Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/wzYYrr55KANRGrKTMIDD64ds-Ac.roa
File: wzYYrr55KANRGrKTMIDD64ds-Ac.roa (raw, json)
Hash identifier: loo0U7sUTKpG7WY7xfthMKg/7qn63gHJNsPM2S4fH9s=
Subject key identifier: C3:36:18:AE:BE:79:28:03:51:1A:B2:93:30:80:C3:EB:87:6C:F8:07
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 019418F1AC1859B3F674BCECDAC1137D60EB
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/wzYYrr55KANRGrKTMIDD64ds-Ac.roa
Signing time: Mon 30 Dec 2024 19:01:18 +0000
ROA not before: Mon 30 Dec 2024 19:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.157.138.0/24 maxlen: 24
185.225.188.0/24 maxlen: 24
193.56.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 19:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:f1:ac:18:59:b3:f6:74:bc:ec:da:c1:13:7d:60:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Dec 30 19:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c33618aebe792803511ab2933080c3eb876cf807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:c9:cd:a2:f1:b0:2c:51:cd:a4:47:ae:8f:
dc:67:29:a9:1f:87:53:7b:04:4b:c7:b6:b0:02:a1:
67:74:0f:04:93:30:4e:a5:89:f8:d0:d4:e7:7a:3a:
8a:39:61:ab:47:e2:62:f1:b4:78:85:bd:5c:95:d0:
ae:b0:1a:bf:f4:07:27:f0:06:2d:13:27:8e:21:02:
75:73:ab:3a:d0:58:0c:9c:19:0f:e8:3e:a4:eb:fb:
1f:38:e7:43:1a:95:1b:16:92:00:c7:8b:1c:e0:71:
10:c1:44:aa:5c:ac:61:76:e8:3b:6b:60:86:17:2e:
a2:6c:6c:38:c7:35:eb:33:d9:87:5e:94:eb:a7:1b:
d7:81:d2:e9:b1:b2:2d:33:64:e9:b1:cf:7e:26:44:
02:ca:08:91:cb:b3:e2:72:ce:aa:00:93:0b:82:d1:
28:1e:75:44:30:39:cc:36:23:2a:b9:38:44:c9:9d:
c0:a5:4a:41:79:7b:20:25:c2:3b:89:66:93:04:40:
6a:84:73:1d:d0:b5:a4:18:2a:1f:d6:f3:1b:56:16:
e8:46:7b:16:e5:86:95:5b:36:03:f5:10:fa:da:cc:
51:bd:3f:f9:9c:c1:33:40:0f:bb:59:78:65:c2:7a:
69:0c:e0:43:0f:f7:44:a8:8a:9c:30:c5:18:4d:4f:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:36:18:AE:BE:79:28:03:51:1A:B2:93:30:80:C3:EB:87:6C:F8:07
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/wzYYrr55KANRGrKTMIDD64ds-Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.138.0/24
185.225.188.0/24
193.56.112.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:fc:81:27:e2:f7:7f:b7:8c:05:1d:ba:96:7e:f9:06:da:fd:
31:0e:d2:f0:0b:03:52:49:a1:00:6b:88:64:a6:d5:66:4a:38:
7d:41:4e:e0:1d:e6:d1:b5:14:be:f6:55:e3:a8:b9:54:58:93:
84:66:e7:1f:3e:6a:cb:87:47:2d:18:80:f1:23:02:49:5b:80:
a6:7e:ef:a3:03:dc:e5:e2:9c:ea:cb:d5:7d:af:57:2c:bf:5a:
c1:98:46:63:86:68:48:46:99:9a:03:ac:f8:be:3a:02:68:a4:
c7:14:14:d3:c1:66:4b:7d:49:ea:6d:e9:6f:b0:99:ef:8d:19:
72:37:eb:1d:0f:5d:4f:ce:73:e7:f1:38:59:0d:57:d4:f3:19:
b9:c1:ab:27:17:ca:8b:18:8c:f0:8c:63:fe:aa:d0:09:46:33:
83:af:18:e0:9c:05:2c:67:bb:4a:ad:a1:72:6b:0b:48:d9:b9:
b7:38:f6:90:19:8d:04:cf:8d:85:4c:c1:fe:3e:db:ba:b1:89:
b7:9a:f7:07:17:19:b4:da:1c:bd:ff:2a:0d:27:f1:33:9f:63:
55:54:b8:4f:51:cc:29:95:4a:21:67:49:02:3d:0b:97:69:b4:
eb:e1:96:9b:0b:ff:9c:86:45:9a:78:b9:01:46:62:3d:82:a8:
03:a0:aa:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQY8awYWbP2dLzs2sETfWDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMjMwMTkwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzM2MThhZWJlNzkyODAzNTExYWIyOTMzMDgwYzNlYjg3NmNmODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynrJzaLxsCxRzaRHro/cZympH4dT
ewRLx7awAqFndA8EkzBOpYn40NTnejqKOWGrR+Ji8bR4hb1cldCusBq/9Acn8AYt
EyeOIQJ1c6s60FgMnBkP6D6k6/sfOOdDGpUbFpIAx4sc4HEQwUSqXKxhdug7a2CG
Fy6ibGw4xzXrM9mHXpTrpxvXgdLpsbItM2Tpsc9+JkQCygiRy7Pics6qAJMLgtEo
HnVEMDnMNiMquThEyZ3ApUpBeXsgJcI7iWaTBEBqhHMd0LWkGCof1vMbVhboRnsW
5YaVWzYD9RD62sxRvT/5nMEzQA+7WXhlwnppDOBDD/dEqIqcMMUYTU/8kwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMM2GK6+eSgDURqykzCAw+uHbPgHMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvd3pZWXJyNTVLQU5SR3JLVE1JREQ2NGRzLUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZ2KAwQA
ueG8AwQAwThwMA0GCSqGSIb3DQEBCwUAA4IBAQCl/IEn4vd/t4wFHbqWfvkG2v0x
DtLwCwNSSaEAa4hkptVmSjh9QU7gHebRtRS+9lXjqLlUWJOEZucfPmrLh0ctGIDx
IwJJW4Cmfu+jA9zl4pzqy9V9r1csv1rBmEZjhmhIRpmaA6z4vjoCaKTHFBTTwWZL
fUnqbelvsJnvjRlyN+sdD11PznPn8ThZDVfU8xm5wasnF8qLGIzwjGP+qtAJRjOD
rxjgnAUsZ7tKraFyawtI2bm3OPaQGY0Ez42FTMH+Ptu6sYm3mvcHFxm02hy9/yoN
J/Ezn2NVVLhPUcwplUohZ0kCPQuXabTr4ZabC/+chkWaeLkBRmI9gqgDoKpq
-----END CERTIFICATE-----
Generated at Thu May 8 07:33:29 2025 by rpki-client