Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa
File: phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa (raw, json)
Hash identifier: ZojZeyjo/Bj4yDdzeyqsUz+g0yOeyIiRiu5OIM0ysgc=
Subject key identifier: A6:12:52:58:DC:7F:D9:8D:71:84:2F:85:BA:25:3C:A7:90:E3:05:18
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0192930BB8620A8685E007DBD07D043FA6F9
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa
Signing time: Wed 16 Oct 2024 01:57:51 +0000
ROA not before: Wed 16 Oct 2024 01:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 03:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:93:0b:b8:62:0a:86:85:e0:07:db:d0:7d:04:3f:a6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 01:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6125258dc7fd98d71842f85ba253ca790e30518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:34:18:7f:d8:66:f2:25:65:9b:d8:78:81:fd:
48:a3:48:7e:93:12:16:28:57:bc:14:7a:54:2c:0f:
c7:90:8f:f2:17:53:d2:c8:a7:30:f7:28:af:a1:f6:
1e:8a:07:3c:08:4c:59:f6:99:c3:93:4c:d2:0c:9e:
8c:0d:00:4b:6b:a3:31:90:97:b1:48:23:70:dc:06:
39:bb:7d:c1:a2:df:f3:72:df:1a:1a:62:fe:d9:1f:
c6:f9:66:85:02:64:c7:a7:d8:e4:4b:34:f0:46:64:
24:2c:74:98:c7:1f:3d:59:78:e9:0e:54:21:d1:62:
7e:18:8d:72:c5:08:2e:52:10:e6:39:42:a6:93:7d:
74:63:3e:3b:82:08:35:fb:b5:15:fa:37:c3:fa:2a:
9b:ce:3e:20:7b:54:9d:49:44:f3:7b:89:0e:a0:44:
ce:30:c9:ae:34:92:69:86:2e:06:fb:fd:e4:23:c0:
8a:46:43:61:6d:b9:3f:d5:20:f6:be:de:4a:93:1f:
0f:bb:43:4c:a3:a2:58:0a:74:75:c7:36:78:8c:47:
a9:a4:00:de:f4:44:67:42:3a:64:3c:d1:d7:d6:42:
f3:ed:4b:67:85:43:0f:79:9e:74:d2:4e:65:b8:0c:
ad:fd:77:c6:fe:cf:a3:49:5c:8d:7b:d7:d4:57:a4:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:12:52:58:DC:7F:D9:8D:71:84:2F:85:BA:25:3C:A7:90:E3:05:18
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
43:32:33:bc:ab:cd:98:f3:99:0a:fb:58:6a:4d:d6:df:93:f7:
ae:df:b1:80:c9:81:fb:67:49:17:d1:c6:4d:4a:00:6d:10:c6:
07:8f:39:af:9d:0a:3b:84:56:fd:99:f4:16:f1:26:29:c1:dd:
de:87:f0:c1:70:7e:fd:ef:82:2f:9e:2b:a1:13:82:79:5c:81:
9d:ad:e8:7a:7a:27:73:27:eb:71:57:a6:11:43:14:ae:ff:71:
6e:b6:a3:1d:e8:e0:cb:81:dd:49:1b:1b:64:cf:65:c7:f4:c4:
8a:b8:23:b7:94:fb:88:c0:b4:d5:af:fb:df:87:8a:23:c9:42:
45:0e:3f:71:2b:10:ce:3e:bd:95:72:05:96:bc:79:44:c4:c4:
14:22:31:34:31:a1:e2:37:c9:6f:96:1c:d3:ae:e0:17:26:2e:
bc:82:fb:0e:f4:e8:0e:75:e5:71:58:e3:4f:b0:ae:ac:76:45:
2a:69:86:ce:f2:a1:bf:e9:e7:78:f7:cd:5c:6b:92:fe:da:cf:
a8:93:4a:ff:e7:38:dd:a0:09:f6:45:30:b0:80:49:18:66:87:
62:a2:f1:7f:f0:da:52:cd:e8:91:d6:14:9a:7b:17:e0:c7:26:
16:1c:5b:89:e0:90:8d:0a:94:44:78:71:d0:74:dd:2c:86:0d:
d0:18:ce:3e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKTC7hiCoaF4Afb0H0EP6b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MDE1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjEyNTI1OGRjN2ZkOThkNzE4NDJmODViYTI1M2NhNzkwZTMwNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zQYf9hm8iVlm9h4gf1Io0h+kxIW
KFe8FHpULA/HkI/yF1PSyKcw9yivofYeigc8CExZ9pnDk0zSDJ6MDQBLa6MxkJex
SCNw3AY5u33Bot/zct8aGmL+2R/G+WaFAmTHp9jkSzTwRmQkLHSYxx89WXjpDlQh
0WJ+GI1yxQguUhDmOUKmk310Yz47ggg1+7UV+jfD+iqbzj4ge1SdSUTze4kOoETO
MMmuNJJphi4G+/3kI8CKRkNhbbk/1SD2vt5Kkx8Pu0NMo6JYCnR1xzZ4jEeppADe
9ERnQjpkPNHX1kLz7UtnhUMPeZ500k5luAyt/XfG/s+jSVyNe9fUV6QA/wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKYSUljcf9mNcYQvhbolPKeQ4wUYMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvcGhKU1dOeF8yWTF4aEMtRnVpVThwNURqQlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAQzIzvKvNmPOZ
CvtYak3W35P3rt+xgMmB+2dJF9HGTUoAbRDGB485r50KO4RW/Zn0FvEmKcHd3ofw
wXB+/e+CL54roROCeVyBna3oenoncyfrcVemEUMUrv9xbrajHejgy4HdSRsbZM9l
x/TEirgjt5T7iMC01a/734eKI8lCRQ4/cSsQzj69lXIFlrx5RMTEFCIxNDGh4jfJ
b5Yc067gFyYuvIL7DvToDnXlcVjjT7CurHZFKmmGzvKhv+nnePfNXGuS/trPqJNK
/+c43aAJ9kUwsIBJGGaHYqLxf/DaUs3okdYUmnsX4McmFhxbieCQjQqURHhx0HTd
LIYN0BjOPg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:17:59 2025 by rpki-client