Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/wRmgSwFHlUlPhY4FQadc2xjS1Vo.roa
File: wRmgSwFHlUlPhY4FQadc2xjS1Vo.roa (raw, json)
Hash identifier: e6ji/54vvDJbBT7PkuszL5SPG+gWDR6Ij7qcKNB97/g=
Subject key identifier: C1:19:A0:4B:01:47:95:49:4F:85:8E:05:41:A7:5C:DB:18:D2:D5:5A
Certificate issuer: /CN=cc6077e004e88eff8f13b7740df254d9e48dd574
Certificate serial: 0192D40E90AC7076B769A5EBAC1133A5894D
Authority key identifier: CC:60:77:E0:04:E8:8E:FF:8F:13:B7:74:0D:F2:54:D9:E4:8D:D5:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGB34ATojv-PE7d0DfJU2eSN1XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/wRmgSwFHlUlPhY4FQadc2xjS1Vo.roa
Signing time: Mon 28 Oct 2024 16:56:17 +0000
ROA not before: Mon 28 Oct 2024 16:56:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.10.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 29 Oct 2024 14:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:0e:90:ac:70:76:b7:69:a5:eb:ac:11:33:a5:89:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6077e004e88eff8f13b7740df254d9e48dd574
Validity
Not Before: Oct 28 16:56:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c119a04b014795494f858e0541a75cdb18d2d55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:15:85:f3:b8:b1:30:57:84:65:70:7f:e9:b3:
f5:51:9e:88:57:f6:9f:5c:1a:69:4f:7f:6d:35:a3:
2e:6a:19:21:87:a4:60:50:bc:14:3f:7d:f5:12:fa:
23:1a:21:bd:d7:d5:a7:f5:c4:00:2c:31:e9:f0:25:
95:fa:56:ed:9c:8f:ea:ec:f9:ce:5d:5e:f8:e9:f0:
4c:2a:b7:a0:c9:82:da:3c:58:3f:9a:d3:9a:65:3a:
35:75:9c:93:e7:99:16:b8:64:00:30:6a:c8:fa:9f:
0d:b2:a8:bc:51:15:f3:11:58:79:46:72:a1:f5:e5:
91:83:7e:44:08:4c:1e:c5:b6:ee:18:8f:38:4b:b3:
06:8a:05:65:69:ff:9d:57:86:be:51:63:34:fd:cc:
12:e7:42:46:a5:2e:d7:39:d0:bd:5f:7c:3c:1f:88:
d0:07:c5:2d:09:81:7f:0b:ae:81:ff:1c:d4:98:85:
fa:33:fe:ab:6d:ed:a9:1e:68:16:0f:13:6c:bc:5d:
f3:13:1f:38:02:0a:6d:3c:f7:3a:ce:ec:12:58:62:
77:1f:5d:32:9c:d5:b1:64:e7:62:0e:e3:e6:6d:31:
1a:0b:56:fa:ef:c3:58:49:18:cd:c1:d3:a2:d2:f0:
6f:48:a9:f9:f2:3b:b9:b5:a7:b2:db:01:ba:e0:7d:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:19:A0:4B:01:47:95:49:4F:85:8E:05:41:A7:5C:DB:18:D2:D5:5A
X509v3 Authority Key Identifier:
keyid:CC:60:77:E0:04:E8:8E:FF:8F:13:B7:74:0D:F2:54:D9:E4:8D:D5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGB34ATojv-PE7d0DfJU2eSN1XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/wRmgSwFHlUlPhY4FQadc2xjS1Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/zGB34ATojv-PE7d0DfJU2eSN1XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:75:08:ba:91:8c:a2:c6:91:6c:03:b1:17:42:68:a2:d0:91:
