Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/9Dl67H_noq6iZw6a5QjWE3Wg3mw.roa
File: 9Dl67H_noq6iZw6a5QjWE3Wg3mw.roa (raw, json)
Hash identifier: mf7YTbkCZZjbrgITlIgQ2PxiS1+odqosoMThAa9NV74=
Subject key identifier: F4:39:7A:EC:7F:E7:A2:AE:A2:67:0E:9A:E5:08:D6:13:75:A0:DE:6C
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01928FD3BEDA7EF4D79192010C35CA266A9A
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/9Dl67H_noq6iZw6a5QjWE3Wg3mw.roa
Signing time: Tue 15 Oct 2024 10:57:51 +0000
ROA not before: Tue 15 Oct 2024 10:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Oct 2024 12:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:d3:be:da:7e:f4:d7:91:92:01:0c:35:ca:26:6a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 15 10:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4397aec7fe7a2aea2670e9ae508d61375a0de6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:65:5a:21:e5:46:7d:0c:68:ed:30:dd:43:bb:
56:11:8b:32:40:f2:91:5f:91:45:c6:36:0b:8a:59:
5d:e3:46:29:30:cf:01:21:88:69:ad:56:31:e8:86:
b8:4c:62:96:87:17:9b:56:5f:09:ed:05:60:59:c4:
73:48:d6:2f:6b:10:fc:10:93:5c:35:34:38:0c:da:
25:16:84:88:06:06:7e:d0:48:c0:2a:e6:8b:9d:66:
9e:b7:bb:7d:98:fc:0d:cd:4b:ed:c9:b6:df:44:1e:
90:06:25:12:ca:37:5a:9b:47:31:ef:fe:b0:31:7f:
62:7b:8b:98:95:4c:df:ae:b3:30:65:bd:86:10:01:
38:f6:21:69:b0:63:57:5d:fc:f8:13:c8:2e:a0:d9:
cb:b6:20:b9:86:16:4a:b5:33:50:8b:c2:d0:bf:99:
62:4f:18:8e:10:6c:d5:99:a3:4f:50:f5:7b:50:8e:
d7:54:14:f9:16:d2:54:f3:06:92:42:93:20:4e:47:
00:69:53:a2:ac:9f:79:90:83:73:b3:8b:90:12:7f:
de:6e:2f:3e:a2:a5:28:dd:0e:c4:15:a7:85:1c:2a:
1a:65:39:eb:80:23:da:f5:d8:1d:0f:22:97:cd:58:
c0:8a:77:f6:5c:62:ea:58:38:11:34:50:dd:0e:32:
45:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:39:7A:EC:7F:E7:A2:AE:A2:67:0E:9A:E5:08:D6:13:75:A0:DE:6C
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/9Dl67H_noq6iZw6a5QjWE3Wg3mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
b9:29:33:76:2b:c6:f4:76:10:0a:ae:70:2a:01:a6:2d:fa:c9:
bc:fd:da:5f:1c:33:1c:de:c1:ce:00:11:17:06:71:50:4f:92:
a6:fd:a8:53:3b:e0:ed:6a:68:9d:dc:8c:b6:a5:a2:34:bc:da:
cc:12:50:01:15:c3:f6:a5:17:91:84:0a:26:a8:a5:82:95:c9:
62:af:9d:23:5b:4d:bf:3b:42:27:61:41:dc:da:16:03:d4:61:
c1:34:2b:68:be:00:2e:e6:26:bf:58:0e:3d:ce:d8:5e:4d:fa:
24:39:a2:64:da:03:f3:03:c5:23:00:b6:e1:36:aa:1d:b1:5b:
d1:9c:80:e2:1b:97:9c:ca:4d:5c:b8:a1:cc:f1:18:cb:ee:06:
18:b0:89:f5:15:e3:cc:7e:9b:0d:97:3a:51:3b:97:f1:07:ed:
4f:6e:8e:60:96:2c:16:1b:e8:0b:ff:c5:c5:93:4b:84:da:2e:
b0:de:50:a7:dd:7d:da:af:62:6f:bb:1a:c6:f3:bf:f2:2e:46:
78:b0:69:a6:fa:90:1a:b4:56:a6:14:2b:eb:0e:57:04:7f:b9:
ea:c7:89:81:08:03:bf:ef:e6:7b:32:c8:f7:82:79:ff:30:25:
68:1a:30:c8:77:03:c1:3f:89:0d:a5:a9:30:fb:99:da:7c:d9:
da:fe:cb:5f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKP077afvTXkZIBDDXKJmqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE1MTA1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM5N2FlYzdmZTdhMmFlYTI2NzBlOWFlNTA4ZDYxMzc1YTBkZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22VaIeVGfQxo7TDdQ7tWEYsyQPKR
X5FFxjYLilld40YpMM8BIYhprVYx6Ia4TGKWhxebVl8J7QVgWcRzSNYvaxD8EJNc
NTQ4DNolFoSIBgZ+0EjAKuaLnWaet7t9mPwNzUvtybbfRB6QBiUSyjdam0cx7/6w
MX9ie4uYlUzfrrMwZb2GEAE49iFpsGNXXfz4E8guoNnLtiC5hhZKtTNQi8LQv5li
TxiOEGzVmaNPUPV7UI7XVBT5FtJU8waSQpMgTkcAaVOirJ95kINzs4uQEn/ebi8+
oqUo3Q7EFaeFHCoaZTnrgCPa9dgdDyKXzVjAinf2XGLqWDgRNFDdDjJFkQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPQ5eux/56KuomcOmuUI1hN1oN5sMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvOURsNjdIX25vcTZpWnc2YTVRaldFM1dnM213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAuSkzdivG9HYQ
Cq5wKgGmLfrJvP3aXxwzHN7BzgARFwZxUE+Spv2oUzvg7WpondyMtqWiNLzazBJQ
ARXD9qUXkYQKJqilgpXJYq+dI1tNvztCJ2FB3NoWA9RhwTQraL4ALuYmv1gOPc7Y
Xk36JDmiZNoD8wPFIwC24TaqHbFb0ZyA4huXnMpNXLihzPEYy+4GGLCJ9RXjzH6b
DZc6UTuX8QftT26OYJYsFhvoC//FxZNLhNousN5Qp9192q9ib7saxvO/8i5GeLBp
pvqQGrRWphQr6w5XBH+56seJgQgDv+/mezLI94J5/zAlaBowyHcDwT+JDaWpMPuZ
2nzZ2v7LXw==
-----END CERTIFICATE-----
Generated at Fri May 2 10:08:03 2025 by rpki-client