Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/54e78c-5dd0-4f26-b56e-eb306a8d4ab5/1/oqxTCAmCl2WLiRDH6SX2pC6NhkU.roa
File: oqxTCAmCl2WLiRDH6SX2pC6NhkU.roa (raw, json)
Hash identifier: qWjSDqiHzXC0eeOtKxXp3P2Q5RA/sChhsXmsKlL/vh4=
Subject key identifier: A2:AC:53:08:09:82:97:65:8B:89:10:C7:E9:25:F6:A4:2E:8D:86:45
Certificate issuer: /CN=2d26fe9a7e21a773f61d65123f83e2828fd0429f
Certificate serial: 01946C0444571A548BEAC112F02E62AA4389
Authority key identifier: 2D:26:FE:9A:7E:21:A7:73:F6:1D:65:12:3F:83:E2:82:8F:D0:42:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSb-mn4hp3P2HWUSP4Pigo_QQp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/54e78c-5dd0-4f26-b56e-eb306a8d4ab5/1/oqxTCAmCl2WLiRDH6SX2pC6NhkU.roa
Signing time: Wed 15 Jan 2025 22:10:06 +0000
ROA not before: Wed 15 Jan 2025 22:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35075
IP address blocks: 45.11.48.0/24 maxlen: 24
45.11.49.0/24 maxlen: 24
45.11.50.0/24 maxlen: 24
45.11.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 17:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6c:04:44:57:1a:54:8b:ea:c1:12:f0:2e:62:aa:43:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d26fe9a7e21a773f61d65123f83e2828fd0429f
Validity
Not Before: Jan 15 22:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2ac5308098297658b8910c7e925f6a42e8d8645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a0:85:83:27:c6:55:3d:1c:52:54:ab:08:38:
99:31:c0:31:be:eb:26:00:fc:bc:e6:78:a7:95:1c:
c6:1f:6a:20:d7:c3:fa:ad:b4:66:71:1b:38:8f:a9:
dd:57:72:ec:a2:f7:80:f4:2f:d5:b6:a0:e7:89:d2:
6c:73:d1:fb:22:8d:fb:d0:aa:94:c2:6a:7c:21:67:
5d:02:1f:02:03:0a:10:46:90:af:b7:0d:84:47:bd:
08:bd:9c:89:00:90:ee:5e:2b:2e:25:ca:e1:09:57:
b8:92:8d:5e:20:af:b9:a1:d0:47:40:e7:3f:1b:48:
21:8e:bf:c7:09:de:3a:92:5c:01:f2:33:94:ca:6a:
33:ab:3d:73:78:d7:25:4d:b6:85:77:60:e9:70:84:
52:69:fe:c2:dd:3a:b7:c3:10:40:7d:5e:75:3d:41:
4d:a2:76:4a:f2:00:71:e8:67:36:72:e8:30:a3:5b:
9c:e5:89:7c:72:30:cd:c0:e0:5a:e3:9e:70:53:9c:
26:ac:13:21:53:02:ea:a6:57:6c:c0:ae:bb:d4:37:
5d:d3:fb:64:2c:2a:f4:b9:6f:7f:3a:bb:98:2f:5c:
df:74:1c:35:46:41:36:65:04:40:75:4d:bd:3a:0c:
1d:81:dc:aa:7e:0b:a2:c6:29:7a:d1:aa:c2:73:3c:
c3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AC:53:08:09:82:97:65:8B:89:10:C7:E9:25:F6:A4:2E:8D:86:45
X509v3 Authority Key Identifier:
keyid:2D:26:FE:9A:7E:21:A7:73:F6:1D:65:12:3F:83:E2:82:8F:D0:42:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSb-mn4hp3P2HWUSP4Pigo_QQp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/54e78c-5dd0-4f26-b56e-eb306a8d4ab5/1/oqxTCAmCl2WLiRDH6SX2pC6NhkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/54e78c-5dd0-4f26-b56e-eb306a8d4ab5/1/LSb-mn4hp3P2HWUSP4Pigo_QQp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.48.0/22
