Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/xHNa0se_nhSZpgsGjksqPZgQzSU.roa
File: xHNa0se_nhSZpgsGjksqPZgQzSU.roa (raw, json)
Hash identifier: 25cRpUbmRIIPIC6u0OUm6DUK7z3nl8PYcmn+Xj6y6EI=
Subject key identifier: C4:73:5A:D2:C7:BF:9E:14:99:A6:0B:06:8E:4B:2A:3D:98:10:CD:25
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 0193DDAC6806B5038732908D55A725AFB58E
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/xHNa0se_nhSZpgsGjksqPZgQzSU.roa
Signing time: Thu 19 Dec 2024 06:48:03 +0000
ROA not before: Thu 19 Dec 2024 06:48:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
202.14.113.0/24 maxlen: 24
203.33.38.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:a1::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:ac:68:06:b5:03:87:32:90:8d:55:a7:25:af:b5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Dec 19 06:48:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4735ad2c7bf9e1499a60b068e4b2a3d9810cd25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bf:81:b0:e1:96:e3:03:30:d9:81:23:48:af:
ce:41:75:52:d1:56:24:d0:b1:53:47:fd:3c:f9:f0:
fc:0e:25:d9:a3:36:77:ca:c5:67:1c:1b:71:63:3d:
26:0e:b5:e8:c3:22:5d:03:82:b5:e4:7d:14:8e:28:
7b:63:9e:b5:8f:cc:20:ab:3d:cc:d2:34:bb:fe:12:
1a:86:12:99:df:ca:d3:9b:e9:12:fc:65:29:ed:02:
b5:0e:35:23:a8:54:87:b0:72:55:95:2f:68:48:fc:
fa:af:b4:26:0c:71:62:be:78:fc:30:b4:35:d2:71:
69:bf:d2:41:2a:2f:7c:fc:74:c8:13:f9:90:b7:4b:
a1:55:f4:20:18:4f:df:1a:bc:fa:69:48:1f:b5:55:
ec:81:df:9e:25:b4:f5:3e:99:ea:ca:e0:4b:38:24:
10:e8:72:5f:97:95:3b:8e:25:d8:6a:f1:85:00:bc:
ff:77:f1:b9:a1:e5:1a:5a:8d:68:c2:02:99:a8:fe:
53:79:1b:40:e9:e3:2d:bb:6d:86:33:8c:9a:81:a1:
18:7a:69:6f:8c:3e:fd:ab:62:4c:af:e1:0e:bc:4c:
c8:8f:2e:94:33:c8:db:d7:a1:26:54:95:41:02:a5:
80:db:0e:d8:4c:c3:c0:11:ab:da:b8:59:af:1b:8c:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:73:5A:D2:C7:BF:9E:14:99:A6:0B:06:8E:4B:2A:3D:98:10:CD:25
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/xHNa0se_nhSZpgsGjksqPZgQzSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
202.14.113.0/24
203.33.38.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:a1::/48
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
00:0f:67:3b:60:41:b4:fa:52:66:59:70:46:94:1b:ae:da:8f:
0e:8a:cc:af:88:b6:b5:d6:81:00:43:4d:29:0e:6d:e9:83:2b:
a0:36:39:c7:11:74:4b:dc:a8:9a:c7:56:45:7b:48:e6:c8:bb:
43:56:44:35:79:79:e2:25:8b:c7:5a:c9:1c:4b:be:ac:d8:85:
34:53:b6:b8:d0:05:01:21:f5:3b:2e:b8:3d:ec:08:21:60:22:
ab:5c:cf:84:1d:ac:77:03:4b:b0:a9:1d:df:b7:8d:9a:bf:b8:
75:a8:c6:46:e2:35:26:5e:20:51:43:a9:d1:ac:9c:4f:1f:82:
13:da:84:66:54:cf:0e:1f:0f:df:d6:ef:01:84:28:cb:5d:7f:
de:e9:c9:e0:f6:1f:4d:d0:48:fb:c6:82:5b:03:6b:81:a7:9c:
91:e1:38:74:1f:a2:22:79:e5:7e:60:b0:9b:68:18:bc:0d:8e:
03:61:92:f5:46:46:8b:c8:47:f0:8a:05:e1:83:ed:09:4c:90:
75:20:3a:83:17:5d:5d:0c:14:b9:eb:a9:9f:34:33:7f:27:38:
0a:9d:02:e5:cb:72:e1:a0:97:ca:0b:c4:52:b7:b2:25:80:0f:
ae:65:f0:fe:ad:e8:6b:fc:aa:7c:e9:e4:d1:17:96:41:f1:5c:
cc:05:1f:ac
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZPdrGgGtQOHMpCNVaclr7WOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjQxMjE5MDY0ODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDczNWFkMmM3YmY5ZTE0OTlhNjBiMDY4ZTRiMmEzZDk4MTBjZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r+BsOGW4wMw2YEjSK/OQXVS0VYk
0LFTR/08+fD8DiXZozZ3ysVnHBtxYz0mDrXowyJdA4K15H0Ujih7Y561j8wgqz3M
0jS7/hIahhKZ38rTm+kS/GUp7QK1DjUjqFSHsHJVlS9oSPz6r7QmDHFivnj8MLQ1
0nFpv9JBKi98/HTIE/mQt0uhVfQgGE/fGrz6aUgftVXsgd+eJbT1PpnqyuBLOCQQ
6HJfl5U7jiXYavGFALz/d/G5oeUaWo1owgKZqP5TeRtA6eMtu22GM4yagaEYemlv
jD79q2JMr+EOvEzIjy6UM8jb16EmVJVBAqWA2w7YTMPAEavauFmvG4yYQwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMRzWtLHv54UmaYLBo5LKj2YEM0lMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEveEhOYTBzZV9uaFNacGdzR2prc3FQWmdRelNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQALVVJAwQA
yg5xAwQAyyEmMCEEAgACMBsDBwAqDruBAAADBwAqDruBAKEDBwAqDruBEAAwDQYJ
KoZIhvcNAQELBQADggEBAAAPZztgQbT6UmZZcEaUG67ajw6KzK+ItrXWgQBDTSkO
bemDK6A2OccRdEvcqJrHVkV7SObIu0NWRDV5eeIli8dayRxLvqzYhTRTtrjQBQEh
9TsuuD3sCCFgIqtcz4QdrHcDS7CpHd+3jZq/uHWoxkbiNSZeIFFDqdGsnE8fghPa
hGZUzw4fD9/W7wGEKMtdf97pyeD2H03QSPvGglsDa4GnnJHhOHQfoiJ55X5gsJto
GLwNjgNhkvVGRovIR/CKBeGD7QlMkHUgOoMXXV0MFLnrqZ80M38nOAqdAuXLcuGg
l8oLxFK3siWAD65l8P6t6Gv8qnzp5NEXlkHxXMwFH6w=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:50:40 2025 by rpki-client