Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/rpArow-HqjjiXjXk81X25O1MWOI.roa
File: rpArow-HqjjiXjXk81X25O1MWOI.roa (raw, json)
Hash identifier: 9fdCKZHiM0TeDSDMF5NIb7v4SNVEnFMhLK8G2VBzDI8=
Subject key identifier: AE:90:2B:A3:0F:87:AA:38:E2:5E:35:E4:F3:55:F6:E4:ED:4C:58:E2
Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Certificate serial: 0193886D1455E1ED5F62C0FCA4FF8B1FCC4E
Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/rpArow-HqjjiXjXk81X25O1MWOI.roa
Signing time: Mon 02 Dec 2024 17:31:10 +0000
ROA not before: Mon 02 Dec 2024 17:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44841
IP address blocks: 45.153.248.0/22 maxlen: 24
185.170.9.0/24 maxlen: 24
2a10:f9c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:6d:14:55:e1:ed:5f:62:c0:fc:a4:ff:8b:1f:cc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Validity
Not Before: Dec 2 17:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae902ba30f87aa38e25e35e4f355f6e4ed4c58e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6d:99:64:ee:b1:d2:84:69:7d:65:cf:20:10:
b4:b9:e9:5d:da:24:11:01:b3:dc:29:9c:65:e1:d2:
e1:f0:5c:22:d4:ac:4d:fe:ba:27:07:f3:c2:0e:b3:
b2:da:dc:9b:10:13:30:f9:ee:63:01:61:5f:d4:82:
cd:40:3f:b8:42:34:97:9c:59:58:c7:60:1e:39:c7:
ef:57:43:e9:73:f7:a9:a9:cb:b7:6c:e3:c3:bb:e3:
fb:2c:91:31:50:6f:3f:d5:36:04:74:90:1c:d7:86:
e9:47:86:72:b8:dc:2e:16:aa:08:d0:48:5f:8f:ff:
70:14:3f:3e:c0:b3:66:cf:e4:31:7e:56:b3:15:5e:
97:a9:7d:5c:ed:b0:5e:d2:b5:ab:30:74:75:47:5a:
d7:7c:10:6d:d7:82:42:3c:37:f7:5a:eb:56:f9:d5:
c9:25:c1:3c:6c:fb:d5:4a:f6:c2:00:74:05:a1:41:
00:ff:54:70:68:04:7e:9b:e8:58:a5:35:4c:9f:4f:
fb:f9:03:09:c6:0f:ee:93:ec:be:50:2c:3d:9e:c4:
f0:39:b6:82:ed:ca:57:ba:d8:9e:9b:4b:44:f8:a0:
97:7a:b6:53:b4:ab:61:94:cc:ce:9a:3d:72:9d:0b:
18:e5:d1:d3:a2:0e:28:f8:c1:54:83:2f:8f:7a:d4:
83:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:90:2B:A3:0F:87:AA:38:E2:5E:35:E4:F3:55:F6:E4:ED:4C:58:E2
X509v3 Authority Key Identifier:
keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/rpArow-HqjjiXjXk81X25O1MWOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.248.0/22
185.170.9.0/24
IPv6:
2a10:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
06:2a:87:63:de:8e:bb:d6:ac:e7:44:d8:cc:4f:c8:a3:4a:88:
03:56:44:89:a7:b9:ef:ee:00:03:e7:c0:a8:b0:a6:9a:49:34:
5f:e6:c7:dd:a8:74:dd:ab:6e:7b:94:b1:69:f0:d1:d6:78:c1:
30:16:35:f8:c3:20:e6:f8:0b:8c:f2:52:14:ee:17:67:38:20:
6c:3d:f7:eb:5c:a9:59:17:d5:69:25:c6:34:11:16:fe:b1:05:
bd:83:dd:92:91:2f:69:56:b4:53:92:4a:12:3c:d8:9d:79:a4:
47:6e:55:5b:df:4d:f2:58:da:f8:bc:e5:f3:5b:cc:47:03:07:
87:c7:28:08:a3:8b:54:79:8e:80:c1:f4:84:50:95:9d:3d:33:
77:a7:11:46:60:a5:24:a3:c3:5a:60:b9:f7:b3:4c:b6:4e:47:
5f:74:a0:75:f7:dc:aa:2c:82:8b:75:d3:3c:fc:2c:2c:15:1a:
fb:d8:43:a9:bb:a6:60:25:44:7d:9f:9f:43:5d:87:f1:4b:ac:
95:d1:e8:e1:4c:29:e2:3b:ab:8d:cd:9b:15:c7:27:3f:7a:fc:
92:03:96:0f:3e:89:c3:2d:d8:46:d3:95:6f:e7:26:b4:be:6b:
76:28:93:e7:45:bc:71:e6:61:a6:6d:2e:1c:91:e9:1f:cc:b4:
29:4e:de:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOIbRRV4e1fYsD8pP+LH8xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm
YTQ0YTAwHhcNMjQxMjAyMTczMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkwMmJhMzBmODdhYTM4ZTI1ZTM1ZTRmMzU1ZjZlNGVkNGM1OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG2ZZO6x0oRpfWXPIBC0ueld2iQR
AbPcKZxl4dLh8Fwi1KxN/ronB/PCDrOy2tybEBMw+e5jAWFf1ILNQD+4QjSXnFlY
x2AeOcfvV0Ppc/epqcu3bOPDu+P7LJExUG8/1TYEdJAc14bpR4ZyuNwuFqoI0Ehf
j/9wFD8+wLNmz+QxflazFV6XqX1c7bBe0rWrMHR1R1rXfBBt14JCPDf3WutW+dXJ
JcE8bPvVSvbCAHQFoUEA/1RwaAR+m+hYpTVMn0/7+QMJxg/uk+y+UCw9nsTwObaC
7cpXutiem0tE+KCXerZTtKthlMzOmj1ynQsY5dHTog4o+MFUgy+PetSDFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK6QK6MPh6o44l415PNV9uTtTFjiMB8GA1UdIwQY
MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt
YjhiMWU0YjRlY2I5LzEvcnBBcm93LUhxamppWGpYazgxWDI1TzFNV09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5
LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZn4AwQA
uaoJMA0EAgACMAcDBQMqEPnAMA0GCSqGSIb3DQEBCwUAA4IBAQAGKodj3o671qzn
RNjMT8ijSogDVkSJp7nv7gAD58CosKaaSTRf5sfdqHTdq257lLFp8NHWeMEwFjX4
wyDm+AuM8lIU7hdnOCBsPffrXKlZF9VpJcY0ERb+sQW9g92SkS9pVrRTkkoSPNid
eaRHblVb303yWNr4vOXzW8xHAweHxygIo4tUeY6AwfSEUJWdPTN3pxFGYKUko8Na
YLn3s0y2TkdfdKB199yqLIKLddM8/CwsFRr72EOpu6ZgJUR9n59DXYfxS6yV0ejh
TCniO6uNzZsVxyc/evySA5YPPonDLdhG05Vv5ya0vmt2KJPnRbxx5mGmbS4ckekf
zLQpTt5r
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:32 2025 by rpki-client