Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hyedSssfq_q2Dm74IMk3Xm2aTzQ.roa
File: hyedSssfq_q2Dm74IMk3Xm2aTzQ.roa (raw, json)
Hash identifier: M3dShuu48/EkpKP0adXAM6RN9sM8MfYt0bDN1xeEb50=
Subject key identifier: 87:27:9D:4A:CB:1F:AB:FA:B6:0E:6E:F8:20:C9:37:5E:6D:9A:4F:34
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E1EC942B13974D29F2039C0CC1C3106B7
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hyedSssfq_q2Dm74IMk3Xm2aTzQ.roa
Signing time: Fri 08 Mar 2024 15:58:10 +0000
ROA not before: Fri 08 Mar 2024 15:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 31.222.239.0/24 maxlen: 24
45.67.120.0/22 maxlen: 22
45.148.152.0/22 maxlen: 22
217.114.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:c9:42:b1:39:74:d2:9f:20:39:c0:cc:1c:31:06:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 8 15:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87279d4acb1fabfab60e6ef820c9375e6d9a4f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:8e:c3:4a:ac:84:90:2f:49:09:be:6f:20:
ca:7b:da:77:fd:47:ec:aa:2f:00:93:78:76:26:71:
c6:c5:67:c5:ce:d4:b0:2c:7e:9a:c7:5a:c4:aa:29:
eb:fd:62:5a:b2:b5:f7:ee:c7:2f:a1:6e:18:89:d6:
07:ff:79:b4:d6:e7:7a:15:89:ea:78:25:97:5e:a7:
da:7d:f6:a1:29:43:2c:3c:2a:59:fd:c0:cc:34:31:
dd:4e:01:b0:b7:0a:83:30:7e:0f:17:2a:29:70:ec:
76:ed:44:21:86:85:50:32:95:04:fd:19:76:85:2c:
a7:e8:d3:00:ce:49:4c:02:39:10:ab:90:82:54:88:
06:5e:d5:30:68:b8:e7:3d:9e:cd:8e:cc:bd:b3:76:
a9:77:15:8f:d4:60:4b:ef:46:10:21:85:9c:0a:76:
c9:fa:2a:73:ae:e8:7e:c7:7f:8b:e9:a2:b6:29:63:
69:c1:11:f9:e3:d4:5b:8e:b5:92:55:21:b6:23:89:
c4:de:04:af:64:a7:ea:1d:5f:a1:5e:c0:b2:a3:b3:
74:3a:e4:a7:40:52:b8:2b:2a:c9:04:60:72:27:ef:
41:01:4b:b7:e5:af:04:3c:09:b4:25:e0:d9:ed:1e:
47:10:17:96:c7:30:70:94:16:4e:62:1a:c5:34:2b:
be:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:27:9D:4A:CB:1F:AB:FA:B6:0E:6E:F8:20:C9:37:5E:6D:9A:4F:34
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hyedSssfq_q2Dm74IMk3Xm2aTzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.239.0/24
45.67.120.0/22
45.148.152.0/22
217.114.41.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a7:8d:37:d8:53:67:64:68:76:14:37:e5:65:3c:ab:22:5d:
34:f0:2e:1b:3b:82:0b:b0:43:56:28:6b:15:3e:4d:a7:c8:fe:
14:40:42:87:67:b6:39:68:51:3b:cc:67:79:e7:ac:b6:76:1f:
02:20:6b:9f:65:77:40:f9:cc:3e:aa:0d:0b:df:54:57:2d:ca:
16:f5:30:16:5c:67:c5:24:43:46:9c:08:41:43:b0:b5:9b:9f:
13:ae:54:ea:59:71:36:cc:ee:68:2b:25:2f:a8:97:13:1e:fe:
a6:7a:d1:8c:40:fd:f0:55:e5:97:b0:f9:df:f9:5f:98:a6:e5:
a6:c1:61:9a:57:21:30:b1:a6:94:94:0c:e9:6e:f7:9e:88:46:
e4:5d:10:cc:a9:20:e9:8b:0d:f9:75:a3:29:52:78:c9:0b:3c:
69:1f:b2:d3:e4:62:2c:1a:6f:ff:3c:a1:0f:3c:3c:c0:06:ca:
5f:9b:2f:18:70:1e:d6:e7:c8:71:34:b3:e4:b5:de:e6:21:d0:
77:0f:5d:25:1a:89:e8:37:42:73:1b:2e:20:ce:93:ce:c1:3a:
0e:3a:5a:f5:dd:15:1b:57:07:a7:a7:76:62:0e:ee:be:f4:62:
97:40:1f:c1:83:37:ea:39:9d:ba:99:52:69:76:13:99:c4:41:
8b:10:de:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4eyUKxOXTSnyA5wMwcMQa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA4MTU1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI3OWQ0YWNiMWZhYmZhYjYwZTZlZjgyMGM5Mzc1ZTZkOWE0ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2OOw0qshJAvSQm+byDKe9p3/Ufs
qi8Ak3h2JnHGxWfFztSwLH6ax1rEqinr/WJasrX37scvoW4YidYH/3m01ud6FYnq
eCWXXqfaffahKUMsPCpZ/cDMNDHdTgGwtwqDMH4PFyopcOx27UQhhoVQMpUE/Rl2
hSyn6NMAzklMAjkQq5CCVIgGXtUwaLjnPZ7Njsy9s3apdxWP1GBL70YQIYWcCnbJ
+ipzruh+x3+L6aK2KWNpwRH549RbjrWSVSG2I4nE3gSvZKfqHV+hXsCyo7N0OuSn
QFK4KyrJBGByJ+9BAUu35a8EPAm0JeDZ7R5HEBeWxzBwlBZOYhrFNCu+XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIcnnUrLH6v6tg5u+CDJN15tmk80MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvaHllZFNzc2ZxX3EyRG03NElNazNYbTJhVHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH97vAwQC
LUN4AwQCLZSYAwQA2XIpMA0GCSqGSIb3DQEBCwUAA4IBAQA4p4032FNnZGh2FDfl
ZTyrIl008C4bO4ILsENWKGsVPk2nyP4UQEKHZ7Y5aFE7zGd556y2dh8CIGufZXdA
+cw+qg0L31RXLcoW9TAWXGfFJENGnAhBQ7C1m58TrlTqWXE2zO5oKyUvqJcTHv6m
etGMQP3wVeWXsPnf+V+YpuWmwWGaVyEwsaaUlAzpbveeiEbkXRDMqSDpiw35daMp
UnjJCzxpH7LT5GIsGm//PKEPPDzABspfmy8YcB7W58hxNLPktd7mIdB3D10lGono
N0JzGy4gzpPOwToOOlr13RUbVwenp3ZiDu6+9GKXQB/BgzfqOZ26mVJpdhOZxEGL
EN4z
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:04 2025 by rpki-client