Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vnwsiWomsIqrTCCP7oEgZBU1nXo.roa
File: vnwsiWomsIqrTCCP7oEgZBU1nXo.roa (raw, json)
Hash identifier: Gfi1zxT55LvuvQnkJw+K82n7zaLADLlapAd1VzI1tgE=
Subject key identifier: BE:7C:2C:89:6A:26:B0:8A:AB:4C:20:8F:EE:81:20:64:15:35:9D:7A
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0195A59DB07EFFED799D28C7036A0B2A0E03
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vnwsiWomsIqrTCCP7oEgZBU1nXo.roa
Signing time: Mon 17 Mar 2025 19:38:49 +0000
ROA not before: Mon 17 Mar 2025 19:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
91.132.160.0/22 maxlen: 22
152.89.28.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 14:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:9d:b0:7e:ff:ed:79:9d:28:c7:03:6a:0b:2a:0e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 17 19:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be7c2c896a26b08aab4c208fee81206415359d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9b:c2:90:dd:bb:fc:be:f1:67:01:c9:84:60:
4b:76:74:33:46:de:b2:5e:fe:6a:b0:cf:ee:2b:9c:
13:64:02:fc:e6:3e:8c:15:01:76:9a:7f:47:0c:43:
f1:a4:20:33:14:44:28:34:f3:dd:c6:95:41:4b:ef:
4d:41:df:35:f8:33:fc:f7:5b:ea:41:e9:23:48:eb:
3d:e4:a4:23:93:cb:05:be:d4:3d:fb:cb:66:a0:ff:
d5:34:1f:c8:f7:f3:d1:8d:9f:7d:a1:ce:3e:bf:e3:
6b:7f:a0:15:65:f2:63:e7:62:69:08:bc:a8:14:93:
ea:af:03:26:26:c1:f5:e0:d9:9a:47:ac:13:6a:8b:
3d:99:60:4c:df:3f:08:de:fb:0b:17:1a:ee:9a:bd:
1b:30:2e:be:8a:fe:1b:34:7e:28:df:c3:08:8f:76:
6d:34:37:29:c0:ba:0e:57:76:e1:11:98:c7:8c:4e:
d0:68:f5:5a:c5:98:92:3f:c2:ee:4b:6b:0f:0c:d5:
49:36:d6:cc:68:79:64:45:d5:58:2d:89:eb:25:23:
15:7c:f6:09:43:94:1b:8a:ad:6f:9e:7b:b2:69:7f:
9e:e3:87:5c:93:cd:ee:e2:0f:f3:ee:ff:cb:e4:c5:
36:03:5e:0a:9a:73:aa:b1:b1:e9:48:33:4a:8d:25:
53:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7C:2C:89:6A:26:B0:8A:AB:4C:20:8F:EE:81:20:64:15:35:9D:7A
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vnwsiWomsIqrTCCP7oEgZBU1nXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
152.89.28.0/22
193.135.151.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:44:98:f4:d6:1c:0c:8c:6d:97:3a:a2:04:71:2a:64:fe:9a:
d8:69:33:76:fb:ab:c8:83:65:df:95:b1:1e:fd:b0:ce:90:e6:
93:aa:e3:be:03:a2:95:04:0b:b4:b2:33:7b:5e:6a:ba:f6:c9:
f1:fa:72:72:08:c5:6c:6e:4a:21:43:db:61:d1:d9:bc:ae:b6:
db:1e:41:ab:4d:30:a4:46:cb:cb:15:f4:12:8a:5f:8a:1d:6c:
fb:54:5e:2d:55:e1:a8:f4:96:be:96:67:ec:73:55:83:11:58:
2d:5b:ba:7f:5b:e6:40:fd:ef:8e:85:5a:0a:0f:03:66:b7:ad:
d6:14:e9:a2:18:5e:44:28:bb:78:62:a5:91:f3:6f:43:79:5f:
4e:b0:74:67:07:4f:fd:39:d4:14:93:79:99:ea:5a:25:0f:2f:
38:58:4d:89:c4:97:e9:84:e1:cf:f3:bf:26:85:a6:4a:84:db:
ba:b8:32:60:b3:32:3b:7d:34:ce:de:64:73:c3:e3:8b:f4:b7:
80:f8:7d:a6:df:0a:44:a2:9b:18:82:b2:88:a7:af:8f:73:17:
ce:88:5b:3e:d6:c3:46:c0:05:20:a0:a3:14:d5:2e:bc:3a:a9:
b5:8a:23:e2:d3:db:1c:e5:76:d7:6c:c4:af:10:92:af:08:ed:
dc:ab:f4:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWlnbB+/+15nSjHA2oLKg4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMzE3MTkzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdjMmM4OTZhMjZiMDhhYWI0YzIwOGZlZTgxMjA2NDE1MzU5ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JvCkN27/L7xZwHJhGBLdnQzRt6y
Xv5qsM/uK5wTZAL85j6MFQF2mn9HDEPxpCAzFEQoNPPdxpVBS+9NQd81+DP891vq
QekjSOs95KQjk8sFvtQ9+8tmoP/VNB/I9/PRjZ99oc4+v+Nrf6AVZfJj52JpCLyo
FJPqrwMmJsH14NmaR6wTaos9mWBM3z8I3vsLFxrumr0bMC6+iv4bNH4o38MIj3Zt
NDcpwLoOV3bhEZjHjE7QaPVaxZiSP8LuS2sPDNVJNtbMaHlkRdVYLYnrJSMVfPYJ
Q5Qbiq1vnnuyaX+e44dck83u4g/z7v/L5MU2A14KmnOqsbHpSDNKjSVT/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL58LIlqJrCKq0wgj+6BIGQVNZ16MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvdm53c2lXb21zSXFyVENDUDdvRWdaQlUxblhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYoMAwQC
W4SgAwQCmFkcAwQAwYeXMA0GCSqGSIb3DQEBCwUAA4IBAQCnRJj01hwMjG2XOqIE
cSpk/prYaTN2+6vIg2XflbEe/bDOkOaTquO+A6KVBAu0sjN7Xmq69snx+nJyCMVs
bkohQ9th0dm8rrbbHkGrTTCkRsvLFfQSil+KHWz7VF4tVeGo9Ja+lmfsc1WDEVgt
W7p/W+ZA/e+OhVoKDwNmt63WFOmiGF5EKLt4YqWR829DeV9OsHRnB0/9OdQUk3mZ
6lolDy84WE2JxJfphOHP878mhaZKhNu6uDJgszI7fTTO3mRzw+OL9LeA+H2m3wpE
opsYgrKIp6+PcxfOiFs+1sNGwAUgoKMU1S68Oqm1iiPi09sc5XbXbMSvEJKvCO3c
q/Tj
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:46 2025 by rpki-client