Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/C7i8ED6ymmaf6cFHssac2G_WOIM.roa
File: C7i8ED6ymmaf6cFHssac2G_WOIM.roa (raw, json)
Hash identifier: VOcurHzpthusAHVtFiI8OijQ4JEh1zYfJ8xEyzzdarQ=
Subject key identifier: 0B:B8:BC:10:3E:B2:9A:66:9F:E9:C1:47:B2:C6:9C:D8:6F:D6:38:83
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01929531098AB2C1F15B30A997F428546A74
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/C7i8ED6ymmaf6cFHssac2G_WOIM.roa
Signing time: Wed 16 Oct 2024 11:57:51 +0000
ROA not before: Wed 16 Oct 2024 11:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 13:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:31:09:8a:b2:c1:f1:5b:30:a9:97:f4:28:54:6a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 11:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bb8bc103eb29a669fe9c147b2c69cd86fd63883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:33:15:be:80:65:de:88:3b:8a:37:49:94:
c6:93:e9:2d:05:3e:d6:5b:35:7d:42:c2:a0:4c:81:
eb:b3:4a:81:d6:96:bc:e7:49:08:13:ed:c6:a4:d2:
1f:8e:6c:a8:2e:46:a3:93:13:c0:43:e0:a4:30:2a:
d8:73:03:52:32:1e:d1:a1:d6:ba:fa:84:73:b0:58:
b3:b1:df:a8:3a:f2:0d:4f:c5:a8:ff:c9:c7:18:4c:
a6:88:a8:bd:85:e3:22:be:a8:0c:03:e0:3a:43:be:
30:4c:9c:a0:17:78:13:c3:eb:08:bb:7f:d5:fe:6c:
78:32:3f:d4:19:b3:9a:e5:a9:c9:91:ac:6e:5a:ab:
3d:97:f1:5c:09:23:f4:e5:b8:74:6c:ba:54:7d:94:
fe:54:c9:7d:fd:43:3b:a6:de:36:d5:fd:a3:ea:e9:
70:ff:cf:f9:b4:03:08:89:1d:2e:20:ac:b8:4b:5f:
7a:71:54:68:ff:3f:e5:c6:5f:6d:7e:62:24:59:b3:
9f:b4:a5:28:81:cc:29:a6:04:27:37:37:70:21:3c:
dc:0a:62:68:4e:5b:ba:2f:0d:fd:41:b5:46:91:9b:
3d:17:87:bf:f9:72:6a:5e:71:82:a0:db:fb:b7:8d:
a8:fb:d3:93:e4:03:4f:e2:29:a2:a8:65:d8:72:d8:
ae:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B8:BC:10:3E:B2:9A:66:9F:E9:C1:47:B2:C6:9C:D8:6F:D6:38:83
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/C7i8ED6ymmaf6cFHssac2G_WOIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:67:82:b5:87:dd:2f:42:49:29:14:5a:80:71:bf:6a:3d:da:
05:50:8f:2a:14:1f:be:de:a3:cc:05:d3:d0:b8:1d:11:25:99:
4d:48:20:21:4f:a0:c4:73:b5:4c:b1:d7:7f:df:9c:95:0c:a1:
c1:83:bb:29:a1:33:a5:a1:aa:d1:2e:68:9c:95:54:91:f2:90:
3d:39:a9:6a:0f:55:c8:68:f3:37:fc:20:98:6f:99:f3:21:0e:
d1:3b:29:dd:4a:cc:e7:ee:b5:62:3a:af:1d:00:45:54:27:d7:
11:6f:a3:b3:49:2e:a6:37:f5:b6:06:39:5d:e2:f2:0e:95:9d:
db:55:a6:f8:f2:1a:1b:e0:20:f0:f1:85:50:91:1c:32:06:17:
d6:d6:f6:d2:7d:d2:45:4b:b2:a1:56:2b:15:ae:82:82:66:ed:
95:86:b4:8c:33:2a:92:1a:92:6e:28:82:9b:ac:4e:12:49:d0:
48:82:b8:dd:70:e4:3d:1d:28:79:49:2d:b9:ee:36:cb:40:2e:
e5:94:5e:ef:93:8e:8f:d4:05:7f:f4:6a:b2:ca:73:c4:b1:ab:
e4:b1:16:c6:59:62:2d:14:f5:f7:bb:54:02:a8:bb:76:85:8e:
eb:4d:15:b6:7d:77:c5:1c:25:16:ee:0f:d2:3a:09:d1:a8:28:
fa:d4:ab:21
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKVMQmKssHxWzCpl/QoVGp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MTE1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmI4YmMxMDNlYjI5YTY2OWZlOWMxNDdiMmM2OWNkODZmZDYzODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrszFb6AZd6IO4o3SZTGk+ktBT7W
WzV9QsKgTIHrs0qB1pa850kIE+3GpNIfjmyoLkajkxPAQ+CkMCrYcwNSMh7Roda6
+oRzsFizsd+oOvINT8Wo/8nHGEymiKi9heMivqgMA+A6Q74wTJygF3gTw+sIu3/V
/mx4Mj/UGbOa5anJkaxuWqs9l/FcCSP05bh0bLpUfZT+VMl9/UM7pt421f2j6ulw
/8/5tAMIiR0uIKy4S196cVRo/z/lxl9tfmIkWbOftKUogcwppgQnNzdwITzcCmJo
Tlu6Lw39QbVGkZs9F4e/+XJqXnGCoNv7t42o+9OT5ANP4imiqGXYctiuVQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAu4vBA+sppmn+nBR7LGnNhv1jiDMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvQzdpOEVENnltbWFmNmNGSHNzYWMyR19XT0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAi2eCtYfdL0JJ
KRRagHG/aj3aBVCPKhQfvt6jzAXT0LgdESWZTUggIU+gxHO1TLHXf9+clQyhwYO7
KaEzpaGq0S5onJVUkfKQPTmpag9VyGjzN/wgmG+Z8yEO0Tsp3UrM5+61YjqvHQBF
VCfXEW+js0kupjf1tgY5XeLyDpWd21Wm+PIaG+Ag8PGFUJEcMgYX1tb20n3SRUuy
oVYrFa6CgmbtlYa0jDMqkhqSbiiCm6xOEknQSIK43XDkPR0oeUktue42y0Au5ZRe
75OOj9QFf/RqsspzxLGr5LEWxlliLRT197tUAqi7doWO600Vtn13xRwlFu4P0joJ
0ago+tSrIQ==
-----END CERTIFICATE-----
Generated at Tue Jun 17 21:21:09 2025 by rpki-client