Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a00641-3084-41e2-90a6-b35f6a7b7208/1/R1HeFi-5mU0DwfjG_FraMbxWmCY.roa
File: R1HeFi-5mU0DwfjG_FraMbxWmCY.roa (raw, json)
Hash identifier: JrtHzSQh4jiiosRp5/gyE/W/Czc9L78fnNoBXs+vFUw=
Subject key identifier: 47:51:DE:16:2F:B9:99:4D:03:C1:F8:C6:FC:5A:DA:31:BC:56:98:26
Certificate issuer: /CN=e9ccdf695989379f3984c18641e937ebb682259b
Certificate serial: 018E2D50AC75C0D7F2E706562002CD6ECEA4
Authority key identifier: E9:CC:DF:69:59:89:37:9F:39:84:C1:86:41:E9:37:EB:B6:82:25:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6czfaVmJN585hMGGQek367aCJZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a00641-3084-41e2-90a6-b35f6a7b7208/1/R1HeFi-5mU0DwfjG_FraMbxWmCY.roa
Signing time: Mon 11 Mar 2024 11:40:45 +0000
ROA not before: Mon 11 Mar 2024 11:40:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.9.128.0/24 maxlen: 24
45.9.129.0/24 maxlen: 24
45.9.130.0/24 maxlen: 24
45.9.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 08:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:50:ac:75:c0:d7:f2:e7:06:56:20:02:cd:6e:ce:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9ccdf695989379f3984c18641e937ebb682259b
Validity
Not Before: Mar 11 11:40:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4751de162fb9994d03c1f8c6fc5ada31bc569826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fb:9f:6d:21:66:9f:6a:cd:bd:cc:d4:ca:99:
2c:e0:87:8d:78:3a:e1:e8:14:82:20:c2:53:b6:70:
b3:29:36:8f:3e:ac:a9:11:75:57:18:57:e0:c5:91:
80:8e:22:5d:0e:fc:ba:83:d9:5f:db:2a:8a:84:88:
45:e1:da:9a:49:79:cc:54:6b:e7:b8:f3:a7:2d:52:
6e:9a:dd:84:6e:b7:e6:3b:8a:3d:31:b6:ea:82:d0:
c7:41:9c:d6:3e:38:eb:83:e3:20:4c:7b:d6:f4:3a:
c7:8b:e5:48:d8:36:d0:61:0b:9c:5a:da:dd:46:09:
2a:4d:f0:26:4f:bd:ed:57:9d:c8:59:0d:80:29:2c:
79:ff:60:14:6a:3f:61:3d:23:e6:cb:68:28:67:d7:
d6:c9:3e:1c:ec:4b:bc:5c:f4:df:6e:60:66:73:96:
da:8e:66:6b:84:c9:04:60:41:26:3a:4f:94:70:42:
eb:69:59:4a:ab:5e:d6:22:a5:d0:87:18:c8:88:e2:
8d:72:06:6a:f7:f6:b7:a9:d6:51:71:45:47:b0:97:
4a:a0:f5:8b:43:47:a3:bf:d2:70:8b:84:16:89:a6:
a4:c9:39:b0:29:2b:34:9d:1f:23:1c:d0:06:dc:30:
ff:5c:65:1d:ce:d6:dc:d7:ba:50:a8:6b:dd:33:e8:
29:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:51:DE:16:2F:B9:99:4D:03:C1:F8:C6:FC:5A:DA:31:BC:56:98:26
X509v3 Authority Key Identifier:
keyid:E9:CC:DF:69:59:89:37:9F:39:84:C1:86:41:E9:37:EB:B6:82:25:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6czfaVmJN585hMGGQek367aCJZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a00641-3084-41e2-90a6-b35f6a7b7208/1/R1HeFi-5mU0DwfjG_FraMbxWmCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a00641-3084-41e2-90a6-b35f6a7b7208/1/6czfaVmJN585hMGGQek367aCJZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.128.0/22
