Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/PIZuc3j_UkAIb1sGJRqUMHILfm4.roa
File: PIZuc3j_UkAIb1sGJRqUMHILfm4.roa (raw, json)
Hash identifier: dN2yYHKF0xXR0ysnOI4vssZVNO43TDJuZfY74rpD8Z4=
Subject key identifier: 3C:86:6E:73:78:FF:52:40:08:6F:5B:06:25:1A:94:30:72:0B:7E:6E
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 01958FAFAE43849CCD527C0224C6BC7029A9
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/PIZuc3j_UkAIb1sGJRqUMHILfm4.roa
Signing time: Thu 13 Mar 2025 13:26:50 +0000
ROA not before: Thu 13 Mar 2025 13:26:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212165
IP address blocks: 45.87.245.0/24 maxlen: 24
185.224.212.0/24 maxlen: 24
2a10:9680::/32 maxlen: 32
2a10:9684::/32 maxlen: 32
2a10:9685::/32 maxlen: 32
2a12:6c40::/29 maxlen: 29
2a12:7f40::/29 maxlen: 29
2a12:92c0::/29 maxlen: 29
2a12:b3c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 20:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:af:ae:43:84:9c:cd:52:7c:02:24:c6:bc:70:29:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Mar 13 13:26:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c866e7378ff5240086f5b06251a9430720b7e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3c:87:4c:82:bd:87:fa:4d:a5:e7:1a:57:02:
1c:59:fb:fd:7c:e5:61:1f:be:94:5c:61:5d:fd:2b:
61:a3:7c:83:e8:07:b1:cd:26:94:d8:fd:71:b0:b6:
c0:0c:43:96:06:7e:e9:88:e7:0f:9d:df:cb:f4:9f:
1f:cd:e3:12:ac:20:10:c3:cc:aa:4a:57:87:bf:ac:
0f:31:b9:d2:1a:69:3f:39:ec:8e:93:2e:9d:d4:9e:
04:fe:ab:18:e5:9b:77:9e:4a:9f:f8:c2:e9:05:ae:
3e:af:30:0d:bd:6c:b4:57:e2:93:cd:57:5b:3c:d1:
90:4e:8b:23:2d:55:60:f9:51:a9:25:3e:b6:18:4d:
2d:dc:e6:16:9b:61:91:bb:1d:e7:c3:be:ea:44:31:
67:d5:51:84:cf:df:61:5c:33:b6:6c:f6:fb:cc:00:
c2:16:2f:d5:d7:8a:de:54:da:4e:ec:9c:55:79:96:
fa:28:7a:f2:63:bf:76:2d:c3:3d:58:f1:22:03:d4:
d6:c7:53:49:4a:49:58:f5:f1:58:13:51:c6:c7:0f:
e2:76:d6:91:58:25:74:66:93:db:65:a6:da:32:12:
88:ca:f6:14:51:e6:34:1c:3b:b5:0b:80:3e:bd:17:
06:ce:48:2e:e6:94:4b:00:f6:89:5b:6a:d9:0d:b5:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:86:6E:73:78:FF:52:40:08:6F:5B:06:25:1A:94:30:72:0B:7E:6E
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/PIZuc3j_UkAIb1sGJRqUMHILfm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.245.0/24
185.224.212.0/24
IPv6:
2a10:9680::/32
2a10:9684::/31
2a12:6c40::/29
2a12:7f40::/29
2a12:92c0::/29
2a12:b3c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
68:fe:e0:c5:17:88:5a:60:c8:00:78:79:60:19:3c:8c:0a:6d:
65:54:67:bb:45:77:de:6c:3b:f1:82:4b:47:f3:c1:98:68:d7:
31:54:46:ed:e7:d1:fe:aa:46:9d:86:18:b2:fc:7e:2a:38:f1:
e2:a3:7b:6f:23:aa:90:32:60:25:b4:46:1b:1e:a0:7d:af:02:
3c:64:d7:06:d8:78:5e:9f:c9:42:a5:55:da:ae:fb:30:6e:4f:
3f:c1:b2:c7:cc:fd:2f:e0:9e:b1:22:57:b2:46:a3:04:72:df:
5c:86:6f:d6:da:74:3c:62:19:8e:e4:60:2b:6c:a3:f4:e6:3a:
e0:c8:fe:a6:23:d2:e8:69:00:11:4c:44:8d:70:dc:28:4c:74:
10:76:7e:60:64:33:9a:d7:cf:7a:9e:82:14:1c:eb:1d:7b:57:
9a:55:22:a2:60:0f:e7:da:ca:95:4b:a7:5e:33:09:79:8d:72:
b4:61:40:0e:ae:2a:ac:ac:b0:03:71:ca:db:ad:97:a8:73:57:
0b:93:73:5d:a4:c2:4c:08:4b:bd:9a:e4:19:9c:56:0b:87:48:
46:a1:69:d2:be:a5:be:51:0a:f5:5e:69:40:fe:c0:82:e9:61:
7b:76:b2:6b:48:96:2f:88:2b:46:06:a0:b3:65:9b:3e:99:d8:
5f:b4:55:65
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZWPr65DhJzNUnwCJMa8cCmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjUwMzEzMTMyNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg2NmU3Mzc4ZmY1MjQwMDg2ZjViMDYyNTFhOTQzMDcyMGI3ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjyHTIK9h/pNpecaVwIcWfv9fOVh
H76UXGFd/Stho3yD6AexzSaU2P1xsLbADEOWBn7piOcPnd/L9J8fzeMSrCAQw8yq
SleHv6wPMbnSGmk/OeyOky6d1J4E/qsY5Zt3nkqf+MLpBa4+rzANvWy0V+KTzVdb
PNGQTosjLVVg+VGpJT62GE0t3OYWm2GRux3nw77qRDFn1VGEz99hXDO2bPb7zADC
Fi/V14reVNpO7JxVeZb6KHryY792LcM9WPEiA9TWx1NJSklY9fFYE1HGxw/idtaR
WCV0ZpPbZabaMhKIyvYUUeY0HDu1C4A+vRcGzkgu5pRLAPaJW2rZDbXXrwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDyGbnN4/1JACG9bBiUalDByC35uMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvUEladWMzal9Va0FJYjFzR0pScVVNSElMZm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDASBAIAATAMAwQALVf1AwQA
ueDUMDIEAgACMCwDBQAqEJaAAwUBKhCWhAMFAyoSbEADBQMqEn9AAwUDKhKSwAMH
ACoSs8D//zANBgkqhkiG9w0BAQsFAAOCAQEAaP7gxReIWmDIAHh5YBk8jAptZVRn
u0V33mw78YJLR/PBmGjXMVRG7efR/qpGnYYYsvx+Kjjx4qN7byOqkDJgJbRGGx6g
fa8CPGTXBth4Xp/JQqVV2q77MG5PP8Gyx8z9L+CesSJXskajBHLfXIZv1tp0PGIZ
juRgK2yj9OY64Mj+piPS6GkAEUxEjXDcKEx0EHZ+YGQzmtfPep6CFBzrHXtXmlUi
omAP59rKlUunXjMJeY1ytGFADq4qrKywA3HK262XqHNXC5NzXaTCTAhLvZrkGZxW
C4dIRqFp0r6lvlEK9V5pQP7Agulhe3aya0iWL4grRgags2WbPpnYX7RVZQ==
-----END CERTIFICATE-----
Generated at Sat May 10 20:06:27 2025 by rpki-client