Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3JQrmr1hDhSmSD4TAGtbOJNnw4Q.roa
File: 3JQrmr1hDhSmSD4TAGtbOJNnw4Q.roa (raw, json)
Hash identifier: LGkt+mPWeDmPLc65nzj9Z+mKD9jBBrMNONVa39chgqc=
Subject key identifier: DC:94:2B:9A:BD:61:0E:14:A6:48:3E:13:00:6B:5B:38:93:67:C3:84
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC80173D5592DDE46E7405A449E12E678
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3JQrmr1hDhSmSD4TAGtbOJNnw4Q.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210732
IP address blocks: 45.154.99.0/24 maxlen: 24
2a0c:b641:4d0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Oct 2024 06:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:73:d5:59:2d:de:46:e7:40:5a:44:9e:12:e6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc942b9abd610e14a6483e13006b5b389367c384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1a:c3:88:39:30:1f:33:76:cb:ed:38:d8:93:
1e:95:01:47:07:3b:69:71:5f:a3:32:0b:24:5a:fb:
fb:c7:eb:8c:1f:d3:38:01:4a:23:de:12:71:01:13:
3f:11:48:4d:bb:8b:8e:22:d6:7a:b0:f8:99:21:cd:
93:4f:fd:95:24:87:a5:9d:51:3c:67:b2:3a:81:4a:
ea:46:c3:54:c5:14:bd:04:44:36:43:dd:a9:dd:e8:
d2:c5:9a:10:29:3b:91:0a:2e:be:d0:e1:83:63:91:
00:2e:9b:65:91:83:a4:18:67:dd:dd:7e:8e:a0:d8:
dc:25:1e:75:d3:0b:4e:0d:68:be:bd:3d:78:f5:eb:
37:c0:e5:42:07:38:13:19:2b:7d:b5:90:7d:90:0b:
e7:d6:83:61:6e:82:67:e1:35:81:1e:ea:c3:99:99:
ca:f3:7b:2d:0a:cc:e0:e8:37:de:15:74:cc:69:de:
c1:43:b0:14:3c:ce:03:dd:1c:8c:cc:a5:b2:83:f1:
9a:84:8c:68:5d:6b:d5:99:7a:2e:cd:85:b3:ea:cf:
ea:fa:69:b7:2c:cd:82:4e:10:7a:1b:4c:53:69:ac:
18:26:20:81:bc:0b:21:03:c7:c3:5b:f2:79:3c:8c:
94:70:ec:a9:fb:88:20:e3:96:58:3b:aa:9c:51:8b:
cb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:94:2B:9A:BD:61:0E:14:A6:48:3E:13:00:6B:5B:38:93:67:C3:84
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3JQrmr1hDhSmSD4TAGtbOJNnw4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.99.0/24
IPv6:
2a0c:b641:4d0::/44
Signature Algorithm: sha256WithRSAEncryption
61:3a:05:c4:d6:fe:c5:4d:15:d0:98:cf:08:c2:b0:30:36:06:
b7:a9:26:ec:70:3b:70:01:1a:8a:91:f0:b9:e6:66:68:00:c7:
78:f9:da:0e:28:9e:8a:ad:1f:df:fa:34:3e:36:35:b4:bc:6c:
84:f1:7a:78:04:c0:82:eb:4e:e0:52:83:b7:29:b6:3c:dd:59:
97:29:d5:7a:71:21:0f:b4:7f:26:24:25:4b:5e:a0:b4:36:30:
57:90:c2:08:2e:9d:47:2f:85:8e:c6:15:f9:b1:f1:6a:92:ce:
cc:51:b7:2c:dd:2f:88:8c:d3:60:d7:17:ee:36:78:be:9a:59:
08:65:2c:cc:23:8c:95:d4:3f:fb:1a:6e:19:f7:e2:44:e5:5e:
b4:ac:ec:75:ff:1f:2e:0a:7a:a6:9b:4f:a0:7c:a4:ae:64:75:
f0:af:ec:fc:05:9b:80:e9:11:42:f6:a2:08:99:52:81:77:46:
31:34:68:01:93:e4:47:94:8f:a3:5e:12:b3:d2:da:49:42:74:
bd:c1:c0:56:55:c5:b3:67:14:0f:bc:25:4e:d6:09:28:ec:4a:
cc:a4:ef:f9:87:77:b7:0b:ae:bd:c0:6b:d2:2d:67:01:50:86:
2e:d4:1c:f2:07:b5:5f:b9:21:9e:51:2e:55:a4:73:83:74:3d:
fa:de:60:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAXPVWS3eRudAWkSeEuZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk0MmI5YWJkNjEwZTE0YTY0ODNlMTMwMDZiNWIzODkzNjdjMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhrDiDkwHzN2y+042JMelQFHBztp
cV+jMgskWvv7x+uMH9M4AUoj3hJxARM/EUhNu4uOItZ6sPiZIc2TT/2VJIelnVE8
Z7I6gUrqRsNUxRS9BEQ2Q92p3ejSxZoQKTuRCi6+0OGDY5EALptlkYOkGGfd3X6O
oNjcJR510wtODWi+vT149es3wOVCBzgTGSt9tZB9kAvn1oNhboJn4TWBHurDmZnK
83stCszg6DfeFXTMad7BQ7AUPM4D3RyMzKWyg/GahIxoXWvVmXouzYWz6s/q+mm3
LM2CThB6G0xTaawYJiCBvAshA8fDW/J5PIyUcOyp+4gg45ZYO6qcUYvLZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNyUK5q9YQ4Upkg+EwBrWziTZ8OEMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM0pRcm1yMWhEaFNtU0Q0VEFHdGJPSk5udzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZpjMA8E
AgACMAkDBwQqDLZBBNAwDQYJKoZIhvcNAQELBQADggEBAGE6BcTW/sVNFdCYzwjC
sDA2BrepJuxwO3ABGoqR8LnmZmgAx3j52g4onoqtH9/6ND42NbS8bITxengEwILr
TuBSg7cptjzdWZcp1XpxIQ+0fyYkJUteoLQ2MFeQwggunUcvhY7GFfmx8WqSzsxR
tyzdL4iM02DXF+42eL6aWQhlLMwjjJXUP/sabhn34kTlXrSs7HX/Hy4KeqabT6B8
pK5kdfCv7PwFm4DpEUL2ogiZUoF3RjE0aAGT5EeUj6NeErPS2klCdL3BwFZVxbNn
FA+8JU7WCSjsSsyk7/mHd7cLrr3Aa9ItZwFQhi7UHPIHtV+5IZ5RLlWkc4N0Pfre
YGw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:57 2025 by rpki-client