Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-lQC1IV48DenA3EDKtmKH4uQWbc.roa
File: 1-lQC1IV48DenA3EDKtmKH4uQWbc.roa (raw, json)
Hash identifier: IG9YlCsUZqF6RF4J4KXB4Gr3Re1cpuKbCDga1/ziXZU=
Subject key identifier: FA:54:02:D4:85:78:F0:37:A7:03:71:03:2A:D9:8A:1F:8B:90:59:B7
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0193A0D17922EDBDDA501DB027E4921E521D
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-lQC1IV48DenA3EDKtmKH4uQWbc.roa
Signing time: Sat 07 Dec 2024 11:11:42 +0000
ROA not before: Sat 07 Dec 2024 11:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215402
IP address blocks: 45.150.66.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
2a0e:4005:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a0:d1:79:22:ed:bd:da:50:1d:b0:27:e4:92:1e:52:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Dec 7 11:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa5402d48578f037a70371032ad98a1f8b9059b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0d:2e:93:36:54:cd:55:38:e5:d0:f0:30:ca:
be:9d:1a:ba:95:c6:b2:a8:b7:ca:95:8e:07:a4:d6:
78:ba:13:db:8b:e5:85:8a:14:c6:38:64:3c:0d:cb:
cb:18:10:49:e5:d7:15:8f:6b:47:16:ea:eb:ad:df:
64:5c:44:74:95:16:0d:01:40:c5:27:06:be:25:8b:
ba:dd:17:3f:ba:8e:92:b9:6c:34:ae:9f:c6:0f:8a:
ee:e8:53:26:b6:8a:f5:43:5c:73:74:f0:d8:76:f9:
52:78:74:db:c0:68:02:96:d0:13:bd:5d:21:c2:ec:
6b:32:91:20:b0:42:c2:44:c6:4d:78:71:42:a5:d5:
af:f5:06:4a:7a:42:16:00:e9:8f:0a:ff:83:1c:b0:
ab:a5:92:08:b4:0e:9d:a7:8e:8e:d5:00:a4:2e:52:
fa:1c:09:95:5b:7a:c0:74:97:3a:40:05:82:e0:a4:
c0:8a:ee:12:fa:46:b1:c1:08:6e:e8:15:20:c8:1c:
48:31:95:11:c4:7d:72:1f:d0:ad:97:f2:28:fa:0d:
21:a4:79:2e:30:b3:87:62:14:1b:75:24:6e:cb:79:
01:6c:96:3d:e1:d2:59:d1:84:3f:d6:5d:0e:63:0d:
e0:11:25:59:12:59:14:b2:fd:0b:21:1d:4f:db:ed:
39:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:54:02:D4:85:78:F0:37:A7:03:71:03:2A:D9:8A:1F:8B:90:59:B7
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-lQC1IV48DenA3EDKtmKH4uQWbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.66.0/24
138.124.181.0/24
IPv6:
2a0e:4005:1000::/48
Signature Algorithm: sha256WithRSAEncryption
6a:30:77:cf:4c:12:32:9c:cd:fd:f0:cb:c9:93:8f:50:c6:a1:
81:e0:b3:3a:81:70:d8:d9:7c:2e:ff:4d:a5:86:f0:ad:3e:60:
e4:3f:56:05:e5:9c:3f:7b:d4:b0:18:62:dd:31:f4:ac:c9:cd:
77:4d:bd:81:bd:a5:02:57:b9:6a:70:25:a8:3f:68:8e:44:d2:
17:05:0e:9b:fc:a3:7e:8f:ab:b8:a0:65:79:62:5c:ae:b1:73:
18:40:21:9c:f1:c4:be:d4:22:a4:dc:d9:1d:c1:32:77:c1:fb:
57:6d:2b:aa:4d:5f:cd:d7:62:18:12:d5:a9:ba:38:93:75:fd:
ae:91:f3:bf:95:54:52:4c:72:ed:f2:56:48:cc:ec:ac:38:e8:
a2:75:1a:80:fb:48:1c:ca:b3:83:bf:6a:9d:b1:21:95:84:8c:
d9:48:db:3e:b2:74:cc:2e:24:a1:84:4f:df:e4:97:0e:3e:ed:
ab:bc:2a:24:90:c9:bf:30:bb:9b:97:18:3d:96:6f:08:a2:a6:
00:39:7e:fc:f0:4c:e0:ed:91:b3:cb:f0:4d:68:9a:50:55:8e:
6b:68:a7:93:51:e8:5f:30:1a:8f:65:f6:4a:35:3d:44:d7:f8:
c0:a3:a7:69:92:17:d3:fa:12:72:10:62:0a:c2:5e:05:63:eb:
d9:f5:e0:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOg0Xki7b3aUB2wJ+SSHlIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQxMjA3MTExMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU0MDJkNDg1NzhmMDM3YTcwMzcxMDMyYWQ5OGExZjhiOTA1OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ0ukzZUzVU45dDwMMq+nRq6lcay
qLfKlY4HpNZ4uhPbi+WFihTGOGQ8DcvLGBBJ5dcVj2tHFurrrd9kXER0lRYNAUDF
Jwa+JYu63Rc/uo6SuWw0rp/GD4ru6FMmtor1Q1xzdPDYdvlSeHTbwGgCltATvV0h
wuxrMpEgsELCRMZNeHFCpdWv9QZKekIWAOmPCv+DHLCrpZIItA6dp46O1QCkLlL6
HAmVW3rAdJc6QAWC4KTAiu4S+kaxwQhu6BUgyBxIMZURxH1yH9Ctl/Io+g0hpHku
MLOHYhQbdSRuy3kBbJY94dJZ0YQ/1l0OYw3gESVZElkUsv0LIR1P2+05zQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPpUAtSFePA3pwNxAyrZih+LkFm3MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvMS1sUUMxSVY0OERlbkEzRURLdG1LSDR1UVdiYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1
NC8xL3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAC2WQgME
AIp8tTAPBAIAAjAJAwcAKg5ABRAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqMHfPTBIy
nM398MvJk49QxqGB4LM6gXDY2Xwu/02lhvCtPmDkP1YF5Zw/e9SwGGLdMfSsyc13
Tb2BvaUCV7lqcCWoP2iORNIXBQ6b/KN+j6u4oGV5YlyusXMYQCGc8cS+1CKk3Nkd
wTJ3wftXbSuqTV/N12IYEtWpujiTdf2ukfO/lVRSTHLt8lZIzOysOOiidRqA+0gc
yrODv2qdsSGVhIzZSNs+snTMLiShhE/f5JcOPu2rvCokkMm/MLublxg9lm8IoqYA
OX788Ezg7ZGzy/BNaJpQVY5raKeTUehfMBqPZfZKNT1E1/jAo6dpkhfT+hJyEGIK
wl4FY+vZ9eAx
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:51 2025 by rpki-client