Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/3p97eb_nPKQl9h75_z6MeKVSS_4.roa
File: 3p97eb_nPKQl9h75_z6MeKVSS_4.roa (raw, json)
Hash identifier: 2fmYI0EbsOrzqb8wH8j7+Lg8HrIgluI9+lMApId/k8s=
Subject key identifier: DE:9F:7B:79:BF:E7:3C:A4:25:F6:1E:F9:FF:3E:8C:78:A5:52:4B:FE
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 018CC56E93E2CE62AF8B9068651B3193F6F8
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/3p97eb_nPKQl9h75_z6MeKVSS_4.roa
Signing time: Mon 01 Jan 2024 14:30:07 +0000
ROA not before: Mon 01 Jan 2024 14:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51575
IP address blocks: 92.45.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:93:e2:ce:62:af:8b:90:68:65:1b:31:93:f6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 14:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de9f7b79bfe73ca425f61ef9ff3e8c78a5524bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e0:30:8b:13:54:21:57:72:e1:3e:e9:88:f7:
51:5d:2a:f6:34:b9:76:09:b4:f3:f2:94:3d:63:08:
99:37:5a:55:04:89:35:1f:33:3c:3a:b0:40:f6:2c:
2e:dc:5a:dd:90:a5:e1:0d:5c:fb:93:da:21:98:17:
ee:9a:a3:a5:af:8c:58:f0:4d:97:cc:37:75:f4:30:
96:1a:5c:9d:3f:9b:d4:82:61:51:97:c8:a0:03:a4:
60:81:6d:98:5b:54:0f:1a:bb:96:99:96:ca:53:c9:
17:ce:b1:d0:bc:d9:e0:87:39:7d:db:f3:92:e5:b2:
4f:dd:99:65:74:71:91:50:41:b7:e7:12:2b:a2:4b:
80:36:1a:4e:ff:f7:bd:b8:03:13:f2:60:2a:d3:ed:
b6:3f:ec:f5:ea:c9:32:e6:ba:7b:79:3b:d5:87:8c:
4e:08:02:fb:a3:a3:8c:0e:9c:1b:ce:a8:f0:cd:3e:
27:cb:ec:a5:f4:8c:39:bb:52:99:16:3b:3f:a3:ff:
98:04:af:cc:5a:70:07:ae:c1:41:ed:4c:07:1f:25:
b3:fc:c8:ae:ce:20:eb:03:73:13:fe:8b:75:2d:82:
28:33:17:98:3b:b6:71:24:00:e6:a8:0a:7c:74:ea:
61:20:22:e3:bd:ac:e5:8e:f9:5f:32:a4:f9:8b:cb:
b4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9F:7B:79:BF:E7:3C:A4:25:F6:1E:F9:FF:3E:8C:78:A5:52:4B:FE
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/3p97eb_nPKQl9h75_z6MeKVSS_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.45.66.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6d:ec:c8:3f:23:ef:d6:c7:15:65:35:c8:4f:6a:7a:d4:f9:
55:c2:68:69:1f:98:85:8f:cf:de:ea:15:56:bb:a0:30:65:37:
49:8a:e5:a2:31:95:7c:ed:c3:95:9c:98:23:c0:62:a8:e3:18:
e0:c0:ad:3d:73:aa:6f:5c:78:8b:ff:98:a7:06:9d:68:ae:56:
20:c7:64:e0:18:af:02:6d:6a:16:20:ca:98:95:f6:d9:3e:b7:
d7:b2:c1:69:fd:69:4b:56:51:2a:b1:d9:dc:c5:1f:8c:8a:07:
8a:24:ed:5c:46:3e:4b:66:3b:5a:ff:47:0b:2c:23:de:ee:4c:
00:e7:86:84:d7:c0:e3:ae:32:9a:62:3a:0c:9f:7b:05:52:26:
f2:b4:2a:3e:bf:f0:30:68:98:ba:08:55:65:95:27:b5:ac:f9:
17:b9:63:b6:21:33:dc:30:11:aa:6f:b8:3a:cb:64:0a:79:e7:
25:24:d6:f3:4b:01:b5:31:90:3a:44:29:21:02:ae:14:f5:ef:
96:69:f7:87:a7:32:02:ba:54:89:b3:d2:11:29:77:9e:cc:14:
d4:9e:1a:0a:ac:bc:62:d8:b9:93:8d:ba:21:c2:da:53:52:ae:
55:85:5d:7e:35:30:b9:9f:58:da:6e:f3:48:39:7e:1b:6b:98:
ca:10:fd:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbpPizmKvi5BoZRsxk/b4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjQwMTAxMTQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTlmN2I3OWJmZTczY2E0MjVmNjFlZjlmZjNlOGM3OGE1NTI0YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseAwixNUIVdy4T7piPdRXSr2NLl2
CbTz8pQ9YwiZN1pVBIk1HzM8OrBA9iwu3FrdkKXhDVz7k9ohmBfumqOlr4xY8E2X
zDd19DCWGlydP5vUgmFRl8igA6RggW2YW1QPGruWmZbKU8kXzrHQvNnghzl92/OS
5bJP3ZlldHGRUEG35xIrokuANhpO//e9uAMT8mAq0+22P+z16sky5rp7eTvVh4xO
CAL7o6OMDpwbzqjwzT4ny+yl9Iw5u1KZFjs/o/+YBK/MWnAHrsFB7UwHHyWz/Miu
ziDrA3MT/ot1LYIoMxeYO7ZxJADmqAp8dOphICLjvazljvlfMqT5i8u0oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6fe3m/5zykJfYe+f8+jHilUkv+MB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvM3A5N2ViX25QS1FsOWg3NV96Nk1lS1ZTU180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXC1CMA0G
CSqGSIb3DQEBCwUAA4IBAQAjbezIPyPv1scVZTXIT2p61PlVwmhpH5iFj8/e6hVW
u6AwZTdJiuWiMZV87cOVnJgjwGKo4xjgwK09c6pvXHiL/5inBp1orlYgx2TgGK8C
bWoWIMqYlfbZPrfXssFp/WlLVlEqsdncxR+MigeKJO1cRj5LZjta/0cLLCPe7kwA
54aE18DjrjKaYjoMn3sFUibytCo+v/AwaJi6CFVllSe1rPkXuWO2ITPcMBGqb7g6
y2QKeeclJNbzSwG1MZA6RCkhAq4U9e+WafeHpzICulSJs9IRKXeezBTUnhoKrLxi
2LmTjbohwtpTUq5VhV1+NTC5n1jabvNIOX4ba5jKEP2x
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:48:49 2025 by rpki-client