Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/wBBDCPXrrvlVehPmRoTd9bJTPWA.roa
File: wBBDCPXrrvlVehPmRoTd9bJTPWA.roa (raw, json)
Hash identifier: NSSmsWnrt7U4rQCdB6kJgWOezKi/G7CLHJ7Gcg2Zl64=
Subject key identifier: C0:10:43:08:F5:EB:AE:F9:55:7A:13:E6:46:84:DD:F5:B2:53:3D:60
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 0193485E264FF1FEAEA3E253DBE2D2F97C94
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/wBBDCPXrrvlVehPmRoTd9bJTPWA.roa
Signing time: Wed 20 Nov 2024 06:59:09 +0000
ROA not before: Wed 20 Nov 2024 06:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Dec 2024 06:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:5e:26:4f:f1:fe:ae:a3:e2:53:db:e2:d2:f9:7c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Nov 20 06:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0104308f5ebaef9557a13e64684ddf5b2533d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:39:1e:db:44:08:2b:b6:24:62:54:5a:64:47:
9d:b5:cb:20:a5:86:67:ae:28:7c:a0:98:3f:4a:1b:
1c:da:93:6b:ef:ee:24:43:75:5b:2e:ec:4e:d6:c9:
7d:a5:70:76:4e:c4:2f:34:ab:e7:21:57:ed:c9:ae:
d7:03:4d:d3:db:fe:d6:0a:c8:84:ca:b5:33:6d:12:
de:d6:83:22:36:e3:04:97:ed:3a:67:e1:69:db:ce:
95:37:d5:f9:60:4a:46:b9:3f:2c:c5:85:8d:2f:d6:
0b:30:60:19:4a:fb:a5:4d:32:bc:f6:aa:6a:d9:82:
c6:2e:3d:c5:37:64:00:47:92:af:88:6d:83:5b:24:
59:3b:56:e5:34:58:3d:3b:43:1c:04:1f:c0:6d:a5:
9d:57:0d:b9:af:59:e5:f7:42:de:c9:0e:1d:98:34:
7e:90:a3:64:aa:ee:4d:ec:ac:44:4c:00:bc:98:95:
49:15:72:a8:cc:e6:ef:f6:ab:2b:02:21:fd:ac:cc:
25:aa:fe:88:11:f6:18:7e:a4:b5:cc:0a:29:b3:ae:
aa:97:e5:3e:7a:1a:8a:7c:13:f3:0a:cc:d1:72:63:
ee:4c:7c:41:7e:3d:43:fd:57:55:a7:1f:82:93:2a:
7a:8e:59:e5:43:ba:bb:cb:36:8b:ab:b8:5a:8a:cb:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:10:43:08:F5:EB:AE:F9:55:7A:13:E6:46:84:DD:F5:B2:53:3D:60
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/wBBDCPXrrvlVehPmRoTd9bJTPWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
41:b1:8a:06:d6:d0:44:29:8f:48:f6:3c:af:8d:d0:ee:e6:28:
72:a0:fd:ac:2a:ac:a6:63:cf:e7:af:c1:48:1d:d3:6d:cc:81:
7d:3a:a0:2e:43:ca:6a:f1:1c:cc:39:4b:46:ba:07:0c:5c:ea:
f1:b2:c4:bc:b9:16:d4:03:21:78:e9:fb:cb:e1:9b:0c:4f:53:
7b:1b:84:c7:ac:4c:4c:9f:2f:48:34:47:17:ef:42:46:e8:32:
66:f2:9d:b3:94:40:88:15:03:75:32:cc:ed:5b:9c:ca:64:8a:
a8:0e:c4:31:6c:27:90:ae:4c:90:ed:07:87:6a:ed:df:90:a6:
c5:38:01:b4:f6:cc:41:8b:60:1d:97:56:6d:48:5d:73:f7:c7:
f5:7a:83:75:c8:a9:f4:be:45:79:bf:6c:cf:9c:83:65:33:33:
9a:68:ee:cb:bf:a1:3e:2e:41:8a:62:d5:23:00:81:c6:d4:3f:
16:f3:6b:27:25:eb:ea:f2:e2:6a:ec:e3:04:81:cf:02:7e:f5:
5a:f6:18:d6:f8:47:e7:d8:c5:f2:b6:b1:e0:9d:85:66:15:01:
ab:f2:de:d5:85:cb:8c:77:b2:3b:9e:ab:80:8b:34:93:1b:e7:
02:6b:05:24:ad:8f:d0:e4:3d:23:4f:42:87:20:f6:42:a0:38:
90:ef:11:36
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNIXiZP8f6uo+JT2+LS+XyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjQxMTIwMDY1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDEwNDMwOGY1ZWJhZWY5NTU3YTEzZTY0Njg0ZGRmNWIyNTMzZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjke20QIK7YkYlRaZEedtcsgpYZn
rih8oJg/Shsc2pNr7+4kQ3VbLuxO1sl9pXB2TsQvNKvnIVftya7XA03T2/7WCsiE
yrUzbRLe1oMiNuMEl+06Z+Fp286VN9X5YEpGuT8sxYWNL9YLMGAZSvulTTK89qpq
2YLGLj3FN2QAR5KviG2DWyRZO1blNFg9O0McBB/AbaWdVw25r1nl90LeyQ4dmDR+
kKNkqu5N7KxETAC8mJVJFXKozObv9qsrAiH9rMwlqv6IEfYYfqS1zAops66ql+U+
ehqKfBPzCszRcmPuTHxBfj1D/VdVpx+Ckyp6jlnlQ7q7yzaLq7haisuQkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMAQQwj16675VXoT5kaE3fWyUz1gMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvd0JCRENQWHJydmxWZWhQbVJvVGQ5YkpUUFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALVVJMBgE
AgACMBIDBwAqDruBAAADBwAqDruBEAAwDQYJKoZIhvcNAQELBQADggEBAEGxigbW
0EQpj0j2PK+N0O7mKHKg/awqrKZjz+evwUgd023MgX06oC5DymrxHMw5S0a6Bwxc
6vGyxLy5FtQDIXjp+8vhmwxPU3sbhMesTEyfL0g0RxfvQkboMmbynbOUQIgVA3Uy
zO1bnMpkiqgOxDFsJ5CuTJDtB4dq7d+QpsU4AbT2zEGLYB2XVm1IXXP3x/V6g3XI
qfS+RXm/bM+cg2UzM5po7su/oT4uQYpi1SMAgcbUPxbzaycl6+ry4mrs4wSBzwJ+
9Vr2GNb4R+fYxfK2seCdhWYVAavy3tWFy4x3sjueq4CLNJMb5wJrBSStj9DkPSNP
Qocg9kKgOJDvETY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:20:59 2025 by rpki-client