Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wFZ2nzDJ8UQg8HH9NJR_TGZFRZM.roa
File: wFZ2nzDJ8UQg8HH9NJR_TGZFRZM.roa (raw, json)
Hash identifier: 1cdI791LwHFfw4AKDVuv9E+BrE5ZiQOvdmy7RqIk9p4=
Subject key identifier: C0:56:76:9F:30:C9:F1:44:20:F0:71:FD:34:94:7F:4C:66:45:45:93
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019594E858780AF22A14FE7022356D626E04
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wFZ2nzDJ8UQg8HH9NJR_TGZFRZM.roa
Signing time: Fri 14 Mar 2025 13:46:49 +0000
ROA not before: Fri 14 Mar 2025 13:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 31.132.52.0/24 maxlen: 24
45.248.55.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 16:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:e8:58:78:0a:f2:2a:14:fe:70:22:35:6d:62:6e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 14 13:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c056769f30c9f14420f071fd34947f4c66454593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:35:6a:66:6a:ae:62:f3:af:8a:21:4b:09:
1a:9f:a2:c3:1c:4e:a6:09:9a:de:e5:9b:41:4c:f9:
2d:80:aa:0d:3b:95:80:54:49:a6:2e:19:e1:48:fc:
42:8c:aa:16:75:57:68:23:e2:33:a4:b3:39:b1:68:
95:91:44:b9:2c:4a:36:2c:a0:98:ec:bb:8b:7f:1e:
8d:75:82:da:23:55:5f:bd:24:48:4f:27:ce:d8:d4:
6d:56:34:5a:b2:c5:7d:5a:dd:13:ae:d2:dd:c4:fa:
33:cb:d0:b6:4f:4f:60:76:fa:95:f1:1f:e1:6e:f0:
68:47:3d:d9:f6:a7:61:28:68:39:d3:82:13:cf:f7:
d9:cd:d5:29:fc:51:d6:dc:e2:6b:28:7d:76:26:09:
8b:4e:a0:3c:9e:09:de:b1:37:b3:c3:2d:1a:cb:bd:
9a:c7:35:14:fc:76:df:9e:de:f6:07:67:02:8e:16:
a0:b9:6e:1f:a5:b5:22:37:e1:7c:a8:98:7d:76:79:
63:2f:73:71:7b:0d:4e:00:37:65:82:86:a7:23:ef:
e2:b5:ab:1b:b0:5f:13:1e:20:21:16:e7:fb:f2:e3:
91:3d:99:70:be:c1:eb:d9:ef:8d:5d:d2:82:f1:29:
ab:3c:8c:3a:b9:25:d3:af:d8:c1:c6:90:ee:22:fe:
01:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:56:76:9F:30:C9:F1:44:20:F0:71:FD:34:94:7F:4C:66:45:45:93
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wFZ2nzDJ8UQg8HH9NJR_TGZFRZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.52.0/24
45.248.55.0/24
162.218.95.0/24
192.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c5:1e:d3:1c:b4:fc:dc:79:fb:b6:db:4b:74:37:c7:8d:83:
72:4e:0a:48:84:38:11:30:09:a1:a9:a9:c0:6d:b8:a8:09:c5:
d4:01:17:5e:a3:2c:59:cf:48:1b:3c:fa:ec:90:09:b6:bd:d1:
f9:30:b9:39:7a:b5:c2:1f:f4:25:13:ec:79:38:a8:38:57:ec:
f2:35:d7:55:bc:ea:58:24:4f:cc:8d:9a:fb:a2:eb:9c:9e:5e:
e7:e7:49:78:7f:ad:56:3b:04:0a:23:66:2d:f6:7c:a8:fa:60:
6a:46:e7:a9:be:af:2a:dc:54:7d:c1:2a:ef:2a:60:d6:21:7f:
4c:11:df:13:fe:36:5f:e5:72:ee:f5:27:97:65:05:21:be:db:
3c:16:b5:32:8e:34:9c:26:9c:85:ac:e3:8b:b5:6b:cb:77:cf:
22:e6:d3:1e:9c:73:2e:5a:9b:15:8b:f2:e6:81:92:5a:75:b3:
77:c6:ea:6b:92:34:9b:96:f2:1c:ec:fe:f0:7c:56:9b:66:ba:
fe:86:c9:cb:e1:e4:78:0d:b8:a6:b6:41:77:5d:18:62:01:dc:
56:67:79:65:b7:a5:f5:96:6f:a5:8f:3a:22:a3:a1:24:80:27:
6a:3d:6e:c8:59:35:e6:d4:26:0d:4d:98:51:dd:b6:9a:76:0e:
51:ca:39:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWU6Fh4CvIqFP5wIjVtYm4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMzE0MTM0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU2NzY5ZjMwYzlmMTQ0MjBmMDcxZmQzNDk0N2Y0YzY2NDU0NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbc1amZqrmLzr4ohSwkan6LDHE6m
CZre5ZtBTPktgKoNO5WAVEmmLhnhSPxCjKoWdVdoI+IzpLM5sWiVkUS5LEo2LKCY
7LuLfx6NdYLaI1VfvSRITyfO2NRtVjRassV9Wt0TrtLdxPozy9C2T09gdvqV8R/h
bvBoRz3Z9qdhKGg504ITz/fZzdUp/FHW3OJrKH12JgmLTqA8ngnesTezwy0ay72a
xzUU/Hbfnt72B2cCjhaguW4fpbUiN+F8qJh9dnljL3Nxew1OADdlgoanI+/itasb
sF8THiAhFuf78uORPZlwvsHr2e+NXdKC8SmrPIw6uSXTr9jBxpDuIv4BwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMBWdp8wyfFEIPBx/TSUf0xmRUWTMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvd0ZaMm56REo4VVFnOEhIOU5KUl9UR1pGUlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4Q0AwQA
Lfg3AwQAotpfAwQAwJFHMA0GCSqGSIb3DQEBCwUAA4IBAQCZxR7THLT83Hn7tttL
dDfHjYNyTgpIhDgRMAmhqanAbbioCcXUARdeoyxZz0gbPPrskAm2vdH5MLk5erXC
H/QlE+x5OKg4V+zyNddVvOpYJE/MjZr7ouucnl7n50l4f61WOwQKI2Yt9nyo+mBq
Ruepvq8q3FR9wSrvKmDWIX9MEd8T/jZf5XLu9SeXZQUhvts8FrUyjjScJpyFrOOL
tWvLd88i5tMenHMuWpsVi/LmgZJadbN3xuprkjSblvIc7P7wfFabZrr+hsnL4eR4
DbimtkF3XRhiAdxWZ3llt6X1lm+ljzoio6EkgCdqPW7IWTXm1CYNTZhR3baadg5R
yjmY
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:34:09 2025 by rpki-client