Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/PKaFvje_dlBYf5rE75djJcQsYAE.roa
File: PKaFvje_dlBYf5rE75djJcQsYAE.roa (raw, json)
Hash identifier: HZVENIAYOkV9qrJOZjPrYn0geY0xtOp4OXcmQO1wdNs=
Subject key identifier: 3C:A6:85:BE:37:BF:76:50:58:7F:9A:C4:EF:97:63:25:C4:2C:60:01
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 019421B2478894DC89EF2BF65DD907F5396E
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/PKaFvje_dlBYf5rE75djJcQsYAE.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47430
IP address blocks: 45.139.9.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
2a10:ab00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 Jan 2025 08:57:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:47:88:94:dc:89:ef:2b:f6:5d:d9:07:f5:39:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca685be37bf7650587f9ac4ef976325c42c6001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:01:4c:e7:8e:dd:9f:5e:56:36:47:57:93:69:
e9:f8:3a:09:7e:a3:20:a8:de:cb:df:c9:ee:68:20:
1e:3e:ac:46:41:0f:98:8b:21:aa:c7:23:4f:83:4d:
61:a0:0b:29:37:d4:c9:15:2f:c6:b0:ad:a6:66:1f:
60:db:45:c3:90:e7:22:91:ce:34:56:e3:6e:de:0d:
02:1d:4a:1a:8a:0b:ff:14:a4:a2:f8:1a:23:15:78:
a8:ef:a9:25:c1:a4:1a:c9:48:18:13:87:38:4d:e2:
f2:29:4d:1c:17:aa:dd:a6:d1:3f:72:62:1c:02:60:
8f:c7:3e:5d:1f:f0:e5:d0:8c:1a:e5:a9:4e:78:8b:
6d:53:cc:cf:b3:aa:2e:90:45:ef:c7:fc:4f:50:53:
79:ba:aa:47:a2:c0:40:2f:31:8d:4b:c1:f0:88:d8:
12:d4:d7:47:e7:87:ff:7f:7a:c2:04:9a:0d:14:0e:
9b:f5:ad:c4:93:a7:d0:c3:e8:ab:78:05:94:34:fa:
8f:a6:6c:99:c7:7c:b7:76:eb:98:64:b7:81:54:52:
20:76:f6:63:e3:25:48:0b:7d:6a:5c:21:84:2e:49:
c8:f1:9d:3b:d5:0e:38:08:85:79:23:c3:63:5a:e8:
60:58:3b:b9:b9:eb:dd:2c:64:1d:7c:29:e8:36:e7:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A6:85:BE:37:BF:76:50:58:7F:9A:C4:EF:97:63:25:C4:2C:60:01
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/PKaFvje_dlBYf5rE75djJcQsYAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
185.105.238.0/24
IPv6:
2a10:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
25:47:e9:76:3e:c0:e7:03:68:74:f3:e0:fe:87:8c:cd:c1:a9:
1f:ec:15:83:ab:f1:0a:4f:e6:ba:cb:66:43:95:a3:64:63:6e:
33:41:1f:8b:77:90:62:7f:89:03:79:e6:a1:b7:b3:37:60:c4:
0e:a4:7a:51:6b:46:b0:71:ec:3f:af:f5:49:b7:cc:91:1d:15:
5c:a3:54:e2:ca:7e:12:c6:48:e8:00:63:7e:b4:cd:11:ba:62:
63:30:8a:73:63:fc:ad:c6:1b:e5:a4:1a:4f:8e:db:3c:2c:2f:
37:c3:97:e8:96:d8:53:dd:0b:82:fd:48:55:c6:a9:1f:66:b0:
06:ac:8a:e6:4a:f5:07:e6:9d:17:15:8b:c3:6f:c7:b6:54:ac:
d9:40:bb:69:b2:fd:02:f0:73:82:4b:2e:ef:70:f6:ef:c1:96:
bf:77:d4:f6:9c:ed:c5:db:e7:f4:f2:8b:d7:f4:6f:bd:42:af:
a6:56:a7:e2:e4:7b:87:60:ec:49:94:0b:fc:11:f9:c0:00:a3:
61:75:01:fd:b7:99:c0:16:7a:a8:83:08:fe:20:65:f3:f3:ca:
aa:e3:e9:77:5d:0d:05:82:c8:f1:a4:5b:85:eb:5a:45:8c:6c:
d0:a2:d7:38:db:b8:d4:08:c3:33:d8:6d:e2:ae:54:d7:64:2b:
ce:eb:6b:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhskeIlNyJ7yv2XdkH9TluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E2ODViZTM3YmY3NjUwNTg3ZjlhYzRlZjk3NjMyNWM0MmM2MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwFM547dn15WNkdXk2np+DoJfqMg
qN7L38nuaCAePqxGQQ+YiyGqxyNPg01hoAspN9TJFS/GsK2mZh9g20XDkOcikc40
VuNu3g0CHUoaigv/FKSi+BojFXio76klwaQayUgYE4c4TeLyKU0cF6rdptE/cmIc
AmCPxz5dH/Dl0Iwa5alOeIttU8zPs6oukEXvx/xPUFN5uqpHosBALzGNS8HwiNgS
1NdH54f/f3rCBJoNFA6b9a3Ek6fQw+ireAWUNPqPpmyZx3y3duuYZLeBVFIgdvZj
4yVIC31qXCGELknI8Z071Q44CIV5I8NjWuhgWDu5uevdLGQdfCnoNuetnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDymhb43v3ZQWH+axO+XYyXELGABMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvUEthRnZqZV9kbEJZZjVyRTc1ZGpKY1FzWUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYsJAwQA
uWnuMA0EAgACMAcDBQMqEKsAMA0GCSqGSIb3DQEBCwUAA4IBAQAlR+l2PsDnA2h0
8+D+h4zNwakf7BWDq/EKT+a6y2ZDlaNkY24zQR+Ld5Bif4kDeeaht7M3YMQOpHpR
a0awcew/r/VJt8yRHRVco1Tiyn4SxkjoAGN+tM0RumJjMIpzY/ytxhvlpBpPjts8
LC83w5folthT3QuC/UhVxqkfZrAGrIrmSvUH5p0XFYvDb8e2VKzZQLtpsv0C8HOC
Sy7vcPbvwZa/d9T2nO3F2+f08ovX9G+9Qq+mVqfi5HuHYOxJlAv8EfnAAKNhdQH9
t5nAFnqogwj+IGXz88qq4+l3XQ0FgsjxpFuF61pFjGzQotc427jUCMMz2G3irlTX
ZCvO62sP
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:12:52 2025 by rpki-client