Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/cT1Zvw3I2vCpKAR0Z04etWCZAro.roa
File: cT1Zvw3I2vCpKAR0Z04etWCZAro.roa (raw, json)
Hash identifier: mpyjGUJcSBmWHU6z411HLFni4LlOVKMI4MFocEd/Or8=
Subject key identifier: 71:3D:59:BF:0D:C8:DA:F0:A9:28:04:74:67:4E:1E:B5:60:99:02:BA
Certificate issuer: /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Certificate serial: 01934ACCB587ACB48D795C1C5DCF8A226839
Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/cT1Zvw3I2vCpKAR0Z04etWCZAro.roa
Signing time: Wed 20 Nov 2024 18:19:10 +0000
ROA not before: Wed 20 Nov 2024 18:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15879
IP address blocks: 45.80.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 22:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:cc:b5:87:ac:b4:8d:79:5c:1c:5d:cf:8a:22:68:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Validity
Not Before: Nov 20 18:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=713d59bf0dc8daf0a9280474674e1eb5609902ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:b8:38:61:13:22:2f:6f:20:ae:a5:48:d1:
aa:25:7d:8d:52:66:26:2a:9c:70:02:d6:18:dc:b1:
f0:0b:f4:a4:d5:87:d4:00:1b:01:60:3c:e8:05:80:
1d:a2:32:1f:95:d7:03:44:11:79:71:a2:7d:b1:0b:
6f:72:ab:e3:77:4e:e0:2d:be:3f:32:ef:35:c7:a8:
92:88:27:25:43:d3:d3:64:64:7f:f2:6f:80:b5:7e:
72:13:95:11:f2:3a:39:5b:3c:c6:74:92:c5:a2:cd:
60:8b:1a:d4:f8:6e:b1:95:40:6a:4f:10:6f:ba:b2:
e4:a1:d2:58:2e:bb:cf:c6:96:b3:23:b5:dc:2f:f9:
70:3b:bf:27:b1:51:bc:75:f3:01:05:00:76:d0:d3:
0e:ca:ba:ce:fc:fe:13:2f:95:61:8b:52:9e:9a:9e:
09:36:97:2f:ae:c6:71:fa:08:82:27:9b:fd:a8:7e:
51:36:ba:26:ae:7a:05:ee:e3:d4:3a:34:46:e8:22:
94:a4:1b:62:7e:55:59:ed:e6:15:a3:e9:d8:2a:12:
90:25:5d:85:df:d4:94:b1:96:00:a1:b8:a3:e4:4f:
14:c1:7b:86:3e:77:c0:f5:05:7f:14:aa:8f:71:a8:
5d:4d:52:4c:ed:b2:47:0b:0b:83:e4:2b:e1:46:8a:
0c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3D:59:BF:0D:C8:DA:F0:A9:28:04:74:67:4E:1E:B5:60:99:02:BA
X509v3 Authority Key Identifier:
keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/cT1Zvw3I2vCpKAR0Z04etWCZAro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.232.0/22
Signature Algorithm: sha256WithRSAEncryption
39:ee:f6:4c:99:d1:15:88:93:54:28:b7:0e:04:81:74:89:f1:
a9:13:57:6e:69:48:d7:0b:fb:b1:31:f8:46:ed:b2:d3:3a:44:
d3:35:50:c1:c1:25:cd:b3:3c:2d:34:5c:3e:b0:5e:7e:94:94:
c3:4b:c1:0b:8e:cf:bb:b0:f7:1c:98:07:a3:10:46:f3:d3:43:
81:69:7d:97:8d:8a:6f:32:4c:b2:1f:4c:8d:20:c1:30:7b:1f:
a1:a9:3c:b2:90:44:86:3b:89:c5:99:19:64:04:04:04:19:5e:
ce:a4:9b:03:fb:03:fd:9d:0b:5e:35:b2:99:86:9f:79:95:e1:
64:74:a1:a3:67:2d:6a:e4:b1:56:69:e8:d4:85:5f:09:1e:dc:
a0:6e:6a:a3:05:74:35:2f:a4:95:d3:76:c9:e3:8b:4c:5b:a7:
91:5e:3a:6f:8c:ca:af:1b:3a:0a:5a:d7:86:1d:7a:7e:21:d2:
8b:29:3d:49:e3:10:03:00:03:08:1f:4d:a2:c0:8d:ab:de:1f:
90:ad:11:08:f7:f6:c3:98:e1:e8:78:50:be:69:0b:48:8b:dc:
10:3b:82:12:d1:3e:57:72:f4:fd:c7:9f:66:4a:e9:07:d6:e6:
5b:19:39:1f:66:f1:fa:fc:84:6e:00:e4:2a:ea:fc:71:06:67:
d5:11:89:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNKzLWHrLSNeVwcXc+KImg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2
MDQ2ODkwHhcNMjQxMTIwMTgxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTNkNTliZjBkYzhkYWYwYTkyODA0NzQ2NzRlMWViNTYwOTkwMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNe4OGETIi9vIK6lSNGqJX2NUmYm
KpxwAtYY3LHwC/Sk1YfUABsBYDzoBYAdojIfldcDRBF5caJ9sQtvcqvjd07gLb4/
Mu81x6iSiCclQ9PTZGR/8m+AtX5yE5UR8jo5WzzGdJLFos1gixrU+G6xlUBqTxBv
urLkodJYLrvPxpazI7XcL/lwO78nsVG8dfMBBQB20NMOyrrO/P4TL5Vhi1Kemp4J
NpcvrsZx+giCJ5v9qH5RNromrnoF7uPUOjRG6CKUpBtiflVZ7eYVo+nYKhKQJV2F
39SUsZYAobij5E8UwXuGPnfA9QV/FKqPcahdTVJM7bJHCwuD5CvhRooMKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHE9Wb8NyNrwqSgEdGdOHrVgmQK6MB8GA1UdIwQY
MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt
Mzg1NTY5OGZiNTdmLzEvY1QxWnZ3M0kydkNwS0FSMFowNGV0V0NaQXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm
LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVDoMA0G
CSqGSIb3DQEBCwUAA4IBAQA57vZMmdEViJNUKLcOBIF0ifGpE1duaUjXC/uxMfhG
7bLTOkTTNVDBwSXNszwtNFw+sF5+lJTDS8ELjs+7sPccmAejEEbz00OBaX2XjYpv
MkyyH0yNIMEwex+hqTyykESGO4nFmRlkBAQEGV7OpJsD+wP9nQteNbKZhp95leFk
dKGjZy1q5LFWaejUhV8JHtygbmqjBXQ1L6SV03bJ44tMW6eRXjpvjMqvGzoKWteG
HXp+IdKLKT1J4xADAAMIH02iwI2r3h+QrREI9/bDmOHoeFC+aQtIi9wQO4IS0T5X
cvT9x59mSukH1uZbGTkfZvH6/IRuAOQq6vxxBmfVEYnu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:24 2025 by rpki-client