Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/r2zsPN0dt8URUvNC_POjH2-v2XU.roa
File: r2zsPN0dt8URUvNC_POjH2-v2XU.roa (raw, json)
Hash identifier: GfHFOi6gg2b/+uEcEPx6gNlJx3ZfLkE5LWlntJMaME0=
Subject key identifier: AF:6C:EC:3C:DD:1D:B7:C5:11:52:F3:42:FC:F3:A3:1F:6F:AF:D9:75
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019422FC44BFD612F97B93930A0935B86CDC
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/r2zsPN0dt8URUvNC_POjH2-v2XU.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61344
IP address blocks: 45.66.250.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 26 Feb 2025 07:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:44:bf:d6:12:f9:7b:93:93:0a:09:35:b8:6c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af6cec3cdd1db7c51152f342fcf3a31f6fafd975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:a1:b1:23:11:62:6a:15:68:75:8a:5e:07:
a7:27:cc:ca:24:29:7d:fc:07:17:45:4d:9d:e3:42:
29:36:03:bb:05:af:87:3d:4a:71:bb:79:e4:e0:05:
6a:13:1f:03:d9:c4:4b:40:d1:2d:bc:df:e0:2c:f3:
cf:cd:bc:d2:c2:ae:11:2e:08:77:12:26:7a:36:cf:
2e:5e:09:8d:16:cf:4b:ac:fd:ec:b5:cd:43:01:1e:
aa:c5:68:9f:f9:a2:9f:79:a3:b7:19:50:d2:cf:36:
90:d5:0b:1e:1c:99:d6:02:19:ed:bc:b7:3e:f5:d8:
39:7c:da:7d:81:34:50:53:35:09:57:0f:9b:8f:3c:
f5:2a:38:9d:33:2a:43:a3:07:d1:1c:12:9d:e6:72:
6e:ab:4a:d9:3e:94:4c:43:a9:d7:15:34:52:38:27:
62:41:cb:5e:36:69:87:e2:c1:d6:eb:e5:26:13:78:
e7:02:94:1a:c0:de:28:92:cb:27:c3:04:c7:8d:81:
3d:3d:0a:f1:d4:9a:a3:51:f8:a6:0b:52:74:1a:39:
94:0e:e9:55:d9:2b:70:a4:5c:c4:61:cb:b1:b1:48:
69:3b:e9:26:e6:26:b1:b2:e6:cc:5d:09:5d:e0:c5:
68:c1:e0:b8:62:7b:a8:a7:30:1a:8c:5b:eb:13:5b:
cd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6C:EC:3C:DD:1D:B7:C5:11:52:F3:42:FC:F3:A3:1F:6F:AF:D9:75
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/r2zsPN0dt8URUvNC_POjH2-v2XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.250.0/23
Signature Algorithm: sha256WithRSAEncryption
61:c4:28:ab:15:17:a9:5b:c2:65:0c:5a:9a:e1:e2:6f:26:84:
05:a2:71:13:46:25:ac:aa:9b:55:bb:5a:2b:03:8b:1b:ea:ee:
7b:66:bb:2e:68:48:e0:cc:16:1d:0b:2d:8b:ee:e7:b6:41:0c:
f5:02:57:56:6c:96:c7:bd:a4:41:fa:c1:aa:66:ec:59:b5:90:
2b:7f:41:52:d2:c1:b0:e6:1f:cd:fa:16:87:85:d5:08:51:a3:
22:c1:e6:6d:35:48:7a:67:80:56:0e:c2:03:44:a7:b6:4f:fb:
ca:3f:64:16:68:78:5b:fe:1b:ad:23:4d:c6:5c:6b:67:a3:6e:
eb:b3:11:14:75:c8:8e:29:5e:e6:3a:ab:21:d4:ae:8a:ed:c7:
87:16:6b:df:67:ba:d9:d4:77:7f:73:0c:3c:e2:66:69:9b:ca:
86:cc:37:c1:bf:54:5b:22:55:4c:3f:d1:93:2d:6e:91:8e:1a:
49:22:81:1c:f2:b6:6e:8e:c4:9b:ad:64:e5:8d:7e:2b:51:71:
58:7c:e6:f3:25:5b:9c:f9:fa:dd:8e:db:d7:ef:22:68:23:77:
30:0b:df:10:d7:33:a2:19:16:10:49:0c:c1:93:2f:2a:09:8f:
fd:68:34:1c:cb:53:c1:1d:19:6f:57:45:92:ab:41:c9:f3:84:
14:88:aa:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/ES/1hL5e5OTCgk1uGzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZjZWMzY2RkMWRiN2M1MTE1MmYzNDJmY2YzYTMxZjZmYWZkOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNGhsSMRYmoVaHWKXgenJ8zKJCl9
/AcXRU2d40IpNgO7Ba+HPUpxu3nk4AVqEx8D2cRLQNEtvN/gLPPPzbzSwq4RLgh3
EiZ6Ns8uXgmNFs9LrP3stc1DAR6qxWif+aKfeaO3GVDSzzaQ1QseHJnWAhntvLc+
9dg5fNp9gTRQUzUJVw+bjzz1KjidMypDowfRHBKd5nJuq0rZPpRMQ6nXFTRSOCdi
QcteNmmH4sHW6+UmE3jnApQawN4okssnwwTHjYE9PQrx1JqjUfimC1J0GjmUDulV
2StwpFzEYcuxsUhpO+km5iaxsubMXQld4MVoweC4YnuopzAajFvrE1vNRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9s7DzdHbfFEVLzQvzzox9vr9l1MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvcjJ6c1BOMGR0OFVSVXZOQ19QT2pIMi12MlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUL6MA0G
CSqGSIb3DQEBCwUAA4IBAQBhxCirFRepW8JlDFqa4eJvJoQFonETRiWsqptVu1or
A4sb6u57ZrsuaEjgzBYdCy2L7ue2QQz1AldWbJbHvaRB+sGqZuxZtZArf0FS0sGw
5h/N+haHhdUIUaMiweZtNUh6Z4BWDsIDRKe2T/vKP2QWaHhb/hutI03GXGtno27r
sxEUdciOKV7mOqsh1K6K7ceHFmvfZ7rZ1Hd/cww84mZpm8qGzDfBv1RbIlVMP9GT
LW6RjhpJIoEc8rZujsSbrWTljX4rUXFYfObzJVuc+frdjtvX7yJoI3cwC98Q1zOi
GRYQSQzBky8qCY/9aDQcy1PBHRlvV0WSq0HJ84QUiKoC
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:12 2025 by rpki-client