Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/DkMhjhcdFBU_UX27HKMTHjO86DQ.roa
File: DkMhjhcdFBU_UX27HKMTHjO86DQ.roa (raw, json)
Hash identifier: XHkv/mIUMbpzQvVlhpbQ9zPXPIL5Q9RBZZ7aahs8AxU=
Subject key identifier: 0E:43:21:8E:17:1D:14:15:3F:51:7D:BB:1C:A3:13:1E:33:BC:E8:34
Certificate issuer: /CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Certificate serial: 018CC726BC32B3448272CB125D1554B855D4
Authority key identifier: 8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/DkMhjhcdFBU_UX27HKMTHjO86DQ.roa
Signing time: Mon 01 Jan 2024 22:30:53 +0000
ROA not before: Mon 01 Jan 2024 22:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208327
IP address blocks: 45.145.92.0/22 maxlen: 22
2a0c:4d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:bc:32:b3:44:82:72:cb:12:5d:15:54:b8:55:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Validity
Not Before: Jan 1 22:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e43218e171d14153f517dbb1ca3131e33bce834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a1:f6:78:18:ec:78:4a:c8:d3:42:83:04:3a:
6e:ae:06:6c:96:9b:59:90:79:f9:08:b9:79:ea:e8:
0f:3e:59:5c:8c:e5:99:b9:9f:93:2e:5c:e7:eb:de:
32:ee:d6:ba:7c:3b:0b:ce:54:c0:2c:fe:00:53:3e:
3e:78:9d:6c:07:ce:69:6f:55:fc:8c:e1:2a:39:aa:
bb:aa:a7:bf:ba:44:3d:14:9c:2f:a6:c5:95:a1:d7:
bf:4d:f7:5e:21:cb:66:6f:5d:da:28:5c:8b:75:5a:
35:15:a2:58:71:b8:b3:ea:21:70:bf:bd:83:65:3e:
4e:42:72:be:2d:7c:f7:a8:0e:dd:f1:39:58:07:43:
c4:64:4b:34:ac:88:75:ff:1f:f3:05:35:44:2a:eb:
e7:16:b6:bf:42:d1:63:e9:1c:95:07:b9:fb:86:97:
2b:b8:02:ac:ea:0f:32:b6:38:bf:4a:5d:31:a6:b7:
22:32:09:78:7b:13:88:fd:97:6c:44:75:7b:b4:a6:
d9:73:20:5b:45:9c:1a:4b:b4:5d:c3:87:40:a6:78:
fd:73:63:7f:33:a9:d2:bc:3e:68:70:d7:55:90:0f:
59:b4:a6:1e:9e:ce:5e:db:59:f0:ce:15:82:52:bc:
ec:2a:6e:31:80:16:a8:b2:02:32:d1:42:2e:36:91:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:43:21:8E:17:1D:14:15:3F:51:7D:BB:1C:A3:13:1E:33:BC:E8:34
X509v3 Authority Key Identifier:
keyid:8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/DkMhjhcdFBU_UX27HKMTHjO86DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/jaYOkADHWnXWfjf-B7FOB7IsWIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.92.0/22
IPv6:
2a0c:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
31:89:0b:3d:7d:b8:c1:71:ac:ca:2c:08:fd:60:35:2e:89:30:
a5:f6:e9:71:50:d2:44:8c:e6:3e:4e:cf:b1:79:ce:cc:32:b7:
e4:45:4d:da:92:a6:36:d9:21:5c:c3:a2:53:92:83:5f:fa:ac:
24:62:29:c8:32:44:23:f0:03:18:79:ed:0c:75:2e:f3:24:35:
01:bf:8a:c4:ef:c1:48:33:60:da:11:52:90:cc:b8:aa:20:aa:
de:65:c4:1f:10:39:65:b3:cf:11:44:b0:ca:3c:95:85:c2:c9:
31:47:55:35:52:a2:c6:31:45:30:7f:94:89:b2:82:9b:05:6d:
47:d3:94:32:92:d9:b6:85:28:3d:99:d5:96:2d:f7:32:8b:7c:
de:4a:3e:6c:71:46:be:e5:46:94:8c:55:83:67:8e:b7:54:c4:
d7:fd:2c:3d:34:1b:10:6e:50:6a:2f:d7:99:4e:e4:b9:4c:66:
34:08:33:65:e3:f3:3c:91:e9:d8:cf:62:3a:9b:37:65:65:d7:
39:f5:1c:59:2d:41:c4:f7:46:44:b2:15:88:78:27:e0:16:38:
1c:a6:49:33:a8:d8:99:98:3b:68:8f:56:8f:5c:86:fa:1c:3f:
48:3a:ad:b8:de:ee:b2:a5:71:98:4c:7b:59:24:bd:d5:1f:2f:
a2:37:1f:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJrwys0SCcssSXRVUuFXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTYwZTkwMDBjNzVhNzVkNjdlMzdmZTA3YjE0ZTA3YjIy
YzU4ODcwHhcNMjQwMTAxMjIzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQzMjE4ZTE3MWQxNDE1M2Y1MTdkYmIxY2EzMTMxZTMzYmNlODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqH2eBjseErI00KDBDpurgZslptZ
kHn5CLl56ugPPllcjOWZuZ+TLlzn694y7ta6fDsLzlTALP4AUz4+eJ1sB85pb1X8
jOEqOaq7qqe/ukQ9FJwvpsWVode/TfdeIctmb13aKFyLdVo1FaJYcbiz6iFwv72D
ZT5OQnK+LXz3qA7d8TlYB0PEZEs0rIh1/x/zBTVEKuvnFra/QtFj6RyVB7n7hpcr
uAKs6g8ytji/Sl0xprciMgl4exOI/ZdsRHV7tKbZcyBbRZwaS7Rdw4dApnj9c2N/
M6nSvD5ocNdVkA9ZtKYens5e21nwzhWCUrzsKm4xgBaosgIy0UIuNpH9SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA5DIY4XHRQVP1F9uxyjEx4zvOg0MB8GA1UdIwQY
MBaAFI2mDpAAx1p11n43/gexTgeyLFiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQt
YjViOGQwMjQ0OGI4LzEvRGtNaGpoY2RGQlVfVVgyN0hLTVRIak84NkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQtYjViOGQwMjQ0OGI4
LzEvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZFcMA0E
AgACMAcDBQMqDE2AMA0GCSqGSIb3DQEBCwUAA4IBAQAxiQs9fbjBcazKLAj9YDUu
iTCl9ulxUNJEjOY+Ts+xec7MMrfkRU3akqY22SFcw6JTkoNf+qwkYinIMkQj8AMY
ee0MdS7zJDUBv4rE78FIM2DaEVKQzLiqIKreZcQfEDlls88RRLDKPJWFwskxR1U1
UqLGMUUwf5SJsoKbBW1H05Qyktm2hSg9mdWWLfcyi3zeSj5scUa+5UaUjFWDZ463
VMTX/Sw9NBsQblBqL9eZTuS5TGY0CDNl4/M8kenYz2I6mzdlZdc59RxZLUHE90ZE
shWIeCfgFjgcpkkzqNiZmDtoj1aPXIb6HD9IOq243u6ypXGYTHtZJL3VHy+iNx/9
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:56:45 2025 by rpki-client