYS3TuaLsEw05C/XqnWCmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGeDBcpmZtBYz8m3abFSVllHbN52MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWjRNRnltWm0wRmpQeWJkcHNWSldXVWRzM25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwMtiAME
AC2IAjAMAwQEudMwAwQAudMyMA0GCSqGSIb3DQEBCwUAA4IBAQAd6zkRwEGQiYA9
7xSiBN0gUriZ44MsVqtczN9gdTrQD+A1CmwkvOtsJptlxA2tjNy/rgkB6BrlxScu
ymgVnFxpWXwzWJ7kBi9ZJanfkLXAlvAbuTjKeo00ikVg0kK7wrF9Jb+bpKPcR1eN
S1CrWwFVtoZ6lzqgkAEf9CiUidh27ibEMyjbjdfPz9wP/ni/RLspm/RhB34Y2POS
9gurrlPejV0MZXN8kfaHPwAcUXwMGrPpTTOgFBFTwcXfXKTmwkWppBThdphHxC7u
yXMubfINGP+NLeOUXp2czZS/vkLqH7NRO8LonTK1kn04E1ZfJJHpZHuEWRyIBiGj
BDgrr474
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:26 2025 by rpki-client