Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/96vws1jA4SlSdIr9uMYTroHcZBs.roa
File: 96vws1jA4SlSdIr9uMYTroHcZBs.roa (raw, json)
Hash identifier: GMyJTQDTm6fsQtI3Uzb0sxHNR8/OEwM/kXufJkOBfcI=
Subject key identifier: F7:AB:F0:B3:58:C0:E1:29:52:74:8A:FD:B8:C6:13:AE:81:DC:64:1B
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 01942827A30AB8987665C04FEE99BE4BC97B
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/96vws1jA4SlSdIr9uMYTroHcZBs.roa
Signing time: Thu 02 Jan 2025 17:54:33 +0000
ROA not before: Thu 02 Jan 2025 17:54:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
202.14.113.0/24 maxlen: 24
203.33.38.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:a1::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 Jan 2025 11:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a3:0a:b8:98:76:65:c0:4f:ee:99:be:4b:c9:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Jan 2 17:54:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7abf0b358c0e12952748afdb8c613ae81dc641b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:b1:d1:95:b5:f7:e6:c3:a3:36:b8:14:34:
2f:9a:f1:e5:9c:e2:ad:57:c8:6d:a5:53:be:4d:a1:
1e:c1:27:b4:c7:3c:be:c7:26:53:46:c2:5f:5d:ac:
a1:5e:72:89:ec:2b:7f:bf:4c:dc:3e:0c:89:75:e7:
f2:0b:f0:38:3f:27:a0:d3:5b:ca:75:30:a4:66:67:
5f:4f:10:f5:38:e6:d9:6d:61:21:9b:f6:e1:fa:7c:
5a:3d:6e:c1:c0:9a:ec:98:92:4c:5e:5a:98:90:06:
f1:f5:86:2d:f1:ab:2a:4e:26:b1:8f:99:24:bd:42:
4e:89:a7:4a:fb:77:86:3b:c5:92:1d:0c:4a:ab:cc:
32:30:f0:c5:db:0a:47:f5:d1:c8:64:d6:14:17:6c:
a6:4e:9a:63:f6:36:90:74:15:bb:07:60:8d:fa:19:
f6:d9:23:93:f6:64:c1:bf:d8:23:e9:76:a9:fa:00:
1b:dc:ab:11:ac:fe:2e:99:74:c1:86:0a:b7:41:2e:
ab:72:45:a0:60:62:f0:1d:9e:6f:32:a2:68:34:8e:
e9:92:df:e5:34:b4:9e:94:1d:8f:bc:89:cb:90:6a:
e2:e3:e4:d8:0c:1b:85:0e:4b:51:56:2c:e5:f6:6f:
e9:69:51:ed:29:ea:bf:f6:5a:5c:d0:2b:01:0e:20:
72:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AB:F0:B3:58:C0:E1:29:52:74:8A:FD:B8:C6:13:AE:81:DC:64:1B
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/96vws1jA4SlSdIr9uMYTroHcZBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
202.14.113.0/24
203.33.38.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:a1::/48
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
61:9e:39:dd:ca:e1:ec:ec:a9:7b:c6:ee:14:d5:0c:ab:d0:bc:
4f:b8:6a:e1:70:f6:de:c2:5b:ae:a7:4b:09:5e:5e:b2:92:dc:
fa:e5:97:ef:3e:df:d8:cf:eb:51:8f:3e:6b:f9:1f:89:24:81:
f0:dc:5b:b6:06:04:48:f0:53:15:e3:6d:44:b7:7b:3c:9c:29:
4a:a4:b9:83:d6:a4:43:3c:15:88:fe:a8:a0:a7:65:48:87:0f:
e6:65:6f:e9:18:17:3f:91:e4:13:5e:61:68:ad:bc:c1:78:43:
36:8a:3a:c2:11:2c:7f:e0:e0:8e:75:3b:4f:cb:77:7b:c2:94:
65:ec:89:5c:93:76:fa:51:e2:c2:5b:94:33:8e:a0:c7:9c:9e:
2e:f6:69:f3:92:02:f3:77:c1:bf:d4:4b:81:bf:01:bd:de:8e:
c8:bb:6d:27:81:86:98:12:74:c8:b4:39:e9:ef:fa:fd:e2:5c:
86:64:df:12:e2:a2:6f:21:8b:7d:3d:1d:22:82:d8:40:c7:ee:
9d:ef:3a:3a:2c:e7:ee:f0:bc:41:3f:f0:e8:6b:d4:0c:2d:31:
d2:37:bc:3e:33:1b:c8:b0:45:fc:33:c4:74:a0:23:94:00:40:
7f:50:af:fa:52:09:11:0b:87:80:05:31:78:87:ac:c3:df:5d:
ee:05:d2:85
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQoJ6MKuJh2ZcBP7pm+S8l7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjUwMTAyMTc1NDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FiZjBiMzU4YzBlMTI5NTI3NDhhZmRiOGM2MTNhZTgxZGM2NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFOx0ZW19+bDoza4FDQvmvHlnOKt
V8htpVO+TaEewSe0xzy+xyZTRsJfXayhXnKJ7Ct/v0zcPgyJdefyC/A4Pyeg01vK
dTCkZmdfTxD1OObZbWEhm/bh+nxaPW7BwJrsmJJMXlqYkAbx9YYt8asqTiaxj5kk
vUJOiadK+3eGO8WSHQxKq8wyMPDF2wpH9dHIZNYUF2ymTppj9jaQdBW7B2CN+hn2
2SOT9mTBv9gj6Xap+gAb3KsRrP4umXTBhgq3QS6rckWgYGLwHZ5vMqJoNI7pkt/l
NLSelB2PvInLkGri4+TYDBuFDktRVizl9m/paVHtKeq/9lpc0CsBDiBycQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPer8LNYwOEpUnSK/bjGE66B3GQbMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvOTZ2d3MxakE0U2xTZElyOXVNWVRyb0hjWkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQALVVJAwQA
yg5xAwQAyyEmMCEEAgACMBsDBwAqDruBAAADBwAqDruBAKEDBwAqDruBEAAwDQYJ
KoZIhvcNAQELBQADggEBAGGeOd3K4ezsqXvG7hTVDKvQvE+4auFw9t7CW66nSwle
XrKS3Prll+8+39jP61GPPmv5H4kkgfDcW7YGBEjwUxXjbUS3ezycKUqkuYPWpEM8
FYj+qKCnZUiHD+Zlb+kYFz+R5BNeYWitvMF4QzaKOsIRLH/g4I51O0/Ld3vClGXs
iVyTdvpR4sJblDOOoMecni72afOSAvN3wb/US4G/Ab3ejsi7bSeBhpgSdMi0Oenv
+v3iXIZk3xLiom8hi309HSKC2EDH7p3vOjos5+7wvEE/8Ohr1AwtMdI3vD4zG8iw
RfwzxHSgI5QAQH9Qr/pSCRELh4AFMXiHrMPfXe4F0oU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:36 2025 by rpki-client