Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/KgtdlmKbwDjk-UpoN8ZOPZupYRg.roa
File: KgtdlmKbwDjk-UpoN8ZOPZupYRg.roa (raw, json)
Hash identifier: MSWDj+dV773xoZW1hUfLsai60NN6goTnAuEFe24fMvU=
Subject key identifier: 2A:0B:5D:96:62:9B:C0:38:E4:F9:4A:68:37:C6:4E:3D:9B:A9:61:18
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019407359285182E4ABB51C307D77C960618
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/KgtdlmKbwDjk-UpoN8ZOPZupYRg.roa
Signing time: Fri 27 Dec 2024 08:22:18 +0000
ROA not before: Fri 27 Dec 2024 08:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215348
IP address blocks: 45.12.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:35:92:85:18:2e:4a:bb:51:c3:07:d7:7c:96:06:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Dec 27 08:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0b5d96629bc038e4f94a6837c64e3d9ba96118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4a:15:d6:6c:48:24:7b:08:43:bb:29:56:b8:
6f:b1:d6:62:fc:09:42:79:90:a6:94:80:8d:02:c3:
3e:0d:d3:3a:37:1b:22:ca:62:38:8c:74:b4:9b:8d:
5f:c5:09:69:83:82:23:e9:74:e4:96:df:90:5e:4e:
e4:33:5d:1b:d1:8e:53:49:30:c3:3d:2b:d5:d2:18:
69:00:df:c4:ec:d2:f7:1e:94:99:30:e3:88:86:94:
6c:56:1b:99:a4:cb:62:0c:b7:cf:4d:ab:97:15:11:
2b:0e:65:29:e5:21:f0:f2:10:d2:63:24:30:78:0a:
c0:1c:b3:ba:f8:44:ce:88:3d:d5:7a:0d:e2:a8:79:
d2:38:14:ce:73:96:cc:21:b5:49:c4:c0:47:1b:51:
f9:c3:82:87:65:22:ac:ba:e7:7f:de:c4:b2:8f:a9:
ca:b2:28:11:2c:0c:46:80:c7:f2:a5:f0:80:6c:6e:
e7:c8:f7:92:84:e7:44:78:af:e2:9e:55:ba:81:93:
62:97:38:9b:37:51:78:90:cb:61:33:fc:46:be:15:
1c:f6:6c:1a:4d:9c:33:b6:04:89:89:f6:d8:1c:99:
2c:0a:0b:b5:fa:25:15:6a:85:49:74:ec:e4:1d:5e:
7b:23:d8:f2:81:6a:5f:77:bb:5d:5b:44:87:db:c3:
ec:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0B:5D:96:62:9B:C0:38:E4:F9:4A:68:37:C6:4E:3D:9B:A9:61:18
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/KgtdlmKbwDjk-UpoN8ZOPZupYRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.89.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:9b:43:4c:37:5a:63:c0:d7:4b:66:fe:cd:da:7b:57:2b:08:
03:67:63:59:9b:93:19:2e:80:05:b7:dc:c9:0b:32:1f:a4:0b:
ed:57:7a:9e:da:39:e9:19:db:ef:f7:17:34:e8:3c:02:eb:3d:
e9:4e:f8:e6:12:4b:b0:4f:e2:51:0a:82:f2:ec:70:09:4c:6f:
95:75:91:9b:2d:d2:e7:67:c5:5a:d9:ac:b3:a7:32:cb:b4:1c:
26:c5:7f:4c:7c:9a:02:bc:5b:98:bb:ca:5c:a7:a9:30:c1:7d:
38:78:5a:be:86:57:29:82:69:45:47:ec:c9:a1:71:3a:84:96:
54:9c:12:39:f4:15:f3:b0:3b:85:a3:88:4e:82:21:95:fd:55:
1f:06:93:c2:31:9f:9b:af:05:56:fc:53:e5:e3:5e:fc:c2:cc:
eb:26:c4:a7:b1:5a:ce:d0:d1:bb:21:54:6c:c2:3f:5c:d9:2f:
49:49:8e:25:62:11:2d:99:05:2c:9d:bf:e7:90:e2:b5:92:42:
30:7e:14:07:1a:4b:99:21:a9:6b:17:55:3d:22:6b:48:b6:69:
d0:8b:ed:5b:6b:8e:ec:fc:b0:13:4c:1b:d1:6a:07:9c:a9:f4:
de:a5:86:38:a8:86:fd:67:6e:85:16:88:d9:f3:c1:ae:5a:37:
67:9a:f6:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQHNZKFGC5Ku1HDB9d8lgYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQxMjI3MDgyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBiNWQ5NjYyOWJjMDM4ZTRmOTRhNjgzN2M2NGUzZDliYTk2MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkoV1mxIJHsIQ7spVrhvsdZi/AlC
eZCmlICNAsM+DdM6NxsiymI4jHS0m41fxQlpg4Ij6XTklt+QXk7kM10b0Y5TSTDD
PSvV0hhpAN/E7NL3HpSZMOOIhpRsVhuZpMtiDLfPTauXFRErDmUp5SHw8hDSYyQw
eArAHLO6+ETOiD3Veg3iqHnSOBTOc5bMIbVJxMBHG1H5w4KHZSKsuud/3sSyj6nK
sigRLAxGgMfypfCAbG7nyPeShOdEeK/inlW6gZNilzibN1F4kMthM/xGvhUc9mwa
TZwztgSJifbYHJksCgu1+iUVaoVJdOzkHV57I9jygWpfd7tdW0SH28PsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoLXZZim8A45PlKaDfGTj2bqWEYMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvS2d0ZGxtS2J3RGprLVVwb044Wk9QWnVwWVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxZMA0G
CSqGSIb3DQEBCwUAA4IBAQAKm0NMN1pjwNdLZv7N2ntXKwgDZ2NZm5MZLoAFt9zJ
CzIfpAvtV3qe2jnpGdvv9xc06DwC6z3pTvjmEkuwT+JRCoLy7HAJTG+VdZGbLdLn
Z8Va2ayzpzLLtBwmxX9MfJoCvFuYu8pcp6kwwX04eFq+hlcpgmlFR+zJoXE6hJZU
nBI59BXzsDuFo4hOgiGV/VUfBpPCMZ+brwVW/FPl4178wszrJsSnsVrO0NG7IVRs
wj9c2S9JSY4lYhEtmQUsnb/nkOK1kkIwfhQHGkuZIalrF1U9ImtItmnQi+1ba47s
/LATTBvRagecqfTepYY4qIb9Z26FFojZ88GuWjdnmvbO
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:57:02 2025 by rpki-client