Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/CWMJQsKgUCIXkxxhwCzX2E1UXSM.roa
File: CWMJQsKgUCIXkxxhwCzX2E1UXSM.roa (raw, json)
Hash identifier: JLefzqgP3FaQaSvwATsVOBop+FBDjBp309UmJ2tv2HM=
Subject key identifier: 09:63:09:42:C2:A0:50:22:17:93:1C:61:C0:2C:D7:D8:4D:54:5D:23
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01941F8C6D6D43099113C213C388265BDED6
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/CWMJQsKgUCIXkxxhwCzX2E1UXSM.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2027
IP address blocks: 45.13.104.0/22 maxlen: 22
62.204.43.0/24 maxlen: 24
193.58.42.0/23 maxlen: 24
2a0e:e700::/31 maxlen: 31
2a0f:ce00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Mar 2025 23:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:6d:43:09:91:13:c2:13:c3:88:26:5b:de:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09630942c2a0502217931c61c02cd7d84d545d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c3:4f:ec:dc:d2:e2:29:ba:2b:af:9f:0d:8a:
f3:2f:79:d1:8d:c4:bc:76:7c:96:9d:8f:2a:bd:99:
49:03:73:d2:20:b1:59:f1:a8:b1:46:15:cf:96:a9:
1a:7f:87:e5:a0:03:9f:01:1a:de:22:5a:ad:26:d1:
6e:e8:e8:8b:8b:90:49:f1:e2:83:03:4e:09:b6:be:
ae:11:c6:fd:ff:07:5d:c8:14:4b:50:41:3d:6a:bc:
95:52:53:b4:89:d7:57:af:bc:ea:91:c6:61:4f:a3:
9c:81:e5:58:f5:f6:79:ed:2e:63:72:fc:a6:ca:b7:
20:78:c9:cd:1d:7f:2d:8c:45:64:ac:b6:4a:36:ff:
3a:81:a7:b2:40:9e:ca:f4:4f:fd:f5:d4:35:88:d5:
1e:59:34:96:f9:06:65:6a:aa:c9:3c:89:af:99:39:
8c:f8:19:0d:56:7e:66:d8:24:21:e5:54:40:b7:57:
50:28:bb:22:d6:98:03:05:fb:d3:31:37:90:59:95:
74:2a:32:13:9b:f1:bd:1f:44:97:8c:a8:2d:71:9b:
d2:fb:35:12:87:b5:0d:ec:44:42:82:74:fc:d2:42:
d9:c6:a9:52:e6:bf:ff:5d:41:cc:29:c3:45:dc:95:
d8:b4:ca:5a:a0:bc:2d:6c:a8:c6:4a:24:35:87:8e:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:63:09:42:C2:A0:50:22:17:93:1C:61:C0:2C:D7:D8:4D:54:5D:23
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/CWMJQsKgUCIXkxxhwCzX2E1UXSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.104.0/22
62.204.43.0/24
193.58.42.0/23
IPv6:
2a0e:e700::/31
2a0f:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
77:75:ad:13:4e:54:94:8a:c5:9b:9a:65:51:f8:b4:88:e2:55:
dc:d9:9c:19:58:cc:bf:c0:cf:48:88:63:97:9b:93:36:70:c8:
0a:98:89:08:41:e4:67:5d:cf:ce:6f:26:3b:4d:46:09:d6:55:
0b:8e:5d:1a:50:44:f2:bb:4f:c0:53:a6:26:42:b9:0c:e7:9a:
09:59:f3:b6:47:7b:f7:85:6e:9e:eb:3b:ac:54:de:d4:f8:55:
4a:f3:9b:b7:67:bf:c5:27:83:ed:76:7c:4a:3e:cb:ba:9e:be:
87:1f:d4:b9:48:3c:ba:1f:59:98:a8:4b:8b:f3:c2:2e:00:db:
41:01:1d:2e:a1:0c:43:f7:1d:3f:87:c6:a5:4e:5a:b8:03:fe:
6b:71:32:90:c8:cc:9f:3a:7e:d1:58:73:23:1c:00:45:6f:24:
2b:7e:b7:24:29:6d:21:3c:51:7f:38:38:57:c0:43:15:51:5e:
4a:2d:7a:e6:d4:6a:d6:72:85:fa:ef:5c:29:8b:61:39:52:0b:
f3:69:8e:eb:93:5b:35:41:00:94:13:db:28:bc:9e:61:88:8e:
9a:52:a9:ef:13:ca:fc:8c:26:f8:61:dd:d3:2d:71:b5:7b:38:
ac:7e:84:1b:ca:bc:7e:96:b8:e7:06:d5:84:0c:5d:cb:5c:73:
6a:c5:bc:fd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQfjG1tQwmRE8ITw4gmW97WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYzMDk0MmMyYTA1MDIyMTc5MzFjNjFjMDJjZDdkODRkNTQ1ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8NP7NzS4im6K6+fDYrzL3nRjcS8
dnyWnY8qvZlJA3PSILFZ8aixRhXPlqkaf4floAOfARreIlqtJtFu6OiLi5BJ8eKD
A04Jtr6uEcb9/wddyBRLUEE9aryVUlO0iddXr7zqkcZhT6OcgeVY9fZ57S5jcvym
yrcgeMnNHX8tjEVkrLZKNv86gaeyQJ7K9E/99dQ1iNUeWTSW+QZlaqrJPImvmTmM
+BkNVn5m2CQh5VRAt1dQKLsi1pgDBfvTMTeQWZV0KjITm/G9H0SXjKgtcZvS+zUS
h7UN7ERCgnT80kLZxqlS5r//XUHMKcNF3JXYtMpaoLwtbKjGSiQ1h44NMQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAljCULCoFAiF5McYcAs19hNVF0jMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvQ1dNSlFzS2dVQ0lYa3h4aHdDelgyRTFVWFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQ1oAwQA
PswrAwQBwToqMBQEAgACMA4DBQEqDucAAwUDKg/OADANBgkqhkiG9w0BAQsFAAOC
AQEAd3WtE05UlIrFm5plUfi0iOJV3NmcGVjMv8DPSIhjl5uTNnDICpiJCEHkZ13P
zm8mO01GCdZVC45dGlBE8rtPwFOmJkK5DOeaCVnztkd794Vunus7rFTe1PhVSvOb
t2e/xSeD7XZ8Sj7Lup6+hx/UuUg8uh9ZmKhLi/PCLgDbQQEdLqEMQ/cdP4fGpU5a
uAP+a3EykMjMnzp+0VhzIxwARW8kK363JCltITxRfzg4V8BDFVFeSi165tRq1nKF
+u9cKYthOVIL82mO65NbNUEAlBPbKLyeYYiOmlKp7xPK/Iwm+GHd0y1xtXs4rH6E
G8q8fpa45wbVhAxdy1xzasW8/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:57:48 2025 by rpki-client