Signature Algorithm: sha256WithRSAEncryption
40:f9:3c:98:6d:b5:b1:a3:67:01:fe:8f:07:dd:b5:5e:22:19:
55:1a:07:1c:0a:45:6c:ec:0d:9c:a0:ac:c2:dd:9d:1c:58:af:
bf:7b:ee:99:de:92:5d:2f:50:e2:2b:fa:1e:80:f4:ba:f4:71:
22:2b:5f:4f:0c:87:2c:72:e5:b7:db:55:5c:b0:df:ae:cf:73:
8e:55:40:ca:a8:07:73:b2:ca:76:fa:c6:b0:20:0f:36:7a:14:
25:ef:69:d5:75:58:31:79:a4:a3:5c:31:f3:6b:79:a1:8d:9e:
87:ff:06:e8:d1:4c:ab:d7:cb:9d:f4:3a:45:c7:29:6e:96:e4:
0f:3a:a0:99:21:c4:f0:26:b3:b6:cb:21:06:67:ac:9e:57:be:
36:cc:2c:53:86:61:fc:13:48:27:e1:03:ee:11:5c:bd:84:9e:
22:24:de:9a:c8:33:fc:e9:ae:12:10:e3:07:f4:1a:a7:19:58:
90:da:11:8f:8e:ba:5b:79:d4:00:3b:2c:db:b7:3c:da:4d:d3:
d2:3b:f3:13:e1:5c:63:43:d5:ed:a7:a3:81:61:a2:46:0b:98:
56:20:b2:fa:44:21:71:fa:b6:d1:9b:69:7b:8d:0f:49:1b:a7:
a7:74:11:0c:14:80:53:72:70:90:b2:b9:94:c2:ce:1b:8d:b5:
3a:de:46:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRsBERXGlSL6sES8C5iqkOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjZmZTlhN2UyMWE3NzNmNjFkNjUxMjNmODNlMjgyOGZk
MDQyOWYwHhcNMjUwMTE1MjIxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFjNTMwODA5ODI5NzY1OGI4OTEwYzdlOTI1ZjZhNDJlOGQ4NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqCFgyfGVT0cUlSrCDiZMcAxvusm
APy85ninlRzGH2og18P6rbRmcRs4j6ndV3LsoveA9C/VtqDnidJsc9H7Io370KqU
wmp8IWddAh8CAwoQRpCvtw2ER70IvZyJAJDuXisuJcrhCVe4ko1eIK+5odBHQOc/
G0ghjr/HCd46klwB8jOUymozqz1zeNclTbaFd2DpcIRSaf7C3Tq3wxBAfV51PUFN
onZK8gBx6Gc2cugwo1uc5Yl8cjDNwOBa455wU5wmrBMhUwLqpldswK671Ddd0/tk
LCr0uW9/OruYL1zfdBw1RkE2ZQRAdU29Ogwdgdyqfguixil60arCczzD/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKsUwgJgpdli4kQx+kl9qQujYZFMB8GA1UdIwQY
MBaAFC0m/pp+Iadz9h1lEj+D4oKP0EKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNiLW1uNGhwM1AySFdVU1A0UGlnb19RUXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81NGU3OGMtNWRkMC00ZjI2LWI1NmUt
ZWIzMDZhOGQ0YWI1LzEvb3F4VENBbUNsMldMaVJESDZTWDJwQzZOaGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81NGU3OGMtNWRkMC00ZjI2LWI1NmUtZWIzMDZhOGQ0YWI1
LzEvTFNiLW1uNGhwM1AySFdVU1A0UGlnb19RUXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQswMA0G
CSqGSIb3DQEBCwUAA4IBAQBA+TyYbbWxo2cB/o8H3bVeIhlVGgccCkVs7A2coKzC
3Z0cWK+/e+6Z3pJdL1DiK/oegPS69HEiK19PDIcscuW321VcsN+uz3OOVUDKqAdz
ssp2+sawIA82ehQl72nVdVgxeaSjXDHza3mhjZ6H/wbo0Uyr18ud9DpFxyluluQP
OqCZIcTwJrO2yyEGZ6yeV742zCxThmH8E0gn4QPuEVy9hJ4iJN6ayDP86a4SEOMH
9BqnGViQ2hGPjrpbedQAOyzbtzzaTdPSO/MT4VxjQ9Xtp6OBYaJGC5hWILL6RCFx
+rbRm2l7jQ9JG6endBEMFIBTcnCQsrmUws4bjbU63kZR
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:39:34 2025 by rpki-client