Signature Algorithm: sha256WithRSAEncryption
31:d0:ea:18:a8:60:22:1d:ec:c7:e6:51:8c:e3:42:ca:4c:b3:
3b:23:bf:bd:a6:c9:e3:94:d5:fd:e8:ee:9e:a7:34:7f:2c:14:
ba:06:38:15:f7:31:56:de:32:6a:ee:9a:cc:68:19:0d:77:61:
2c:01:5b:84:27:fe:b4:be:de:99:da:bc:c6:f2:13:c3:a2:02:
70:95:ec:7f:19:14:c4:92:ef:f0:2c:1e:37:5e:e5:28:5b:3a:
96:82:80:9a:62:c2:15:47:7f:f4:65:be:73:a2:a4:cf:1e:f4:
34:f0:75:6d:52:55:0f:0f:82:95:4c:02:09:dd:77:08:3a:2a:
98:b1:cf:f4:1e:ef:b2:79:85:da:1d:05:1a:14:83:c0:58:67:
f0:09:d5:da:f8:e0:20:b1:ff:ef:0a:38:18:ea:75:e8:cd:68:
fd:1f:cf:6e:1d:25:6c:bf:9e:5c:44:ee:9d:a5:8e:6a:22:0e:
fa:1c:55:47:72:25:5e:11:24:b6:18:37:40:fd:f4:84:ba:c8:
5c:09:6c:72:98:62:a4:8b:a0:35:f1:f8:44:48:37:8c:59:11:
be:38:73:5a:48:b8:60:6d:a7:ff:95:7f:56:71:7a:07:01:60:
b3:19:df:94:14:2f:fc:57:73:e4:17:41:b2:8d:06:5d:b8:84:
9e:da:24:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4tUKx1wNfy5wZWIALNbs6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5Y2NkZjY5NTk4OTM3OWYzOTg0YzE4NjQxZTkzN2ViYjY4
MjI1OWIwHhcNMjQwMzExMTE0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzUxZGUxNjJmYjk5OTRkMDNjMWY4YzZmYzVhZGEzMWJjNTY5ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvufbSFmn2rNvczUypks4IeNeDrh
6BSCIMJTtnCzKTaPPqypEXVXGFfgxZGAjiJdDvy6g9lf2yqKhIhF4dqaSXnMVGvn
uPOnLVJumt2EbrfmO4o9MbbqgtDHQZzWPjjrg+MgTHvW9DrHi+VI2DbQYQucWtrd
RgkqTfAmT73tV53IWQ2AKSx5/2AUaj9hPSPmy2goZ9fWyT4c7Eu8XPTfbmBmc5ba
jmZrhMkEYEEmOk+UcELraVlKq17WIqXQhxjIiOKNcgZq9/a3qdZRcUVHsJdKoPWL
Q0ejv9Jwi4QWiaakyTmwKSs0nR8jHNAG3DD/XGUdztbc17pQqGvdM+gpGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdR3hYvuZlNA8H4xvxa2jG8VpgmMB8GA1UdIwQY
MBaAFOnM32lZiTefOYTBhkHpN+u2giWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmN6ZmFWbUpONTg1aE1HR1FlazM2N2FDSlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hMDA2NDEtMzA4NC00MWUyLTkwYTYt
YjM1ZjZhN2I3MjA4LzEvUjFIZUZpLTVtVTBEd2ZqR19GcmFNYnhXbUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hMDA2NDEtMzA4NC00MWUyLTkwYTYtYjM1ZjZhN2I3MjA4
LzEvNmN6ZmFWbUpONTg1aE1HR1FlazM2N2FDSlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAx0OoYqGAiHezH5lGM40LKTLM7I7+9psnjlNX96O6e
pzR/LBS6BjgV9zFW3jJq7prMaBkNd2EsAVuEJ/60vt6Z2rzG8hPDogJwlex/GRTE
ku/wLB43XuUoWzqWgoCaYsIVR3/0Zb5zoqTPHvQ08HVtUlUPD4KVTAIJ3XcIOiqY
sc/0Hu+yeYXaHQUaFIPAWGfwCdXa+OAgsf/vCjgY6nXozWj9H89uHSVsv55cRO6d
pY5qIg76HFVHciVeESS2GDdA/fSEushcCWxymGKki6A18fhESDeMWRG+OHNaSLhg
baf/lX9WcXoHAWCzGd+UFC/8V3PkF0GyjQZduISe2iSJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:01 2025 by rpki-client