Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/NFAabQkN72dm-j30tOeWkOW7VRo.roa
File: NFAabQkN72dm-j30tOeWkOW7VRo.roa (raw, json)
Hash identifier: jALRLS+OzZd33yjM0E1iHRwXHy5EHrGT3mxBgU8DRSg=
Subject key identifier: 34:50:1A:6D:09:0D:EF:67:66:FA:3D:F4:B4:E7:96:90:E5:BB:55:1A
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 019418F297795601D261E7612840DBDABA2E
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/NFAabQkN72dm-j30tOeWkOW7VRo.roa
Signing time: Mon 30 Dec 2024 19:02:19 +0000
ROA not before: Mon 30 Dec 2024 19:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60064
IP address blocks: 212.46.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:f2:97:79:56:01:d2:61:e7:61:28:40:db:da:ba:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Dec 30 19:02:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34501a6d090def6766fa3df4b4e79690e5bb551a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:03:f2:80:c1:b8:96:f5:28:be:e6:ab:6d:f6:
f9:86:02:ad:18:c2:34:3f:e8:96:63:81:ec:77:cb:
d2:18:88:ac:9b:95:0a:74:da:58:d9:06:06:5f:ed:
3a:be:63:b6:54:2c:6a:cb:c2:ce:ae:5b:b2:51:f7:
a9:2b:c7:62:68:20:b9:44:1b:cf:20:03:7f:97:6d:
27:1d:73:41:97:52:6c:2a:a6:8d:55:ae:61:d4:d4:
64:6f:d8:2e:b9:f5:6e:34:b1:69:22:9b:f4:33:27:
b4:fb:2a:15:f8:78:0d:74:70:58:89:59:2e:d7:3d:
a6:01:03:7c:a0:b2:cd:59:cb:42:8d:07:35:75:1f:
c7:ed:32:b9:3a:25:80:55:18:cf:76:05:fc:18:3c:
0a:03:02:36:79:ec:1e:32:da:11:c5:51:e3:74:de:
fc:9b:5f:c3:6e:43:c0:7e:6a:1e:71:1f:48:5a:0c:
1c:b0:fc:a2:fb:f7:96:5b:e6:04:81:e9:a5:64:86:
e5:b5:e0:e0:d8:54:2f:15:44:c0:a8:40:d3:53:4f:
ea:44:cf:da:2f:38:86:92:00:9f:3c:91:2a:17:34:
6f:01:e3:be:3f:c8:6a:9b:b7:3a:27:fb:4a:41:ce:
32:a7:ed:df:9e:04:fc:d8:2c:4d:2e:23:18:20:f3:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:50:1A:6D:09:0D:EF:67:66:FA:3D:F4:B4:E7:96:90:E5:BB:55:1A
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/NFAabQkN72dm-j30tOeWkOW7VRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:11:49:58:2f:b2:8a:b4:57:d0:89:ab:04:fe:e6:f0:1f:b5:
8d:f3:b6:36:2e:05:b4:6c:03:fd:ee:74:ae:91:03:03:9b:5f:
0e:f8:84:94:30:7a:27:db:26:41:80:35:13:3e:f0:8c:3c:73:
d4:05:f3:48:01:29:d9:61:88:18:e9:51:1b:bf:4f:66:95:d5:
76:85:c5:b5:ac:72:34:83:0c:9a:a1:30:cd:2a:3b:ff:83:64:
fc:c1:e9:d5:4c:ee:34:62:22:63:95:2b:f0:e8:7e:69:24:b3:
a9:47:c1:90:ea:7e:7a:55:d4:fe:db:09:28:68:e8:f6:d4:92:
fc:c0:38:8f:96:4d:07:7b:64:15:2c:f1:e2:d8:37:c8:a3:9d:
6b:1d:b7:63:18:35:e1:3f:d9:2e:77:47:7d:0c:dc:d0:b9:e4:
2d:44:3e:d2:5b:75:e5:70:17:08:ad:eb:74:67:3e:b3:1d:e5:
37:a2:35:7f:57:f0:12:1c:ac:d5:33:3f:1c:c3:c7:bf:7d:b8:
03:b9:46:31:75:8c:24:f5:fc:fd:78:07:1d:01:af:9d:f0:c0:
36:84:07:20:f7:36:09:48:13:05:f4:ef:23:e2:80:48:8e:02:
2e:31:15:08:c5:47:0b:e3:aa:e9:f5:a3:6c:78:fe:3a:6c:f8:
9b:9a:ca:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQY8pd5VgHSYedhKEDb2rouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMjMwMTkwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDUwMWE2ZDA5MGRlZjY3NjZmYTNkZjRiNGU3OTY5MGU1YmI1NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wPygMG4lvUovuarbfb5hgKtGMI0
P+iWY4Hsd8vSGIism5UKdNpY2QYGX+06vmO2VCxqy8LOrluyUfepK8diaCC5RBvP
IAN/l20nHXNBl1JsKqaNVa5h1NRkb9guufVuNLFpIpv0Mye0+yoV+HgNdHBYiVku
1z2mAQN8oLLNWctCjQc1dR/H7TK5OiWAVRjPdgX8GDwKAwI2eeweMtoRxVHjdN78
m1/DbkPAfmoecR9IWgwcsPyi+/eWW+YEgemlZIblteDg2FQvFUTAqEDTU0/qRM/a
LziGkgCfPJEqFzRvAeO+P8hqm7c6J/tKQc4yp+3fngT82CxNLiMYIPNsewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRQGm0JDe9nZvo99LTnlpDlu1UaMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvTkZBYWJRa043MmRtLWozMHRPZVdrT1c3VlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C4rMA0G
CSqGSIb3DQEBCwUAA4IBAQBuEUlYL7KKtFfQiasE/ubwH7WN87Y2LgW0bAP97nSu
kQMDm18O+ISUMHon2yZBgDUTPvCMPHPUBfNIASnZYYgY6VEbv09mldV2hcW1rHI0
gwyaoTDNKjv/g2T8wenVTO40YiJjlSvw6H5pJLOpR8GQ6n56VdT+2wkoaOj21JL8
wDiPlk0He2QVLPHi2DfIo51rHbdjGDXhP9kud0d9DNzQueQtRD7SW3XlcBcIret0
Zz6zHeU3ojV/V/ASHKzVMz8cw8e/fbgDuUYxdYwk9fz9eAcdAa+d8MA2hAcg9zYJ
SBMF9O8j4oBIjgIuMRUIxUcL46rp9aNseP46bPibmsrn
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:45 2025 by rpki-client