Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1cac1DjK3vduR5rfImfOzAsrwyU.roa
File: 1cac1DjK3vduR5rfImfOzAsrwyU.roa (raw, json)
Hash identifier: 9vMPKLOvfQBgTVOF2Qgn0WaQR6yyE9KYoWNmOxvdi4E=
Subject key identifier: D5:C6:9C:D4:38:CA:DE:F7:6E:47:9A:DF:22:67:CE:CC:0B:2B:C3:25
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 0194258F09CA59CDB28CB3B5ECAC54E05DB6
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1cac1DjK3vduR5rfImfOzAsrwyU.roa
Signing time: Thu 02 Jan 2025 05:48:38 +0000
ROA not before: Thu 02 Jan 2025 05:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.129.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 07:26:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:09:ca:59:cd:b2:8c:b3:b5:ec:ac:54:e0:5d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jan 2 05:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5c69cd438cadef76e479adf2267cecc0b2bc325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7b:e4:ce:26:1a:c3:ad:42:41:2a:63:6e:ef:
45:8b:f9:44:d7:03:2e:a1:ec:69:23:07:51:a9:ee:
6a:8b:50:1d:b3:50:14:60:74:22:0d:10:c9:96:4a:
e9:f7:4b:eb:6b:5a:57:0b:91:f9:c7:3d:56:7a:0d:
1f:4b:0e:ed:c0:bd:3c:2d:a5:18:0c:99:ee:1d:85:
b4:8a:c9:ba:37:7a:2a:17:3b:78:1a:ea:5c:a7:d8:
26:53:2f:94:96:43:1d:8f:f1:25:e2:c7:d8:d5:fc:
a2:00:78:aa:b5:e3:b7:89:28:73:67:b4:11:60:b3:
88:3a:83:91:69:27:a2:54:b4:7f:31:7f:31:8b:d1:
24:e3:bf:89:c7:f3:9c:9e:d6:0e:fd:13:9c:fd:e5:
27:1b:43:09:52:8c:2d:36:cb:f8:b3:d6:f3:8d:b3:
09:df:e2:43:e1:c6:4d:f1:dc:9b:48:91:77:f0:fc:
9c:a2:ab:f9:1e:c4:cb:ed:12:8f:46:b1:8c:9e:69:
ec:6a:60:78:b1:17:36:52:cd:f0:69:4c:3e:23:e1:
4b:de:60:46:42:83:e7:30:9c:e8:9c:02:c0:63:2e:
f9:d1:1c:cf:f1:70:64:fa:8f:43:3f:95:09:73:6b:
27:f5:59:bf:96:dc:71:05:81:82:02:22:fa:88:9a:
57:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C6:9C:D4:38:CA:DE:F7:6E:47:9A:DF:22:67:CE:CC:0B:2B:C3:25
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1cac1DjK3vduR5rfImfOzAsrwyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:6b:85:bd:68:04:8f:91:88:b7:60:d6:ed:4f:73:d1:9b:d7:
a9:19:90:99:c0:a1:3b:77:51:62:d3:5b:a2:a9:a7:14:f1:bd:
9d:ce:a8:49:43:eb:5c:d1:d0:c7:97:9e:fb:e8:88:46:b6:6a:
ff:f0:d4:f2:09:f5:f7:b5:49:f3:90:ce:0c:cc:71:1c:ef:b3:
f7:8b:07:29:33:2f:79:8a:fc:c4:9c:53:1c:7b:e6:23:2d:70:
87:e3:29:9c:99:84:85:a3:57:0f:69:56:c3:a8:94:56:88:0b:
cd:42:4d:0f:a1:4f:95:53:02:a6:c1:fe:6f:de:f0:b1:bc:35:
c6:61:2a:c6:37:e1:fe:65:0a:0c:ba:80:eb:b4:b0:2e:74:5a:
86:74:47:27:67:cf:94:f8:cd:4b:65:be:06:18:98:3d:75:61:
5a:cf:ad:73:2e:98:c9:4c:1d:f9:4e:78:17:1c:7d:a8:83:c7:
25:1e:6b:1c:35:4c:4a:d0:3f:12:20:be:d0:ae:40:bc:0e:87:
1b:c7:b8:9c:29:33:2c:e3:21:c0:c1:fe:82:30:f9:f5:dd:de:
0a:ae:9a:5e:0d:46:b7:d0:e3:43:ed:8b:c6:a0:ad:04:b0:47:
b0:50:dc:54:f5:70:27:67:87:c5:fe:88:0c:1b:b3:67:55:1f:
93:fc:18:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljwnKWc2yjLO17KxU4F22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwMTAyMDU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM2OWNkNDM4Y2FkZWY3NmU0NzlhZGYyMjY3Y2VjYzBiMmJjMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHvkziYaw61CQSpjbu9Fi/lE1wMu
oexpIwdRqe5qi1Ads1AUYHQiDRDJlkrp90vra1pXC5H5xz1Weg0fSw7twL08LaUY
DJnuHYW0ism6N3oqFzt4Gupcp9gmUy+UlkMdj/El4sfY1fyiAHiqteO3iShzZ7QR
YLOIOoORaSeiVLR/MX8xi9Ek47+Jx/OcntYO/ROc/eUnG0MJUowtNsv4s9bzjbMJ
3+JD4cZN8dybSJF38Pycoqv5HsTL7RKPRrGMnmnsamB4sRc2Us3waUw+I+FL3mBG
QoPnMJzonALAYy750RzP8XBk+o9DP5UJc2sn9Vm/ltxxBYGCAiL6iJpXwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXGnNQ4yt73bkea3yJnzswLK8MlMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvMWNhYzFEakszdmR1UjVyZkltZk96QXNyd3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHyMA0G
CSqGSIb3DQEBCwUAA4IBAQBda4W9aASPkYi3YNbtT3PRm9epGZCZwKE7d1Fi01ui
qacU8b2dzqhJQ+tc0dDHl5776IhGtmr/8NTyCfX3tUnzkM4MzHEc77P3iwcpMy95
ivzEnFMce+YjLXCH4ymcmYSFo1cPaVbDqJRWiAvNQk0PoU+VUwKmwf5v3vCxvDXG
YSrGN+H+ZQoMuoDrtLAudFqGdEcnZ8+U+M1LZb4GGJg9dWFaz61zLpjJTB35TngX
HH2og8clHmscNUxK0D8SIL7QrkC8Docbx7icKTMs4yHAwf6CMPn13d4KrppeDUa3
0OND7YvGoK0EsEewUNxU9XAnZ4fF/ogMG7NnVR+T/Bgv
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:05 2025 by rpki-client