Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/tuR-bAIHQTgiIhqtCMMofltF22k.roa
File: tuR-bAIHQTgiIhqtCMMofltF22k.roa (raw, json)
Hash identifier: X8hq0XqUyn/Y1w0Vbj86rlzaZPZ3/5xZx7WaGMdEvAw=
Subject key identifier: B6:E4:7E:6C:02:07:41:38:22:22:1A:AD:08:C3:28:7E:5B:45:DB:69
Certificate issuer: /CN=5c61dcd3eb50c83d68060bcba4af152204193503
Certificate serial: 018DFAC4A6EB45807CC63092F3DBB66457AE
Authority key identifier: 5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/tuR-bAIHQTgiIhqtCMMofltF22k.roa
Signing time: Fri 01 Mar 2024 16:06:48 +0000
ROA not before: Fri 01 Mar 2024 16:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208570
IP address blocks: 45.128.120.0/22 maxlen: 24
45.128.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 18:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:c4:a6:eb:45:80:7c:c6:30:92:f3:db:b6:64:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61dcd3eb50c83d68060bcba4af152204193503
Validity
Not Before: Mar 1 16:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6e47e6c0207413822221aad08c3287e5b45db69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:56:39:a6:9b:08:72:a4:a7:35:05:85:af:12:
51:a3:ae:16:99:1c:76:ce:53:0e:c2:99:e1:64:e8:
35:1f:cd:ba:b3:07:77:5a:c2:9d:10:ad:33:86:6c:
76:49:6a:d7:cb:96:bc:e3:87:07:95:37:92:60:10:
f4:f9:4f:d8:43:7b:a8:c2:35:c3:39:ea:cf:1c:48:
df:ec:a2:f8:75:f9:08:18:9c:27:32:c2:31:72:80:
0a:fe:04:7b:c9:31:7c:85:d1:6a:22:09:34:3c:53:
a4:71:e0:22:49:fb:ba:ed:0c:0e:b6:74:74:47:83:
05:55:04:8b:13:ff:d7:a8:a2:aa:29:6c:7a:98:7f:
25:d5:34:81:0e:79:96:df:7f:01:db:33:d4:f9:8d:
f1:4a:9a:fd:88:60:64:86:eb:16:9b:61:89:27:bd:
f0:a1:65:60:10:e7:b6:cb:83:cf:94:c8:1a:a2:06:
26:1b:8a:69:0d:42:5d:12:aa:a1:b4:55:0c:df:ba:
e2:88:f6:29:70:e5:54:2f:49:23:59:10:63:47:4a:
94:f5:e8:01:69:38:5c:4b:9c:e2:ae:9f:58:18:2b:
f7:c1:40:90:55:2a:72:13:c6:1f:b6:f4:02:c0:6a:
9f:5e:49:c7:74:44:0b:b2:53:8a:35:73:13:e0:f5:
0f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E4:7E:6C:02:07:41:38:22:22:1A:AD:08:C3:28:7E:5B:45:DB:69
X509v3 Authority Key Identifier:
keyid:5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/tuR-bAIHQTgiIhqtCMMofltF22k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.120.0/22
Signature Algorithm: sha256WithRSAEncryption
16:05:c0:44:f4:59:25:8b:80:8a:3d:ba:05:c7:89:28:9b:4c:
e8:a6:54:fc:3a:4e:a5:46:86:22:18:b1:25:7b:b0:04:b0:40:
7f:9e:b8:86:1e:86:b3:99:04:04:7d:80:c3:dc:38:f0:4c:dd:
fb:82:89:bb:fc:2d:66:f5:32:01:1a:2f:fe:e4:fd:7b:fa:54:
e4:a9:32:20:b3:62:c4:20:fb:dc:e7:f4:4d:a9:82:c1:4f:25:
46:7e:3c:53:cb:7c:18:c5:c1:7f:e7:f6:75:d6:43:2e:de:30:
9a:f7:1e:f3:ff:ce:b4:0a:6e:b9:7f:b2:48:1c:c4:ef:96:b7:
0e:ca:df:49:74:bd:a0:f9:74:89:9f:ca:40:8b:6b:39:c1:dc:
63:85:09:8b:7b:ba:25:a2:81:8f:82:a9:aa:85:d5:18:0b:e6:
fc:d5:e8:4b:af:a3:6c:a4:d6:0c:14:9f:10:a9:f2:bf:9f:37:
5b:74:12:68:59:92:fb:b1:19:d2:af:d5:26:d0:30:ba:ac:4a:
e2:f5:8d:64:8c:6b:8e:ad:fb:49:1f:4d:6d:10:29:08:21:7a:
16:03:50:72:67:64:e6:c9:4e:bc:ee:5b:33:bb:80:a6:6c:50:
6d:8f:c1:fa:13:39:35:06:2b:73:6e:45:c4:f9:5e:9d:05:5c:
d2:cb:46:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY36xKbrRYB8xjCS89u2ZFeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFkY2QzZWI1MGM4M2Q2ODA2MGJjYmE0YWYxNTIyMDQx
OTM1MDMwHhcNMjQwMzAxMTYwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmU0N2U2YzAyMDc0MTM4MjIyMjFhYWQwOGMzMjg3ZTViNDVkYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVY5ppsIcqSnNQWFrxJRo64WmRx2
zlMOwpnhZOg1H826swd3WsKdEK0zhmx2SWrXy5a844cHlTeSYBD0+U/YQ3uowjXD
OerPHEjf7KL4dfkIGJwnMsIxcoAK/gR7yTF8hdFqIgk0PFOkceAiSfu67QwOtnR0
R4MFVQSLE//XqKKqKWx6mH8l1TSBDnmW338B2zPU+Y3xSpr9iGBkhusWm2GJJ73w
oWVgEOe2y4PPlMgaogYmG4ppDUJdEqqhtFUM37riiPYpcOVUL0kjWRBjR0qU9egB
aThcS5zirp9YGCv3wUCQVSpyE8YftvQCwGqfXknHdEQLslOKNXMT4PUPTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbkfmwCB0E4IiIarQjDKH5bRdtpMB8GA1UdIwQY
MBaAFFxh3NPrUMg9aAYLy6SvFSIEGTUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2Qt
YzM2ZDFjNDYwZTJmLzEvdHVSLWJBSUhRVGdpSWhxdENNTW9mbHRGMjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2QtYzM2ZDFjNDYwZTJm
LzEvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYB4MA0G
CSqGSIb3DQEBCwUAA4IBAQAWBcBE9Fkli4CKPboFx4kom0zoplT8Ok6lRoYiGLEl
e7AEsEB/nriGHoazmQQEfYDD3DjwTN37gom7/C1m9TIBGi/+5P17+lTkqTIgs2LE
IPvc5/RNqYLBTyVGfjxTy3wYxcF/5/Z11kMu3jCa9x7z/860Cm65f7JIHMTvlrcO
yt9JdL2g+XSJn8pAi2s5wdxjhQmLe7olooGPgqmqhdUYC+b81ehLr6NspNYMFJ8Q
qfK/nzdbdBJoWZL7sRnSr9Um0DC6rEri9Y1kjGuOrftJH01tECkIIXoWA1ByZ2Tm
yU687lszu4CmbFBtj8H6Ezk1BitzbkXE+V6dBVzSy0YA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:32 2025 by rpki-client