Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/nf9c2dOQkqTdNMVJpQ_uemzTxJw.roa
File: nf9c2dOQkqTdNMVJpQ_uemzTxJw.roa (raw, json)
Hash identifier: GatIaSifvZJeqbdEsG4TUahwoSTzsKcmoRojIpcVpWw=
Subject key identifier: 9D:FF:5C:D9:D3:90:92:A4:DD:34:C5:49:A5:0F:EE:7A:6C:D3:C4:9C
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019296885C34B3CF138ADD9A9D17C143FF0C
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/nf9c2dOQkqTdNMVJpQ_uemzTxJw.roa
Signing time: Wed 16 Oct 2024 18:12:51 +0000
ROA not before: Wed 16 Oct 2024 18:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 19:27:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:88:5c:34:b3:cf:13:8a:dd:9a:9d:17:c1:43:ff:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 18:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dff5cd9d39092a4dd34c549a50fee7a6cd3c49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:ad:ef:f7:22:96:79:b6:01:6e:f7:3b:d0:
1f:49:83:93:f1:3e:47:1e:94:8f:a4:91:72:8a:bf:
3a:d2:57:4e:06:10:e1:ff:20:fc:91:b8:7f:5a:43:
ee:3b:13:2d:7e:83:32:b9:93:1d:65:75:3c:c8:ce:
d6:71:e6:97:04:28:3b:06:dd:e0:33:72:e4:a8:4d:
14:50:41:42:08:4f:4a:0d:89:c3:e8:a2:02:88:51:
2f:21:be:5f:2f:b9:50:c5:9a:d4:f7:35:4d:16:57:
07:4d:45:49:95:4a:a2:4c:e9:ec:25:22:28:63:bb:
f1:3d:c4:61:62:58:e6:91:02:fd:5a:95:36:1a:dd:
66:37:b6:f5:94:0e:87:91:61:03:e1:8e:ba:51:64:
ea:1f:0b:96:de:82:26:9c:32:48:e2:ad:05:2b:4d:
28:18:47:d0:f8:6e:4d:2f:f6:72:bb:31:ac:26:da:
12:64:50:9b:1f:8c:95:3a:27:35:2b:79:c2:ae:e6:
ee:0f:6b:27:88:98:6c:76:a5:97:3b:a5:ca:5f:83:
22:77:4d:b0:de:ea:c4:7f:b8:04:2e:01:46:8d:2a:
0b:b1:c6:94:e1:19:c1:04:0d:b2:a1:fc:49:db:43:
57:e4:28:c7:8c:83:77:5d:c0:64:63:48:39:b7:3a:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FF:5C:D9:D3:90:92:A4:DD:34:C5:49:A5:0F:EE:7A:6C:D3:C4:9C
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/nf9c2dOQkqTdNMVJpQ_uemzTxJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
ab:7f:f8:82:0f:cb:e0:1b:ea:dc:41:42:52:23:95:b7:ed:94:
37:cd:bc:72:45:a3:0e:bf:32:31:d6:5b:47:0c:ee:47:1e:33:
15:76:b6:0e:63:09:a9:d2:31:bf:58:11:0f:79:47:4d:4e:b3:
3e:9e:b3:9b:7d:c2:73:65:34:9c:8b:ac:68:87:99:3c:e0:62:
e4:ca:42:ee:6d:45:0f:4a:3e:ba:2b:ea:a7:14:13:9f:fa:cd:
da:94:a2:9d:60:9f:24:78:3e:31:8a:8f:47:02:5a:e8:91:bc:
a1:c8:54:f2:36:42:d3:67:d6:81:88:18:e5:17:d0:f9:b9:41:
14:4c:78:af:fb:8f:30:89:1c:cc:b6:34:02:19:47:f0:cf:51:
65:72:03:77:3d:c8:2a:e2:eb:ab:2e:90:57:df:89:d1:4c:61:
fe:37:fd:ca:8b:49:7c:77:af:e9:35:45:d2:94:f7:40:d2:7f:
8e:a0:60:42:88:fa:4f:fd:f4:37:c6:97:2a:cf:0f:42:38:cd:
d4:a4:66:2b:94:92:74:c4:85:28:8e:10:79:b8:c2:02:61:bd:
c2:cd:6e:d7:fd:e7:80:5c:8c:7f:eb:41:f9:dd:c4:cf:4c:48:
76:da:4c:5b:82:26:54:24:dc:00:bb:b7:f9:7c:17:2a:2a:63:
c8:2e:a5:b9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKWiFw0s88Tit2anRfBQ/8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MTgxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZmNWNkOWQzOTA5MmE0ZGQzNGM1NDlhNTBmZWU3YTZjZDNjNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHat7/cilnm2AW73O9AfSYOT8T5H
HpSPpJFyir860ldOBhDh/yD8kbh/WkPuOxMtfoMyuZMdZXU8yM7WceaXBCg7Bt3g
M3LkqE0UUEFCCE9KDYnD6KICiFEvIb5fL7lQxZrU9zVNFlcHTUVJlUqiTOnsJSIo
Y7vxPcRhYljmkQL9WpU2Gt1mN7b1lA6HkWED4Y66UWTqHwuW3oImnDJI4q0FK00o
GEfQ+G5NL/ZyuzGsJtoSZFCbH4yVOic1K3nCrubuD2sniJhsdqWXO6XKX4Mid02w
3urEf7gELgFGjSoLscaU4RnBBA2yofxJ20NX5CjHjIN3XcBkY0g5tzpR5QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJ3/XNnTkJKk3TTFSaUP7nps08ScMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvbmY5YzJkT1FrcVRkTk1WSnBRX3VlbXpUeEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEAq3/4gg/L4Bvq
3EFCUiOVt+2UN828ckWjDr8yMdZbRwzuRx4zFXa2DmMJqdIxv1gRD3lHTU6zPp6z
m33Cc2U0nIusaIeZPOBi5MpC7m1FD0o+uivqpxQTn/rN2pSinWCfJHg+MYqPRwJa
6JG8ochU8jZC02fWgYgY5RfQ+blBFEx4r/uPMIkczLY0AhlH8M9RZXIDdz3IKuLr
qy6QV9+J0Uxh/jf9yotJfHev6TVF0pT3QNJ/jqBgQoj6T/30N8aXKs8PQjjN1KRm
K5SSdMSFKI4QebjCAmG9ws1u1/3ngFyMf+tB+d3Ez0xIdtpMW4ImVCTcALu3+XwX
KipjyC6luQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:10:07 2025 by rpki-client