Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/oWct7z8TwR6VzHgPIhOY5pWqYSY.roa
File: oWct7z8TwR6VzHgPIhOY5pWqYSY.roa (raw, json)
Hash identifier: 7EBzjDjSoKm79kS38pjGxYwqiEWBWEFJJodGAmxbwko=
Subject key identifier: A1:67:2D:EF:3F:13:C1:1E:95:CC:78:0F:22:13:98:E6:95:AA:61:26
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019298F3427056F84086B5A71BA6BDF078E4
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/oWct7z8TwR6VzHgPIhOY5pWqYSY.roa
Signing time: Thu 17 Oct 2024 05:28:51 +0000
ROA not before: Thu 17 Oct 2024 05:28:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 06:43:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:98:f3:42:70:56:f8:40:86:b5:a7:1b:a6:bd:f0:78:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 17 05:28:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1672def3f13c11e95cc780f221398e695aa6126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:31:d5:03:db:23:d5:94:4b:e8:e1:75:80:
4d:fa:64:bd:6c:3f:50:b4:b8:0a:a4:63:7f:81:91:
1c:c4:80:87:c5:61:99:f7:86:d6:51:be:d2:a9:8c:
2b:b2:6b:8a:af:a5:1a:e8:0a:d4:6d:07:b4:03:7d:
f4:d5:31:11:3d:bf:35:e6:fa:3b:a0:2e:0b:30:1e:
45:bb:b7:3b:dd:a4:4e:8f:73:f0:c0:db:76:8a:c0:
cb:d7:98:70:28:ef:a6:ec:be:5d:6e:2a:23:a7:d4:
f3:b4:fe:ae:60:f2:b8:ee:6b:62:a8:cc:3e:31:f5:
32:dd:93:83:6f:44:c4:27:63:cc:ac:4c:ed:f9:05:
ea:b0:58:f3:f3:ae:f3:13:fa:bd:3e:97:e0:4f:87:
a9:cd:14:cc:d5:b7:1d:33:98:e9:b8:61:1f:23:1a:
ec:0c:2c:e9:ff:fc:26:71:f8:9a:6a:7a:13:c6:71:
18:70:5a:ab:98:dc:27:2b:98:30:d6:24:c2:e6:b3:
93:77:91:b0:d6:ee:3b:f3:28:f9:a3:93:cd:bb:c3:
8e:b9:2e:e4:2f:12:2f:14:a7:1a:fa:af:05:ce:9c:
9e:eb:a6:33:bd:41:90:0a:91:40:b4:35:c0:16:7e:
79:b0:42:c4:55:25:dc:2e:9b:5b:96:54:48:87:0b:
fd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:67:2D:EF:3F:13:C1:1E:95:CC:78:0F:22:13:98:E6:95:AA:61:26
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/oWct7z8TwR6VzHgPIhOY5pWqYSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
b2:71:89:c7:37:12:45:bc:ba:ce:db:b2:70:4f:26:81:a7:4d:
13:7a:39:bd:59:65:38:c2:60:fe:84:9d:31:af:72:ab:82:3b:
af:37:ec:05:34:ad:a8:b2:28:93:24:25:f1:51:df:3b:e2:f3:
36:bb:7b:45:e9:67:7a:e8:8b:db:8c:56:9f:5e:28:5d:28:f4:
f9:2b:61:05:d5:4c:02:fa:13:82:98:64:67:2e:45:0a:a6:4a:
44:81:4e:7c:42:b0:96:d4:91:a8:eb:03:a4:b9:b3:80:3c:e3:
47:c3:2a:bd:db:70:96:2c:aa:9a:05:ed:42:db:ef:f5:f6:fb:
9b:f0:96:43:5d:93:f6:8b:81:5c:9b:32:d7:8a:4e:34:9b:c1:
f7:1b:a3:2b:df:23:2f:67:f7:4c:15:84:28:cd:c2:3b:8a:a7:
8d:7a:a3:ea:60:b7:06:c6:d8:15:90:21:dd:ec:5d:54:87:99:
7d:08:42:f2:0f:b0:f7:e8:08:23:16:c0:0f:59:99:ba:0e:93:
bd:1d:a2:4d:b1:1f:c6:78:e4:8c:8c:cb:d3:f3:4d:35:d0:7f:
c9:dc:60:e6:14:cd:e3:75:dc:cd:55:82:da:fd:bd:2a:19:6c:
ae:f4:56:b3:06:4b:f8:0c:a4:72:01:6b:14:75:bc:9b:87:8a:
aa:91:74:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKY80JwVvhAhrWnG6a98HjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE3MDUyODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY3MmRlZjNmMTNjMTFlOTVjYzc4MGYyMjEzOThlNjk1YWE2MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo70x1QPbI9WUS+jhdYBN+mS9bD9Q
tLgKpGN/gZEcxICHxWGZ94bWUb7SqYwrsmuKr6Ua6ArUbQe0A3301TERPb815vo7
oC4LMB5Fu7c73aROj3PwwNt2isDL15hwKO+m7L5dbiojp9TztP6uYPK47mtiqMw+
MfUy3ZODb0TEJ2PMrEzt+QXqsFjz867zE/q9PpfgT4epzRTM1bcdM5jpuGEfIxrs
DCzp//wmcfiaanoTxnEYcFqrmNwnK5gw1iTC5rOTd5Gw1u478yj5o5PNu8OOuS7k
LxIvFKca+q8Fzpye66YzvUGQCpFAtDXAFn55sELEVSXcLptbllRIhwv9pwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKFnLe8/E8Eelcx4DyITmOaVqmEmMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvb1djdDd6OFR3UjZWekhnUEloT1k1cFdxWVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAsnGJxzcSRby6
ztuycE8mgadNE3o5vVllOMJg/oSdMa9yq4I7rzfsBTStqLIokyQl8VHfO+LzNrt7
RelneuiL24xWn14oXSj0+SthBdVMAvoTgphkZy5FCqZKRIFOfEKwltSRqOsDpLmz
gDzjR8MqvdtwliyqmgXtQtvv9fb7m/CWQ12T9ouBXJsy14pONJvB9xujK98jL2f3
TBWEKM3CO4qnjXqj6mC3BsbYFZAh3exdVIeZfQhC8g+w9+gIIxbAD1mZug6TvR2i
TbEfxnjkjIzL0/NNNdB/ydxg5hTN43XczVWC2v29KhlsrvRWswZL+AykcgFrFHW8
m4eKqpF0Cg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:58:11 2025 by rpki-client