Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2ea594-a2ca-4ffa-89ee-8921b0559e90/1/dSI7ZsGMvf0dLZElMRrhAW9af_o.roa
File: dSI7ZsGMvf0dLZElMRrhAW9af_o.roa (raw, json)
Hash identifier: ER7tjJUH9chUakUTkkPBm3l5SybAGxkGFw1hSCtwO1A=
Subject key identifier: 75:22:3B:66:C1:8C:BD:FD:1D:2D:91:25:31:1A:E1:01:6F:5A:7F:FA
Certificate issuer: /CN=744dd3afd7cce7ce00a9eac67e0bca99beb729aa
Certificate serial: 018CCA2BB0A5D7922E0A00A259AB3E7A2241
Authority key identifier: 74:4D:D3:AF:D7:CC:E7:CE:00:A9:EA:C6:7E:0B:CA:99:BE:B7:29:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dE3Tr9fM584AqerGfgvKmb63Kao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/2ea594-a2ca-4ffa-89ee-8921b0559e90/1/dSI7ZsGMvf0dLZElMRrhAW9af_o.roa
Signing time: Tue 02 Jan 2024 12:35:10 +0000
ROA not before: Tue 02 Jan 2024 12:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197922
IP address blocks: 45.81.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b0:a5:d7:92:2e:0a:00:a2:59:ab:3e:7a:22:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=744dd3afd7cce7ce00a9eac67e0bca99beb729aa
Validity
Not Before: Jan 2 12:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75223b66c18cbdfd1d2d9125311ae1016f5a7ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:b1:80:21:92:0c:f8:2c:b0:6b:b2:1f:1f:
db:6d:17:a0:b5:dd:6d:ab:76:6f:6d:24:bc:2d:77:
50:09:d5:bc:23:83:93:96:4e:d9:4c:50:7b:8a:ca:
5a:77:d6:f4:7f:81:e2:27:e1:8e:61:ce:ad:d2:11:
3c:ae:ca:4e:47:3f:62:90:3b:b5:90:99:94:f2:e0:
21:fb:2b:27:ac:f0:28:d8:76:51:e3:57:1c:0a:75:
35:e6:f4:02:16:86:5e:15:b5:18:b2:4d:16:7c:7c:
43:99:52:e9:78:81:0d:c9:eb:12:e3:ff:8f:5c:18:
48:79:0e:32:13:4a:6d:30:8c:83:e1:d5:6c:07:ad:
51:4b:a1:ba:61:8f:cc:d5:31:a3:6c:d0:c7:14:19:
e7:17:8d:4f:03:3e:c0:b9:52:15:14:22:78:0f:e7:
bf:6a:34:a7:73:10:b2:52:d3:18:bd:2c:f7:17:2e:
0c:dc:40:52:65:83:e4:0a:a4:5e:6f:cc:ac:95:d6:
ff:f9:2f:e9:b5:b0:30:d8:aa:ed:ea:7a:96:04:1f:
6c:45:81:1e:1e:cb:fe:ac:68:79:b0:7b:a2:8d:bd:
d5:17:9f:75:98:36:e3:f0:d3:60:96:07:21:21:97:
00:22:5f:a3:42:81:5f:23:ce:e3:db:a5:d2:31:c1:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:22:3B:66:C1:8C:BD:FD:1D:2D:91:25:31:1A:E1:01:6F:5A:7F:FA
X509v3 Authority Key Identifier:
keyid:74:4D:D3:AF:D7:CC:E7:CE:00:A9:EA:C6:7E:0B:CA:99:BE:B7:29:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dE3Tr9fM584AqerGfgvKmb63Kao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2ea594-a2ca-4ffa-89ee-8921b0559e90/1/dSI7ZsGMvf0dLZElMRrhAW9af_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2ea594-a2ca-4ffa-89ee-8921b0559e90/1/dE3Tr9fM584AqerGfgvKmb63Kao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.84.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:b1:23:5d:14:8a:16:92:69:df:58:ac:42:3c:d7:2a:89:02:
ed:b3:7b:ea:1d:5a:e1:05:3c:b9:61:03:28:95:15:84:d9:0c:
eb:df:fa:6e:7f:18:5e:99:5d:0c:0f:81:72:ce:f6:96:a5:63:
cb:ee:91:21:18:d2:60:df:cc:43:85:ba:67:7c:ff:9b:6a:90:
cb:ba:66:4f:32:30:b1:f5:a6:ff:0b:27:76:e6:4b:2b:51:a8:
c6:39:fa:2a:09:14:d4:5c:cc:cd:bf:04:9e:ac:3e:b6:eb:81:
57:85:72:01:65:2b:c3:72:13:00:1d:f6:bc:dd:e6:ea:ad:ae:
03:01:be:8c:f8:cd:90:cf:16:51:33:fe:17:c6:34:ee:8b:34:
f8:76:af:51:0d:91:ed:99:1e:4f:53:1f:1d:ae:88:8f:5b:47:
22:38:30:85:56:05:cd:72:c0:ab:90:61:24:49:d0:27:5f:2e:
a7:c2:a9:cb:06:1a:f9:1c:3f:da:57:0e:25:30:ae:7d:32:d0:
c4:c2:8b:c6:91:f9:f4:53:b7:15:3f:3a:c9:43:07:29:7a:d2:
aa:b1:36:48:27:fa:e9:d7:83:3c:4c:ad:f2:f9:c0:47:6c:b2:
02:cd:77:a7:21:a9:d4:f8:a9:09:24:8c:46:c8:7b:bd:96:df:
4d:8d:e3:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7Cl15IuCgCiWas+eiJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NGRkM2FmZDdjY2U3Y2UwMGE5ZWFjNjdlMGJjYTk5YmVi
NzI5YWEwHhcNMjQwMTAyMTIzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIyM2I2NmMxOGNiZGZkMWQyZDkxMjUzMTFhZTEwMTZmNWE3ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zmxgCGSDPgssGuyHx/bbRegtd1t
q3ZvbSS8LXdQCdW8I4OTlk7ZTFB7ispad9b0f4HiJ+GOYc6t0hE8rspORz9ikDu1
kJmU8uAh+ysnrPAo2HZR41ccCnU15vQCFoZeFbUYsk0WfHxDmVLpeIENyesS4/+P
XBhIeQ4yE0ptMIyD4dVsB61RS6G6YY/M1TGjbNDHFBnnF41PAz7AuVIVFCJ4D+e/
ajSncxCyUtMYvSz3Fy4M3EBSZYPkCqReb8ysldb/+S/ptbAw2Krt6nqWBB9sRYEe
Hsv+rGh5sHuijb3VF591mDbj8NNglgchIZcAIl+jQoFfI87j26XSMcEQkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUiO2bBjL39HS2RJTEa4QFvWn/6MB8GA1UdIwQY
MBaAFHRN06/XzOfOAKnqxn4Lypm+tymqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEUzVHI5Zk01ODRBcWVyR2ZndkttYjYzS2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZWE1OTQtYTJjYS00ZmZhLTg5ZWUt
ODkyMWIwNTU5ZTkwLzEvZFNJN1pzR012ZjBkTFpFbE1ScmhBVzlhZl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yZWE1OTQtYTJjYS00ZmZhLTg5ZWUtODkyMWIwNTU5ZTkw
LzEvZEUzVHI5Zk01ODRBcWVyR2ZndkttYjYzS2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVFUMA0G
CSqGSIb3DQEBCwUAA4IBAQBOsSNdFIoWkmnfWKxCPNcqiQLts3vqHVrhBTy5YQMo
lRWE2Qzr3/pufxhemV0MD4FyzvaWpWPL7pEhGNJg38xDhbpnfP+bapDLumZPMjCx
9ab/Cyd25ksrUajGOfoqCRTUXMzNvwSerD6264FXhXIBZSvDchMAHfa83ebqra4D
Ab6M+M2QzxZRM/4XxjTuizT4dq9RDZHtmR5PUx8droiPW0ciODCFVgXNcsCrkGEk
SdAnXy6nwqnLBhr5HD/aVw4lMK59MtDEwovGkfn0U7cVPzrJQwcpetKqsTZIJ/rp
14M8TK3y+cBHbLICzXenIanU+KkJJIxGyHu9lt9NjeMV
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:20:54 2025 by rpki-client