Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/VEwSPpbrgwaq-n5XyKepKP7Eahw.roa
File: VEwSPpbrgwaq-n5XyKepKP7Eahw.roa (raw, json)
Hash identifier: HQ8c4Bv7nepvJWDpu+PPKRqISzu7E86HA1Q1+wvBW74=
Subject key identifier: 54:4C:12:3E:96:EB:83:06:AA:FA:7E:57:C8:A7:A9:28:FE:C4:6A:1C
Certificate issuer: /CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Certificate serial: 019427A56872D642E95B18D5E236C20D5140
Authority key identifier: 19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/VEwSPpbrgwaq-n5XyKepKP7Eahw.roa
Signing time: Thu 02 Jan 2025 15:32:19 +0000
ROA not before: Thu 02 Jan 2025 15:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.144.204.0/24 maxlen: 24
45.144.205.0/24 maxlen: 24
45.144.206.0/24 maxlen: 24
45.144.207.0/24 maxlen: 24
45.152.156.0/24 maxlen: 24
45.152.157.0/24 maxlen: 24
45.152.158.0/24 maxlen: 24
45.152.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a5:68:72:d6:42:e9:5b:18:d5:e2:36:c2:0d:51:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Validity
Not Before: Jan 2 15:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=544c123e96eb8306aafa7e57c8a7a928fec46a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b6:f2:bb:14:6f:42:5b:7f:20:57:b3:95:d3:
dc:28:b8:c4:b3:e3:ac:8e:fa:61:6e:18:09:49:fe:
1a:61:b3:45:2f:71:72:e9:c6:3e:fc:f5:af:7f:3b:
6d:9b:92:33:33:b2:d5:b2:be:fd:48:5b:98:76:58:
3d:ef:97:43:72:c9:d3:df:07:d9:93:24:80:32:89:
f5:a8:34:80:63:b4:ce:4d:dc:8c:2d:6a:52:72:9e:
a2:9e:64:ca:11:ce:60:fa:55:7f:41:01:6d:33:99:
57:a3:dc:ae:b3:13:ab:af:b7:e7:77:a6:0a:7f:57:
85:19:29:9b:34:5b:4d:fa:0b:da:3b:a3:70:74:81:
84:a2:59:a1:cf:18:a7:00:c7:ba:77:26:eb:06:d3:
05:e0:ad:b1:9e:8c:0e:01:43:a5:07:db:13:fb:68:
15:4b:bd:e7:e5:05:11:b2:bc:45:5c:f9:bd:be:c4:
0d:92:cb:7b:90:99:32:7e:8a:47:33:62:d1:32:a0:
47:11:5f:12:26:e6:b2:75:cf:1a:b8:01:04:97:37:
fa:0c:b3:9f:93:cb:07:b5:88:83:4d:00:30:38:9f:
5c:2a:ba:ba:67:96:35:9a:0a:6c:26:ce:c8:e0:d1:
e6:e5:d5:45:f2:f4:9d:72:e0:eb:c9:80:81:56:15:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4C:12:3E:96:EB:83:06:AA:FA:7E:57:C8:A7:A9:28:FE:C4:6A:1C
X509v3 Authority Key Identifier:
keyid:19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/VEwSPpbrgwaq-n5XyKepKP7Eahw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
Signature Algorithm: sha256WithRSAEncryption
89:77:84:d5:48:d8:3d:aa:11:26:85:56:13:9c:2f:e9:f1:1d:
8a:03:6a:ce:43:5e:dd:04:f6:a9:b0:fa:30:33:a0:07:4d:58:
4b:91:59:f0:97:9c:88:60:a3:5e:23:b9:ed:39:d5:35:f7:99:
66:f2:68:74:a8:bc:e9:99:05:19:b7:f4:cd:0d:f4:8d:b8:91:
de:58:7b:a3:71:52:1a:11:22:63:4f:c7:84:fb:9b:ab:8f:bd:
11:fe:99:e4:ee:19:7e:ed:cc:c0:ba:c2:03:8b:99:ba:fc:92:
d7:a2:15:b3:fc:ae:f0:d1:e1:8b:d5:4f:38:94:ec:ef:96:52:
5f:d3:fb:7d:44:61:11:f3:e5:60:63:da:67:a2:32:24:e2:a4:
e3:16:dd:4d:bb:e8:9f:26:6f:70:7d:de:61:8e:8a:cc:13:60:
ac:51:7a:51:fc:f5:21:7b:3c:8e:a2:ad:99:52:bd:43:31:28:
c8:65:9c:8a:2d:c9:ad:1c:7d:28:e2:1b:f1:39:e0:c4:c6:4d:
b7:dd:cc:5a:dc:a5:fd:b5:95:65:ed:e3:98:1b:5e:a9:4e:e5:
a9:86:c7:50:44:a7:56:8d:c5:51:dc:07:1b:dc:4e:e5:5c:9d:
57:e4:35:f9:c4:16:66:20:94:74:de:f6:b9:82:2b:74:5c:17:
4a:b4:e6:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnpWhy1kLpWxjV4jbCDVFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjEwZDYzOGUyYTJmOTVhM2Q5MGU0Y2ZmOTk1OWE4NTlm
YWM0ZjAwHhcNMjUwMTAyMTUzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDRjMTIzZTk2ZWI4MzA2YWFmYTdlNTdjOGE3YTkyOGZlYzQ2YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLbyuxRvQlt/IFezldPcKLjEs+Os
jvphbhgJSf4aYbNFL3Fy6cY+/PWvfzttm5IzM7LVsr79SFuYdlg975dDcsnT3wfZ
kySAMon1qDSAY7TOTdyMLWpScp6inmTKEc5g+lV/QQFtM5lXo9yusxOrr7fnd6YK
f1eFGSmbNFtN+gvaO6NwdIGEolmhzxinAMe6dybrBtMF4K2xnowOAUOlB9sT+2gV
S73n5QURsrxFXPm9vsQNkst7kJkyfopHM2LRMqBHEV8SJuaydc8auAEElzf6DLOf
k8sHtYiDTQAwOJ9cKrq6Z5Y1mgpsJs7I4NHm5dVF8vSdcuDryYCBVhWdcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFRMEj6W64MGqvp+V8inqSj+xGocMB8GA1UdIwQY
MBaAFBlhDWOOKi+Vo9kOTP+ZWahZ+sTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUt
NzcyZGNkM2FmNWY2LzEvVkV3U1BwYnJnd2FxLW41WHlLZXBLUDdFYWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUtNzcyZGNkM2FmNWY2
LzEvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZDMAwQC
LZicMA0GCSqGSIb3DQEBCwUAA4IBAQCJd4TVSNg9qhEmhVYTnC/p8R2KA2rOQ17d
BPapsPowM6AHTVhLkVnwl5yIYKNeI7ntOdU195lm8mh0qLzpmQUZt/TNDfSNuJHe
WHujcVIaESJjT8eE+5urj70R/pnk7hl+7czAusIDi5m6/JLXohWz/K7w0eGL1U84
lOzvllJf0/t9RGER8+VgY9pnojIk4qTjFt1Nu+ifJm9wfd5hjorME2CsUXpR/PUh
ezyOoq2ZUr1DMSjIZZyKLcmtHH0o4hvxOeDExk233cxa3KX9tZVl7eOYG16pTuWp
hsdQRKdWjcVR3Acb3E7lXJ1X5DX5xBZmIJR03va5git0XBdKtOZK
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:19:04 2025 by rpki-client