Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/rNcU_TrVD24uL8OnE9UlOOxWXDw.roa
File: rNcU_TrVD24uL8OnE9UlOOxWXDw.roa (raw, json)
Hash identifier: HHOLFDVQaspd7mB/L2g5N5F8UTuvD632gMPzrhGuiOM=
Subject key identifier: AC:D7:14:FD:3A:D5:0F:6E:2E:2F:C3:A7:13:D5:25:38:EC:56:5C:3C
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 0193904EE5FA3EE5565B9631013A8A17E846
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/rNcU_TrVD24uL8OnE9UlOOxWXDw.roa
Signing time: Wed 04 Dec 2024 06:15:09 +0000
ROA not before: Wed 04 Dec 2024 06:15:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
202.14.113.0/24 maxlen: 24
203.33.38.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Dec 2024 06:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:90:4e:e5:fa:3e:e5:56:5b:96:31:01:3a:8a:17:e8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Dec 4 06:15:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acd714fd3ad50f6e2e2fc3a713d52538ec565c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b0:c8:97:9e:da:64:27:c6:d7:9b:42:0e:54:
5e:88:b3:fe:7c:9d:78:01:fe:84:9e:f4:80:2b:2a:
7a:db:5a:f0:da:00:1d:3a:94:3d:ca:07:41:1c:cc:
0c:5e:e6:52:24:ea:9a:3a:a2:38:10:78:c0:77:79:
8e:05:ca:a0:6b:5a:ec:01:a5:ba:68:64:5b:7c:57:
13:c7:da:70:61:58:41:40:f3:02:07:1f:6b:3d:7b:
8a:23:5b:3a:b4:54:e0:ea:ca:38:89:13:ad:3b:62:
7a:84:76:19:30:31:61:0b:ce:73:f3:aa:60:24:61:
83:4d:8b:9a:f0:da:42:1f:c1:3d:2f:0f:f0:e4:8e:
f1:a9:f5:3c:6f:f0:8d:cb:30:de:50:62:24:fc:22:
33:04:6b:17:52:ca:68:52:54:1c:f2:c5:f6:ef:9b:
5d:b3:f8:1d:17:b4:4e:45:b2:19:bd:6c:7d:06:a1:
03:a4:d0:72:80:54:e5:4e:05:d6:3d:12:4f:4f:c9:
40:0c:95:70:98:45:f8:d8:4b:a5:6e:5b:a8:02:37:
dd:5d:1a:e9:83:a0:6c:93:4f:a8:5e:81:d8:b9:71:
8f:b7:cc:6e:1f:11:75:28:c7:d6:ff:b1:dc:41:42:
e7:0c:6a:54:75:dc:2a:52:b1:9d:ff:ee:00:57:c8:
6f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D7:14:FD:3A:D5:0F:6E:2E:2F:C3:A7:13:D5:25:38:EC:56:5C:3C
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/rNcU_TrVD24uL8OnE9UlOOxWXDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
202.14.113.0/24
203.33.38.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
3d:76:5a:b2:7e:bd:df:cc:84:a7:e8:97:d9:a6:df:b7:4d:84:
46:dd:46:a4:28:22:45:68:30:0f:9f:6d:f1:38:8d:ac:65:46:
53:2f:79:63:73:92:fd:42:30:b6:97:a3:b9:e3:f8:a6:74:15:
ee:3b:5c:14:82:85:05:f1:11:96:ef:bd:3d:89:95:2d:fc:8c:
4b:c4:ed:da:e7:0f:2f:ba:b9:8d:56:06:bb:07:18:84:19:fd:
0d:e0:00:2e:3a:b0:0b:d2:a5:46:a7:57:59:1d:d8:f8:15:9b:
5f:b2:1d:90:69:0a:3d:c7:9f:13:12:0f:2e:7c:4c:ef:df:69:
3f:25:19:bc:27:8f:05:ce:03:85:0f:45:60:ff:64:96:fe:cc:
9e:57:e9:8f:e7:3c:30:db:b4:d1:ef:ca:2c:29:ec:80:19:69:
a2:97:fc:dd:f5:68:e3:e9:40:32:be:51:7a:49:d4:35:35:2e:
21:bb:a2:ca:70:fd:f8:88:6e:6a:4d:b3:5a:f6:9f:61:89:3c:
19:75:94:8f:e7:1f:41:5e:e0:59:c4:1e:d3:4b:f6:38:da:26:
49:5c:76:a4:3d:75:b8:cf:b4:30:c7:1e:d6:a6:f1:89:bb:de:
5f:a6:16:a6:2e:5b:51:60:ac:7a:e0:da:8b:33:ae:3a:6f:44:
d5:2f:2b:ce
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZOQTuX6PuVWW5YxATqKF+hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjQxMjA0MDYxNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Q3MTRmZDNhZDUwZjZlMmUyZmMzYTcxM2Q1MjUzOGVjNTY1YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurDIl57aZCfG15tCDlReiLP+fJ14
Af6EnvSAKyp621rw2gAdOpQ9ygdBHMwMXuZSJOqaOqI4EHjAd3mOBcqga1rsAaW6
aGRbfFcTx9pwYVhBQPMCBx9rPXuKI1s6tFTg6so4iROtO2J6hHYZMDFhC85z86pg
JGGDTYua8NpCH8E9Lw/w5I7xqfU8b/CNyzDeUGIk/CIzBGsXUspoUlQc8sX275td
s/gdF7RORbIZvWx9BqEDpNBygFTlTgXWPRJPT8lADJVwmEX42EulbluoAjfdXRrp
g6Bsk0+oXoHYuXGPt8xuHxF1KMfW/7HcQULnDGpUddwqUrGd/+4AV8hvLQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKzXFP061Q9uLi/DpxPVJTjsVlw8MB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvck5jVV9UclZEMjR1TDhPbkU5VWxPT3hXWER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALVVJAwQA
yg5xAwQAyyEmMBgEAgACMBIDBwAqDruBAAADBwAqDruBEAAwDQYJKoZIhvcNAQEL
BQADggEBAD12WrJ+vd/MhKfol9mm37dNhEbdRqQoIkVoMA+fbfE4jaxlRlMveWNz
kv1CMLaXo7nj+KZ0Fe47XBSChQXxEZbvvT2JlS38jEvE7drnDy+6uY1WBrsHGIQZ
/Q3gAC46sAvSpUanV1kd2PgVm1+yHZBpCj3HnxMSDy58TO/faT8lGbwnjwXOA4UP
RWD/ZJb+zJ5X6Y/nPDDbtNHvyiwp7IAZaaKX/N31aOPpQDK+UXpJ1DU1LiG7ospw
/fiIbmpNs1r2n2GJPBl1lI/nH0Fe4FnEHtNL9jjaJklcdqQ9dbjPtDDHHtam8Ym7
3l+mFqYuW1FgrHrg2oszrjpvRNUvK84=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:36:44 2025 by rpki-client