64:6f:2a:d8:bd:79:a6:d5:20:a8:5b:d7:af:02:cf:06:a3:03:
0d:39:92:4d:57:c9:3d:be:ce:b3:5c:6b:8e:32:89:2b:b4:d6:
43:65:91:0b:de:e3:4e:ef:c9:80:88:91:e1:f0:56:1b:7f:96:
63:f6:c0:f6:49:c9:ee:3c:b3:df:b5:ec:88:e5:92:f2:b3:c2:
7a:e0:15:cd:be:cd:b9:05:94:a4:e5:47:f8:36:e5:d3:11:9f:
07:03:d0:b0:34:9b:3a:05:a2:9f:59:65:86:0b:a8:55:2a:e3:
38:aa:7c:ad:4b:1d:5e:e2:cf:48:eb:24:03:05:0d:47:23:70:
e9:4a:80:ed:a0:3d:31:93:91:07:0a:fd:d7:00:65:e3:5b:43:
a2:6a:de:3f:93:96:36:87:b5:5e:d8:d4:91:9c:43:91:e2:ab:
b7:6a:fb:c1:d1:74:bc:0b:e8:f9:34:fd:f0:43:d8:cd:43:28:
30:a6:d7:b4:45:cb:a6:4a:a8:6e:23:b9:35:3d:96:60:ab:ed:
5e:0b:9b:d2:01:21:f6:fb:f9:e1:5e:9a:d4:77:b9:74:e3:81:
b7:e1:15:97:62:f5:70:9c:88:01:b9:95:3e:2e:cb:93:1c:aa:
3e:ed:3b:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLUDpCscHa3aaXrrBEzpYlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjA3N2UwMDRlODhlZmY4ZjEzYjc3NDBkZjI1NGQ5ZTQ4
ZGQ1NzQwHhcNMjQxMDI4MTY1NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE5YTA0YjAxNDc5NTQ5NGY4NThlMDU0MWE3NWNkYjE4ZDJkNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BWF87ixMFeEZXB/6bP1UZ6IV/af
XBppT39tNaMuahkhh6RgULwUP331EvojGiG919Wn9cQALDHp8CWV+lbtnI/q7PnO
XV746fBMKregyYLaPFg/mtOaZTo1dZyT55kWuGQAMGrI+p8Nsqi8URXzEVh5RnKh
9eWRg35ECEwexbbuGI84S7MGigVlaf+dV4a+UWM0/cwS50JGpS7XOdC9X3w8H4jQ
B8UtCYF/C66B/xzUmIX6M/6rbe2pHmgWDxNsvF3zEx84AgptPPc6zuwSWGJ3H10y
nNWxZOdiDuPmbTEaC1b678NYSRjNwdOi0vBvSKn58ju5taey2wG64H3/qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMEZoEsBR5VJT4WOBUGnXNsY0tVaMB8GA1UdIwQY
MBaAFMxgd+AE6I7/jxO3dA3yVNnkjdV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdCMzRBVG9qdi1QRTdkMERmSlUyZVNOMVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81ODE3OGQtMzc3Yi00NjBhLTk0YjEt
NDY3MWY0YmFhOWIxLzEvd1JtZ1N3RkhsVWxQaFk0RlFhZGMyeGpTMVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81ODE3OGQtMzc3Yi00NjBhLTk0YjEtNDY3MWY0YmFhOWIx
LzEvekdCMzRBVG9qdi1QRTdkMERmSlUyZVNOMVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQp4MA0G
CSqGSIb3DQEBCwUAA4IBAQC5dQi6kYyixpFsA7EXQmii0JFkbyrYvXmm1SCoW9ev
As8GowMNOZJNV8k9vs6zXGuOMokrtNZDZZEL3uNO78mAiJHh8FYbf5Zj9sD2Scnu
PLPfteyI5ZLys8J64BXNvs25BZSk5Uf4NuXTEZ8HA9CwNJs6BaKfWWWGC6hVKuM4
qnytSx1e4s9I6yQDBQ1HI3DpSoDtoD0xk5EHCv3XAGXjW0Oiat4/k5Y2h7Ve2NSR
nEOR4qu3avvB0XS8C+j5NP3wQ9jNQygwpte0RcumSqhuI7k1PZZgq+1eC5vSASH2
+/nhXprUd7l044G34RWXYvVwnIgBuZU+LsuTHKo+7TsX
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:37:05 2025 by rpki-client