Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PlG6a8JMsSB39AS0pvZ3-0f86EA.roa
File: PlG6a8JMsSB39AS0pvZ3-0f86EA.roa (raw, json)
Hash identifier: XwewyhGOYQ8QrKHmwEor6C4EvPp6VzFO8gtRzaVvzYo=
Subject key identifier: 3E:51:BA:6B:C2:4C:B1:20:77:F4:04:B4:A6:F6:77:FB:47:FC:E8:40
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0193FE9D8F11150AE29922D3A0B4BF285932
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PlG6a8JMsSB39AS0pvZ3-0f86EA.roa
Signing time: Wed 25 Dec 2024 16:19:18 +0000
ROA not before: Wed 25 Dec 2024 16:19:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 45.12.89.0/24 maxlen: 24
2a14:640:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fe:9d:8f:11:15:0a:e2:99:22:d3:a0:b4:bf:28:59:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Dec 25 16:19:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e51ba6bc24cb12077f404b4a6f677fb47fce840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:66:50:4e:2b:7b:99:f2:fe:a0:32:50:6b:c0:
40:79:7b:f8:65:af:91:56:0c:b3:89:5f:bd:a4:83:
98:e5:74:78:63:3b:20:dd:67:e3:56:69:b7:34:2f:
53:0c:66:62:83:29:98:15:97:a0:14:26:5d:57:41:
b9:b3:2c:91:b3:a8:1b:f2:98:e1:fc:cc:d9:c9:22:
c0:bc:25:54:b4:23:35:c0:0d:b5:2c:51:d6:03:31:
4a:f5:7f:ee:96:99:2e:7f:cd:9a:67:01:fa:ad:05:
66:b0:f5:f4:8b:51:7b:ca:05:b8:6d:49:c8:93:61:
90:88:b6:05:90:db:d3:f7:b5:31:e5:0c:8a:94:16:
93:e8:10:b7:13:1b:94:55:20:16:f4:49:1c:26:9a:
7e:6e:75:e1:e3:70:55:3b:6c:43:5e:bc:bd:48:6c:
21:1f:f9:b7:f0:cd:4e:ef:fe:04:50:fa:a4:8b:f6:
78:df:4a:8b:eb:02:bb:6c:e8:4f:64:3b:8e:e2:98:
bb:0a:d2:6a:1a:21:88:02:f9:b2:d3:f3:8e:73:81:
d0:67:d3:15:b8:c1:4d:f4:72:36:99:5a:3c:03:23:
89:0d:65:58:1d:45:1d:85:09:a4:cd:79:1a:b5:2a:
63:63:c0:4c:05:db:c0:f7:4d:a0:b0:37:4c:f3:ed:
62:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:51:BA:6B:C2:4C:B1:20:77:F4:04:B4:A6:F6:77:FB:47:FC:E8:40
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PlG6a8JMsSB39AS0pvZ3-0f86EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.89.0/24
IPv6:
2a14:640:1::/48
Signature Algorithm: sha256WithRSAEncryption
75:39:3f:55:14:12:2b:c7:cd:8b:f9:0f:10:03:5f:e6:dd:05:
37:a7:f3:fe:c5:60:ba:5f:54:41:ff:54:31:73:d7:06:a7:7b:
65:14:ec:33:c4:18:94:3b:30:4c:ff:74:a6:df:a0:76:0e:26:
3c:0b:bb:9c:cb:05:cf:1c:91:b9:d4:de:ae:fd:4a:cd:e4:51:
e0:f9:ca:2d:b0:86:ff:5b:1d:53:b7:de:28:b9:9b:92:d8:f7:
7b:b6:f6:8e:16:fc:b9:f8:e6:b7:a8:40:6c:38:e9:80:91:fd:
ca:c9:3b:d1:86:09:a4:15:46:b4:5d:db:71:58:d1:9d:d4:30:
07:23:9a:fb:72:ae:1a:74:0c:ac:21:d2:36:1a:31:df:07:fe:
3c:ac:4e:17:bf:87:74:96:00:2d:4e:8d:77:90:d1:83:6a:de:
b6:db:e3:7f:3c:53:94:ed:ba:09:4d:77:d2:4f:61:ed:bf:26:
c9:71:80:43:ce:26:0a:a2:83:fa:b6:08:31:f4:4c:95:f7:9f:
2a:78:ff:11:a7:c3:5e:76:e9:2d:de:94:6d:57:f6:47:24:6a:
f2:bb:c5:c5:3b:20:24:a5:c5:ed:52:f5:e8:5b:14:9c:a1:b1:
79:63:71:a8:96:aa:69:dc:ff:76:f0:34:03:8f:fe:08:1f:08:
83:17:ef:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZP+nY8RFQrimSLToLS/KFkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQxMjI1MTYxOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTUxYmE2YmMyNGNiMTIwNzdmNDA0YjRhNmY2NzdmYjQ3ZmNlODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWZQTit7mfL+oDJQa8BAeXv4Za+R
VgyziV+9pIOY5XR4Yzsg3WfjVmm3NC9TDGZigymYFZegFCZdV0G5syyRs6gb8pjh
/MzZySLAvCVUtCM1wA21LFHWAzFK9X/ulpkuf82aZwH6rQVmsPX0i1F7ygW4bUnI
k2GQiLYFkNvT97Ux5QyKlBaT6BC3ExuUVSAW9EkcJpp+bnXh43BVO2xDXry9SGwh
H/m38M1O7/4EUPqki/Z430qL6wK7bOhPZDuO4pi7CtJqGiGIAvmy0/OOc4HQZ9MV
uMFN9HI2mVo8AyOJDWVYHUUdhQmkzXkatSpjY8BMBdvA902gsDdM8+1ilQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5RumvCTLEgd/QEtKb2d/tH/OhAMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvUGxHNmE4Sk1zU0IzOUFTMHB2WjMtMGY4NkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQxZMA8E
AgACMAkDBwAqFAZAAAEwDQYJKoZIhvcNAQELBQADggEBAHU5P1UUEivHzYv5DxAD
X+bdBTen8/7FYLpfVEH/VDFz1wane2UU7DPEGJQ7MEz/dKbfoHYOJjwLu5zLBc8c
kbnU3q79Ss3kUeD5yi2whv9bHVO33ii5m5LY93u29o4W/Ln45reoQGw46YCR/crJ
O9GGCaQVRrRd23FY0Z3UMAcjmvtyrhp0DKwh0jYaMd8H/jysThe/h3SWAC1OjXeQ
0YNq3rbb4388U5TtuglNd9JPYe2/JslxgEPOJgqig/q2CDH0TJX3nyp4/xGnw152
6S3elG1X9kckavK7xcU7ICSlxe1S9ehbFJyhsXljcaiWqmnc/3bwNAOP/ggfCIMX
7x4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:26:01 2025 by rpki-client