Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/1nPQwKLsA6baNw3i9BaHyWcFMiY.roa
File: 1nPQwKLsA6baNw3i9BaHyWcFMiY.roa (raw, json)
Hash identifier: bWHRaNEz2yjJBtTl8lQNotYxKhBtU0hoGbU0T9RojWY=
Subject key identifier: D6:73:D0:C0:A2:EC:03:A6:DA:37:0D:E2:F4:16:87:C9:67:05:32:26
Certificate issuer: /CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Certificate serial: 018CC86F431F2DC8EA3C63C656F50C905D1D
Authority key identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/1nPQwKLsA6baNw3i9BaHyWcFMiY.roa
Signing time: Tue 02 Jan 2024 04:29:44 +0000
ROA not before: Tue 02 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43467
IP address blocks: 45.9.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:43:1f:2d:c8:ea:3c:63:c6:56:f5:0c:90:5d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Validity
Not Before: Jan 2 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d673d0c0a2ec03a6da370de2f41687c967053226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7d:6b:af:da:6d:48:a5:26:5e:fc:ad:01:d7:
b7:7a:42:70:ac:40:88:9b:e7:ac:b8:84:1d:46:3d:
62:31:45:54:2f:2f:0d:03:62:04:fe:63:05:82:bc:
f2:3b:87:c7:9c:6f:8c:e4:5b:b9:89:ac:2b:e5:5a:
76:69:f3:9d:71:91:c6:b6:f0:d0:52:22:69:9b:f8:
4b:8f:5d:22:28:fe:03:8b:41:21:64:0a:30:d1:05:
ea:44:c0:77:17:0c:e3:22:b4:2a:92:2d:fc:dd:e3:
4b:3e:40:bd:a3:cd:c3:35:f0:96:a1:39:f4:3a:52:
5e:3b:a1:5f:cd:75:33:c4:1b:79:9f:bf:39:f2:30:
85:c4:2e:4c:19:67:2a:14:4a:21:49:58:7b:d2:be:
7e:90:df:3d:40:11:ad:d8:f2:a5:b2:16:29:ef:0a:
0f:44:28:10:b0:5b:2a:09:d4:ad:eb:cd:6a:89:72:
7e:26:18:66:a1:bb:d5:47:5a:17:b6:ec:a7:0f:1a:
5d:09:e0:d5:a3:14:c4:9a:d0:81:da:7a:34:13:c0:
45:f2:7a:ec:db:68:63:19:0c:0f:5d:6d:78:ec:4f:
0b:e7:85:4d:31:8a:32:7b:02:6d:91:e1:cc:57:f9:
b2:ee:d5:8c:a5:fb:fe:ef:dc:20:5a:34:2d:e0:09:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:73:D0:C0:A2:EC:03:A6:DA:37:0D:E2:F4:16:87:C9:67:05:32:26
X509v3 Authority Key Identifier:
keyid:F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/1nPQwKLsA6baNw3i9BaHyWcFMiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.80.0/22
Signature Algorithm: sha256WithRSAEncryption
66:b9:16:5d:83:38:de:4b:47:ae:6d:a7:62:ce:8a:29:24:44:
cd:75:36:1d:6f:58:f6:3f:e2:46:94:af:14:a6:b1:53:eb:eb:
c5:ea:4b:6e:ac:a6:fa:df:b4:b5:7a:7f:d5:49:f9:21:cc:5d:
24:ba:c0:5f:1a:ad:f0:4e:5a:e3:cb:7a:2f:bc:72:71:53:94:
28:30:b6:0a:56:12:77:10:1e:78:17:3a:14:c9:d0:f8:43:f9:
48:12:e7:d5:73:b5:f2:bf:0c:00:39:0c:bd:6f:44:62:2c:d8:
5a:c0:9e:97:c0:76:48:6f:44:52:2c:7f:6a:ec:90:62:73:74:
6b:ae:05:84:f7:bd:3c:1a:84:9e:f4:84:c8:74:52:35:1e:86:
c7:50:d5:d0:2e:23:d9:d1:15:61:ce:e5:fd:43:fb:8d:d1:c1:
c1:3b:57:21:e2:8c:73:14:a8:22:98:9f:47:60:6a:47:97:c5:
f8:5e:a6:c8:39:95:44:e0:d3:9a:66:83:07:99:1e:27:18:d4:
34:01:47:50:cc:09:f1:5b:05:c8:d1:b4:2c:b2:70:8a:24:45:
c2:69:39:1c:06:c0:92:70:69:4c:ff:50:73:08:b8:e9:29:aa:
e5:42:42:52:a4:dc:1e:e4:ca:62:62:cf:aa:3f:1c:f9:1d:27:
dd:ca:93:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0MfLcjqPGPGVvUMkF0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjY3YTQwY2Y1ZTg1YzJkMmI2NTU4YjQwOTlhZjEyNWQx
MDUwZWUwHhcNMjQwMTAyMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjczZDBjMGEyZWMwM2E2ZGEzNzBkZTJmNDE2ODdjOTY3MDUzMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH1rr9ptSKUmXvytAde3ekJwrECI
m+esuIQdRj1iMUVULy8NA2IE/mMFgrzyO4fHnG+M5Fu5iawr5Vp2afOdcZHGtvDQ
UiJpm/hLj10iKP4Di0EhZAow0QXqRMB3FwzjIrQqki383eNLPkC9o83DNfCWoTn0
OlJeO6FfzXUzxBt5n7858jCFxC5MGWcqFEohSVh70r5+kN89QBGt2PKlshYp7woP
RCgQsFsqCdSt681qiXJ+JhhmobvVR1oXtuynDxpdCeDVoxTEmtCB2no0E8BF8nrs
22hjGQwPXW147E8L54VNMYoyewJtkeHMV/my7tWMpfv+79wgWjQt4Al+UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZz0MCi7AOm2jcN4vQWh8lnBTImMB8GA1UdIwQY
MBaAFPT2ekDPXoXC0rZVi0CZrxJdEFDuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBaNlFNOWVoY0xTdGxXTFFKbXZFbDBRVU80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83MDdiNGYtNmNkNi00ODhhLThkZWYt
M2E1YzcxZjg2ODIxLzEvMW5QUXdLTHNBNmJhTnczaTlCYUh5V2NGTWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83MDdiNGYtNmNkNi00ODhhLThkZWYtM2E1YzcxZjg2ODIx
LzEvOVBaNlFNOWVoY0xTdGxXTFFKbXZFbDBRVU80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQlQMA0G
CSqGSIb3DQEBCwUAA4IBAQBmuRZdgzjeS0eubadizoopJETNdTYdb1j2P+JGlK8U
prFT6+vF6kturKb637S1en/VSfkhzF0kusBfGq3wTlrjy3ovvHJxU5QoMLYKVhJ3
EB54FzoUydD4Q/lIEufVc7XyvwwAOQy9b0RiLNhawJ6XwHZIb0RSLH9q7JBic3Rr
rgWE9708GoSe9ITIdFI1HobHUNXQLiPZ0RVhzuX9Q/uN0cHBO1ch4oxzFKgimJ9H
YGpHl8X4XqbIOZVE4NOaZoMHmR4nGNQ0AUdQzAnxWwXI0bQssnCKJEXCaTkcBsCS
cGlM/1BzCLjpKarlQkJSpNwe5MpiYs+qPxz5HSfdypOL
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:16:37 2025 by rpki-client