Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3nozg-BisFlNkHYJaVXkRBKeQZU.roa
File: 3nozg-BisFlNkHYJaVXkRBKeQZU.roa (raw, json)
Hash identifier: DFI2MElh1OohOj0C8Bfxqz32F5YYmlIz5pEt9d5AB4s=
Subject key identifier: DE:7A:33:83:E0:62:B0:59:4D:90:76:09:69:55:E4:44:12:9E:41:95
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01942143E8C47CC784A5FB8329F5E0DFB56C
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3nozg-BisFlNkHYJaVXkRBKeQZU.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 45.11.185.0/24 maxlen: 24
2a05:9080::/48 maxlen: 48
2a05:9080:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Jan 2025 16:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e8:c4:7c:c7:84:a5:fb:83:29:f5:e0:df:b5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de7a3383e062b0594d9076096955e444129e4195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:96:29:10:d1:b3:70:ce:54:42:51:fe:91:4a:
e9:27:18:74:1b:17:fb:93:9c:98:50:7b:f9:d3:f4:
68:ab:d9:57:ea:f5:91:ae:39:64:92:16:0d:86:82:
09:60:0c:2d:dc:ae:03:d2:79:0c:9a:39:70:c1:d5:
09:b6:9c:6a:66:28:07:3c:5d:50:c2:51:8e:c9:97:
40:ce:50:8e:20:be:28:c3:2d:cc:33:3c:30:b3:4c:
98:b8:fc:be:09:53:8a:07:61:3f:0c:a0:a8:b4:ae:
21:60:1e:7d:c5:68:64:bf:bb:71:28:08:25:d3:da:
2b:92:92:71:f6:a1:7f:c1:7f:e5:f8:ea:eb:2e:6f:
93:86:b1:6e:4d:4f:58:9b:57:1a:e7:98:1e:f0:d2:
08:8e:47:41:ac:d3:97:a3:5e:2f:bc:2d:5b:5b:57:
43:77:29:cd:8d:c0:72:2c:d1:f3:07:19:2f:af:75:
2d:5a:c8:14:f3:50:05:f1:89:06:af:aa:fd:03:8d:
72:6b:3b:56:3a:f1:05:a0:ac:63:f3:6f:bf:41:68:
b8:aa:13:8a:fc:c3:da:b5:a3:60:67:98:ed:6b:e5:
9c:52:e7:a2:8c:5b:62:97:ff:d8:08:f3:93:d1:2c:
5e:19:56:ab:8b:2d:47:27:80:1e:dd:a7:c1:9b:dd:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7A:33:83:E0:62:B0:59:4D:90:76:09:69:55:E4:44:12:9E:41:95
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3nozg-BisFlNkHYJaVXkRBKeQZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.185.0/24
IPv6:
2a05:9080::/48
2a05:9080:4::/48
Signature Algorithm: sha256WithRSAEncryption
a8:1d:d4:45:d6:8f:34:c7:1a:7c:13:00:08:d4:6e:1c:9a:5a:
1c:8e:8d:6c:40:13:29:46:c1:a4:f0:bd:6b:9b:fc:dc:c7:e4:
fd:f3:88:6d:24:73:e6:a3:bc:f5:f5:f6:36:10:ed:46:94:31:
8d:28:0f:29:fc:66:8b:c8:e0:bb:a3:37:5b:8f:f8:cf:22:ae:
65:1a:c7:49:0f:2a:43:9f:84:06:f1:65:11:de:fd:37:f4:28:
c5:9d:6b:12:33:ce:c9:e9:ae:88:72:36:dc:a5:f0:8f:61:24:
cd:3e:ac:6e:b1:3b:b9:4e:f0:f1:7c:97:03:4d:97:08:12:07:
ac:9b:27:6d:4c:8c:a6:80:4a:89:c2:0b:20:91:a7:ab:6b:1d:
fc:64:c0:24:37:d5:fa:96:05:39:a0:02:50:fe:61:24:80:cd:
b3:2b:5c:3b:43:0d:13:ac:3a:9b:b1:dd:fd:2e:43:9a:fc:08:
70:4b:23:68:85:5a:1f:bf:e8:10:0d:cb:ab:d4:f1:a5:2d:25:
f6:50:a2:3a:2f:86:29:80:72:55:32:f8:05:25:b5:21:7b:bb:
02:d5:07:a1:f8:ed:4b:35:92:0c:1c:5b:f6:9b:b1:c7:4f:40:
72:3b:9f:43:54:9c:2d:a4:4d:71:e4:0a:a9:c5:11:29:84:c2:
fe:41:40:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQhQ+jEfMeEpfuDKfXg37VsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdhMzM4M2UwNjJiMDU5NGQ5MDc2MDk2OTU1ZTQ0NDEyOWU0MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5YpENGzcM5UQlH+kUrpJxh0Gxf7
k5yYUHv50/Roq9lX6vWRrjlkkhYNhoIJYAwt3K4D0nkMmjlwwdUJtpxqZigHPF1Q
wlGOyZdAzlCOIL4owy3MMzwws0yYuPy+CVOKB2E/DKCotK4hYB59xWhkv7txKAgl
09orkpJx9qF/wX/l+OrrLm+ThrFuTU9Ym1ca55ge8NIIjkdBrNOXo14vvC1bW1dD
dynNjcByLNHzBxkvr3UtWsgU81AF8YkGr6r9A41yaztWOvEFoKxj82+/QWi4qhOK
/MPataNgZ5jta+WcUueijFtil//YCPOT0SxeGVariy1HJ4Ae3afBm93/dwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN56M4PgYrBZTZB2CWlV5EQSnkGVMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvM25vemctQmlzRmxOa0hZSmFWWGtSQktlUVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALQu5MBgE
AgACMBIDBwAqBZCAAAADBwAqBZCAAAQwDQYJKoZIhvcNAQELBQADggEBAKgd1EXW
jzTHGnwTAAjUbhyaWhyOjWxAEylGwaTwvWub/NzH5P3ziG0kc+ajvPX19jYQ7UaU
MY0oDyn8ZovI4LujN1uP+M8irmUax0kPKkOfhAbxZRHe/Tf0KMWdaxIzzsnprohy
Ntyl8I9hJM0+rG6xO7lO8PF8lwNNlwgSB6ybJ21MjKaASonCCyCRp6trHfxkwCQ3
1fqWBTmgAlD+YSSAzbMrXDtDDROsOpux3f0uQ5r8CHBLI2iFWh+/6BANy6vU8aUt
JfZQojovhimAclUy+AUltSF7uwLVB6H47Us1kgwcW/abscdPQHI7n0NUnC2kTXHk
CqnFESmEwv5BQHQ=
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:29:16 2025 by rpki-client