Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wYAv0mHwTmoVAHk1zH2u9qBHxuI.roa
File: wYAv0mHwTmoVAHk1zH2u9qBHxuI.roa (raw, json)
Hash identifier: ETwdTakfYu2oHmnq6EGN2tTRS+1Qmm1BENnyVwKNZRQ=
Subject key identifier: C1:80:2F:D2:61:F0:4E:6A:15:00:79:35:CC:7D:AE:F6:A0:47:C6:E2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019643A55562759C801F069BE0BEFB0F8336
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wYAv0mHwTmoVAHk1zH2u9qBHxuI.roa
Signing time: Thu 17 Apr 2025 12:07:10 +0000
ROA not before: Thu 17 Apr 2025 12:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.91.22.0/24 maxlen: 24
45.128.198.0/24 maxlen: 24
45.130.141.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f44::/32 maxlen: 48
2a0f:f47::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
2a0f:e383::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Apr 2025 17:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:a5:55:62:75:9c:80:1f:06:9b:e0:be:fb:0f:83:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 17 12:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1802fd261f04e6a15007935cc7daef6a047c6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:83:a1:d5:1c:be:c1:58:fd:97:41:c3:f6:
85:32:5a:92:ed:52:56:b4:9b:0d:e9:08:93:ec:dc:
ae:3e:90:52:d1:92:0e:3f:93:7a:e1:7a:f7:da:f1:
dc:49:87:ad:dc:7c:11:09:80:54:1e:d0:f7:47:51:
90:dd:59:a5:3a:4c:7c:7d:73:09:ff:70:45:2c:e9:
5f:8b:e1:35:0f:c4:b8:f2:2d:72:12:e1:4b:72:19:
87:a3:7b:79:4e:ee:32:0e:b7:77:16:bd:9a:4e:fa:
4c:a9:00:73:a6:27:bc:00:1f:54:79:08:d9:6d:86:
62:c9:8a:ff:a2:2e:0f:12:3a:a8:34:07:51:2a:92:
00:f1:99:ce:0a:e0:b7:2b:4b:12:29:a1:cc:8b:bd:
aa:9e:bf:40:78:31:a5:f7:f8:62:66:ab:57:47:dd:
de:b0:92:bc:3c:1b:94:61:29:4d:d1:e0:3d:45:3a:
f0:cd:53:08:30:a9:2e:ef:38:e5:e0:1d:34:32:0a:
a4:8c:60:05:d9:19:42:ab:9b:8b:96:75:18:83:0c:
ca:e6:f8:f5:72:b8:a3:b0:76:b0:56:51:b6:24:0b:
4b:78:03:4a:55:a7:41:b3:8b:ed:14:e2:0b:9e:42:
52:fb:80:34:82:61:1b:d1:be:4e:71:e5:2a:7b:4f:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:80:2F:D2:61:F0:4E:6A:15:00:79:35:CC:7D:AE:F6:A0:47:C6:E2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wYAv0mHwTmoVAHk1zH2u9qBHxuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.22.0/24
45.128.198.0/24
45.130.141.0/24
IPv6:
2a07:e342::/32
2a0f:f44::/32
2a0f:f47::/32
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
47:2a:96:07:53:f2:de:8e:ee:c2:bf:78:9e:9f:89:f5:f4:6b:
4b:80:41:82:ac:6c:52:fd:49:a7:2e:5d:c4:a8:14:fc:4d:0d:
af:79:5c:47:d0:d0:52:5f:26:5c:f4:72:bd:28:5a:09:44:9c:
78:6a:49:0b:86:4d:cf:34:88:6d:4e:21:ed:fb:27:ba:c2:2e:
9a:94:15:e8:0a:fd:58:a9:78:d5:b2:bc:41:8f:84:99:42:fc:
a5:89:77:70:9b:4a:27:40:38:fd:72:03:06:d5:f5:a9:57:9a:
43:1e:c7:e0:32:30:29:77:15:16:2c:96:3b:b3:9e:76:66:3a:
c9:c3:ad:bf:9b:40:53:9a:0f:10:3d:d4:97:fd:30:89:3b:06:
6e:38:de:57:73:a8:fb:91:b0:e3:f1:59:d7:84:2d:4d:2b:d5:
3b:6a:c4:a8:d9:bb:91:3b:6a:cd:21:a3:45:5c:6a:f8:96:9c:
f3:31:2f:c7:87:32:e4:b1:f7:9d:db:f5:e7:b1:4e:81:4e:0c:
28:c5:33:ac:76:01:e8:90:ba:f5:00:17:e3:d6:5b:db:a9:35:
dc:e5:b2:54:4c:21:71:19:f5:87:2e:43:b0:d4:bd:88:ab:f2:
2c:51:0f:b8:ca:8e:8d:d9:75:98:44:7b:71:ec:16:0c:10:bf:
81:ea:e0:ec
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZZDpVVidZyAHwab4L77D4M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwNDE3MTIwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTgwMmZkMjYxZjA0ZTZhMTUwMDc5MzVjYzdkYWVmNmEwNDdjNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeuDodUcvsFY/ZdBw/aFMlqS7VJW
tJsN6QiT7NyuPpBS0ZIOP5N64Xr32vHcSYet3HwRCYBUHtD3R1GQ3VmlOkx8fXMJ
/3BFLOlfi+E1D8S48i1yEuFLchmHo3t5Tu4yDrd3Fr2aTvpMqQBzpie8AB9UeQjZ
bYZiyYr/oi4PEjqoNAdRKpIA8ZnOCuC3K0sSKaHMi72qnr9AeDGl9/hiZqtXR93e
sJK8PBuUYSlN0eA9RTrwzVMIMKku7zjl4B00MgqkjGAF2RlCq5uLlnUYgwzK5vj1
crijsHawVlG2JAtLeANKVadBs4vtFOILnkJS+4A0gmEb0b5OceUqe09uDQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMGAL9Jh8E5qFQB5Ncx9rvagR8biMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvd1lBdjBtSHdUbW9WQUhrMXpIMnU5cUJIeHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAYBAIAATASAwQALVsWAwQA
LYDGAwQALYKNMDkEAgACMDMDBQAqB+NCAwUAKg8PRAMFACoPD0cDBQMqDydAMA4D
BQAqD+ODAwUBKg/jhAMFACoP44cwDQYJKoZIhvcNAQELBQADggEBAEcqlgdT8t6O
7sK/eJ6fifX0a0uAQYKsbFL9SacuXcSoFPxNDa95XEfQ0FJfJlz0cr0oWglEnHhq
SQuGTc80iG1OIe37J7rCLpqUFegK/VipeNWyvEGPhJlC/KWJd3CbSidAOP1yAwbV
9alXmkMex+AyMCl3FRYsljuznnZmOsnDrb+bQFOaDxA91Jf9MIk7Bm443ldzqPuR
sOPxWdeELU0r1TtqxKjZu5E7as0ho0VcaviWnPMxL8eHMuSx953b9eexToFODCjF
M6x2AeiQuvUAF+PWW9upNdzlslRMIXEZ9YcuQ7DUvYir8ixRD7jKjo3ZdZhEe3Hs
FgwQv4Hq4Ow=
-----END CERTIFICATE-----
Generated at Wed May 7 17:57:02 2025 by rpki-client