Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/SsnZc4LXHIYAqY3Y3jPsUqE86X4.roa
File: SsnZc4LXHIYAqY3Y3jPsUqE86X4.roa (raw, json)
Hash identifier: TO9ovgnWR/m0aTNqjnMaxScvQdtSV0+pKTzrUb2k1zY=
Subject key identifier: 4A:C9:D9:73:82:D7:1C:86:00:A9:8D:D8:DE:33:EC:52:A1:3C:E9:7E
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019294A7B52579D2A4F266075CF9C8D7A349
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/SsnZc4LXHIYAqY3Y3jPsUqE86X4.roa
Signing time: Wed 16 Oct 2024 09:27:51 +0000
ROA not before: Wed 16 Oct 2024 09:27:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 10:42:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:a7:b5:25:79:d2:a4:f2:66:07:5c:f9:c8:d7:a3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 09:27:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ac9d97382d71c8600a98dd8de33ec52a13ce97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:4a:79:48:ed:91:e5:1e:4f:40:5b:3e:1a:
6b:68:c7:31:f0:90:a6:b6:35:7b:e8:b6:7a:2c:12:
73:d5:9e:11:3f:56:b7:ce:12:47:d1:c7:02:c5:5a:
8c:22:00:29:0d:4b:03:a2:07:72:f7:da:af:24:b4:
fa:4b:12:99:94:5e:d4:3c:c7:e7:c3:6b:63:06:51:
99:d8:0c:65:a6:78:99:3a:ed:b3:00:4a:5a:86:8f:
07:bb:fe:01:77:0b:fd:29:ac:e4:8d:9c:85:0c:cb:
1e:14:36:dc:63:76:d9:93:2f:31:2c:b0:41:b3:30:
66:11:6c:b0:db:87:c9:27:9a:4c:f0:72:bd:ea:f7:
4d:5a:e8:dd:81:71:2c:13:32:f9:b5:43:b0:5b:19:
fb:f4:9b:96:2f:f0:b1:82:43:ab:b4:9b:aa:0b:20:
c0:5f:2e:c6:60:7e:1d:00:a2:06:42:e6:35:4a:3b:
94:e8:59:d1:e1:30:8c:00:73:ea:90:af:13:04:83:
7c:70:ec:f3:a1:02:b3:8f:3e:ba:3b:76:72:c3:35:
5c:62:9b:0e:78:75:8e:42:d8:22:4c:da:4e:89:47:
18:aa:60:c7:e1:88:40:3b:a2:91:11:4c:72:66:0f:
61:54:51:de:9b:a2:bc:b9:15:b6:50:af:67:33:b3:
a9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C9:D9:73:82:D7:1C:86:00:A9:8D:D8:DE:33:EC:52:A1:3C:E9:7E
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/SsnZc4LXHIYAqY3Y3jPsUqE86X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
7a:cb:2b:96:b8:57:75:43:0c:bf:db:16:e8:62:c3:a3:39:4a:
d2:85:62:9f:82:02:3e:40:a7:92:44:8a:18:7e:e6:f1:82:ac:
14:d3:60:a5:bf:27:f3:54:69:73:ba:ef:f6:86:e7:85:05:ec:
20:6f:5a:0c:3b:e4:f7:fc:6d:f3:85:d5:ac:10:ac:5e:13:70:
9c:d7:44:be:42:c3:06:74:dd:be:c9:ce:e1:f2:0c:b6:56:44:
14:41:f5:bb:89:a3:3d:15:41:05:1d:50:87:de:b2:03:22:ea:
4b:fa:b2:ad:60:a8:97:7f:93:8b:fd:8f:98:a9:eb:20:3a:7c:
89:97:42:7e:88:97:c4:ac:cb:3b:3b:ff:ed:c3:f5:5a:68:c7:
6f:13:e7:aa:a0:cc:73:97:5c:6e:82:b8:42:61:05:b9:17:5e:
61:d4:a6:13:14:f2:b8:43:b9:3a:ed:4f:4c:e9:f4:20:35:45:
50:40:76:0f:be:00:f3:fe:fc:5e:31:f0:d5:33:bc:81:3f:05:
c5:60:d7:5c:5d:a3:c1:0d:ee:6b:59:6d:a8:33:48:f1:f3:da:
75:f8:75:d0:49:08:88:54:92:ad:a2:fd:de:03:74:0a:63:ac:
de:62:fe:f6:82:5d:e0:61:36:6b:dd:2b:f2:60:cb:84:af:6d:
a5:69:e6:14
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKUp7UledKk8mYHXPnI16NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MDkyNzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWM5ZDk3MzgyZDcxYzg2MDBhOThkZDhkZTMzZWM1MmExM2NlOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmJKeUjtkeUeT0BbPhpraMcx8JCm
tjV76LZ6LBJz1Z4RP1a3zhJH0ccCxVqMIgApDUsDogdy99qvJLT6SxKZlF7UPMfn
w2tjBlGZ2AxlpniZOu2zAEpaho8Hu/4Bdwv9KazkjZyFDMseFDbcY3bZky8xLLBB
szBmEWyw24fJJ5pM8HK96vdNWujdgXEsEzL5tUOwWxn79JuWL/CxgkOrtJuqCyDA
Xy7GYH4dAKIGQuY1SjuU6FnR4TCMAHPqkK8TBIN8cOzzoQKzjz66O3ZywzVcYpsO
eHWOQtgiTNpOiUcYqmDH4YhAO6KREUxyZg9hVFHem6K8uRW2UK9nM7OpMwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFErJ2XOC1xyGAKmN2N4z7FKhPOl+MB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvU3NuWmM0TFhISVlBcVkzWTNqUHNVcUU4Nlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAessrlrhXdUMM
v9sW6GLDozlK0oVin4ICPkCnkkSKGH7m8YKsFNNgpb8n81Rpc7rv9obnhQXsIG9a
DDvk9/xt84XVrBCsXhNwnNdEvkLDBnTdvsnO4fIMtlZEFEH1u4mjPRVBBR1Qh96y
AyLqS/qyrWCol3+Ti/2PmKnrIDp8iZdCfoiXxKzLOzv/7cP1WmjHbxPnqqDMc5dc
boK4QmEFuRdeYdSmExTyuEO5Ou1PTOn0IDVFUEB2D74A8/78XjHw1TO8gT8FxWDX
XF2jwQ3ua1ltqDNI8fPadfh10EkIiFSSraL93gN0CmOs3mL+9oJd4GE2a90r8mDL
hK9tpWnmFA==
-----END CERTIFICATE-----
Generated at Fri May 2 03:58:42 2025 by rpki-client