Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/0zUn0YzyUAbtOjsTquUywt3c7dI.roa
File: 0zUn0YzyUAbtOjsTquUywt3c7dI.roa (raw, json)
Hash identifier: KJW4Jt6ElMiIOsmOSGg4eVmwzBXp43enI5scptKz0dY=
Subject key identifier: D3:35:27:D1:8C:F2:50:06:ED:3A:3B:13:AA:E5:32:C2:DD:DC:ED:D2
Certificate issuer: /CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Certificate serial: 018CC86F42ED17E8B7AD45FC4CA150578908
Authority key identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/0zUn0YzyUAbtOjsTquUywt3c7dI.roa
Signing time: Tue 02 Jan 2024 04:29:44 +0000
ROA not before: Tue 02 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 45.9.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:42:ed:17:e8:b7:ad:45:fc:4c:a1:50:57:89:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Validity
Not Before: Jan 2 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d33527d18cf25006ed3a3b13aae532c2dddcedd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2a:2a:5c:28:d8:72:6e:11:be:36:c5:be:06:
10:3f:16:03:fe:45:b2:6a:fc:00:74:3d:68:1d:1a:
32:a6:1b:57:37:53:aa:20:07:5d:ed:0e:cf:c4:ac:
fe:88:da:d8:49:71:69:ac:00:73:31:ac:8d:9c:2e:
e3:09:19:ef:a0:b9:98:07:51:6a:68:63:ac:22:00:
66:56:b4:ef:e1:e8:39:4d:52:b0:66:ea:91:c9:b7:
23:32:3c:08:38:00:7c:cb:24:29:cf:5f:dc:79:ff:
0e:4d:6e:b9:50:26:04:6d:c6:12:86:3c:6b:b4:e2:
ef:ac:86:bb:5b:5d:97:62:5c:3d:49:6f:2a:12:6e:
2a:f6:d0:1b:82:ac:83:41:db:34:5b:07:1f:40:5b:
11:6a:8e:b3:17:aa:eb:48:8c:ec:72:d7:e3:2e:f5:
ee:fe:ca:eb:e2:6a:ae:d6:9f:38:17:6e:b4:40:e1:
e1:2c:be:22:f3:52:f9:79:d8:86:0f:dd:da:f0:86:
22:da:f4:1f:4d:55:e0:81:82:3b:74:17:5c:6b:f9:
20:c1:68:21:32:d6:04:6d:29:af:b1:29:54:60:ae:
60:aa:97:ff:38:9a:1e:58:05:24:73:e8:fe:cd:4d:
23:ee:fc:07:e4:52:22:c1:a5:cb:15:5f:8d:a5:06:
f9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:35:27:D1:8C:F2:50:06:ED:3A:3B:13:AA:E5:32:C2:DD:DC:ED:D2
X509v3 Authority Key Identifier:
keyid:F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/0zUn0YzyUAbtOjsTquUywt3c7dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.80.0/22
Signature Algorithm: sha256WithRSAEncryption
43:f4:00:cb:36:f7:71:49:f1:80:c3:4b:cd:08:c3:61:ef:a2:
99:0e:56:ec:c3:cd:75:19:12:55:54:db:bd:2c:15:3b:e5:ac:
59:c2:5a:f7:ef:a1:24:61:e3:73:47:68:d1:fb:b5:7b:9a:b6:
79:21:bd:91:ae:b1:cf:4b:3e:49:62:26:b9:f8:c8:29:3b:10:
bf:30:55:00:e7:73:b6:9e:db:df:26:a0:bb:05:03:fa:71:e0:
cf:7f:b3:01:dc:51:f7:bb:1d:b4:75:02:e5:72:6d:08:78:b6:
64:0b:b8:d7:01:d5:c1:f8:69:f2:05:44:30:14:86:23:c8:9b:
d4:d1:19:a0:c8:09:e2:01:fc:a5:bd:ae:9f:33:cb:65:df:65:
ee:87:40:8c:81:25:5c:84:56:f3:33:de:61:fd:f9:b8:06:a4:
3a:1b:61:d5:11:12:37:46:d6:f1:eb:53:65:b3:a9:c2:e7:f4:
6b:4b:e3:52:b7:4f:fb:24:9d:4b:03:30:36:f2:ae:6f:ca:45:
10:0b:a0:3a:ab:3e:94:7e:69:6e:53:9e:ea:c1:e9:de:c8:ff:
c2:63:65:f1:53:17:72:2d:c6:1d:2e:33:6d:4c:9d:11:2f:d4:
ab:bb:04:5e:dd:fb:72:3e:7c:06:3d:9e:aa:cb:e0:6c:9f:3b:
47:c0:88:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0LtF+i3rUX8TKFQV4kIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjY3YTQwY2Y1ZTg1YzJkMmI2NTU4YjQwOTlhZjEyNWQx
MDUwZWUwHhcNMjQwMTAyMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM1MjdkMThjZjI1MDA2ZWQzYTNiMTNhYWU1MzJjMmRkZGNlZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCoqXCjYcm4RvjbFvgYQPxYD/kWy
avwAdD1oHRoyphtXN1OqIAdd7Q7PxKz+iNrYSXFprABzMayNnC7jCRnvoLmYB1Fq
aGOsIgBmVrTv4eg5TVKwZuqRybcjMjwIOAB8yyQpz1/cef8OTW65UCYEbcYShjxr
tOLvrIa7W12XYlw9SW8qEm4q9tAbgqyDQds0WwcfQFsRao6zF6rrSIzsctfjLvXu
/srr4mqu1p84F260QOHhLL4i81L5ediGD93a8IYi2vQfTVXggYI7dBdca/kgwWgh
MtYEbSmvsSlUYK5gqpf/OJoeWAUkc+j+zU0j7vwH5FIiwaXLFV+NpQb5sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNM1J9GM8lAG7To7E6rlMsLd3O3SMB8GA1UdIwQY
MBaAFPT2ekDPXoXC0rZVi0CZrxJdEFDuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBaNlFNOWVoY0xTdGxXTFFKbXZFbDBRVU80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83MDdiNGYtNmNkNi00ODhhLThkZWYt
M2E1YzcxZjg2ODIxLzEvMHpVbjBZenlVQWJ0T2pzVHF1VXl3dDNjN2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83MDdiNGYtNmNkNi00ODhhLThkZWYtM2E1YzcxZjg2ODIx
LzEvOVBaNlFNOWVoY0xTdGxXTFFKbXZFbDBRVU80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQlQMA0G
CSqGSIb3DQEBCwUAA4IBAQBD9ADLNvdxSfGAw0vNCMNh76KZDlbsw811GRJVVNu9
LBU75axZwlr376EkYeNzR2jR+7V7mrZ5Ib2RrrHPSz5JYia5+MgpOxC/MFUA53O2
ntvfJqC7BQP6ceDPf7MB3FH3ux20dQLlcm0IeLZkC7jXAdXB+GnyBUQwFIYjyJvU
0RmgyAniAfylva6fM8tl32Xuh0CMgSVchFbzM95h/fm4BqQ6G2HVERI3Rtbx61Nl
s6nC5/RrS+NSt0/7JJ1LAzA28q5vykUQC6A6qz6UfmluU57qweneyP/CY2XxUxdy
LcYdLjNtTJ0RL9SruwRe3ftyPnwGPZ6qy+BsnztHwIhP
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:17 2025 by rpki-client