Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/WbHDUC0X6bNeV8IC2Zetfam3Ct8.roa
File: WbHDUC0X6bNeV8IC2Zetfam3Ct8.roa (raw, json)
Hash identifier: NHw04WwNni/fFtuj+K9znCHZaZEEloNeBwOJBJu2qik=
Subject key identifier: 59:B1:C3:50:2D:17:E9:B3:5E:57:C2:02:D9:97:AD:7D:A9:B7:0A:DF
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 019404825936866AF479A1DD7683427E8398
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/WbHDUC0X6bNeV8IC2Zetfam3Ct8.roa
Signing time: Thu 26 Dec 2024 19:47:18 +0000
ROA not before: Thu 26 Dec 2024 19:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 20:23:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:04:82:59:36:86:6a:f4:79:a1:dd:76:83:42:7e:83:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Dec 26 19:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59b1c3502d17e9b35e57c202d997ad7da9b70adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:b3:a2:8d:0f:be:57:af:90:4a:a9:ab:00:
d6:5f:55:26:3b:58:fd:b1:8b:af:14:ea:d2:da:d9:
5b:0c:6b:ab:d5:cc:e4:63:4e:21:8f:3b:08:48:c2:
6b:d3:54:cb:06:ee:29:cd:cf:70:37:9d:4f:aa:9d:
4c:42:db:07:bb:32:c0:8e:14:48:e5:53:91:72:fa:
24:e4:c8:b8:fa:f6:2b:aa:81:3c:75:51:a8:37:14:
e4:1e:f9:ca:fb:fb:af:b5:15:61:0d:82:12:74:92:
f2:ce:82:be:14:46:03:b2:2f:39:f5:d9:d8:1c:9d:
f4:8d:3e:64:dc:43:be:ba:fe:b3:40:86:a9:27:d2:
52:7d:cd:18:70:cf:c9:aa:32:b1:79:99:c5:9e:1e:
47:ba:34:19:12:8e:5e:00:89:04:11:28:11:49:b6:
ad:df:ed:f6:81:28:ef:ac:4c:65:ca:8c:74:eb:a9:
27:f2:57:21:c6:87:aa:26:ec:9a:37:53:e0:6d:b9:
0d:00:f0:12:64:1e:c7:9a:2c:81:5f:96:0c:2c:9c:
34:a3:38:2a:94:e3:18:40:fb:25:57:9c:60:0d:57:
77:70:44:cc:1b:5c:92:43:72:d1:60:af:cb:a6:ea:
f7:b8:75:a2:e6:58:c6:af:ef:e6:ea:cc:5e:ab:8c:
0b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B1:C3:50:2D:17:E9:B3:5E:57:C2:02:D9:97:AD:7D:A9:B7:0A:DF
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/WbHDUC0X6bNeV8IC2Zetfam3Ct8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:64:df:85:db:90:93:b7:42:a0:87:89:17:9f:47:c9:8d:81:
17:62:ee:c2:07:a4:4c:d6:91:f0:53:2c:28:93:02:ae:a2:97:
04:82:1c:19:00:b2:c8:cb:ea:0a:06:39:ac:ca:c1:d6:0e:59:
21:62:5a:92:f9:ba:bb:17:e7:64:01:95:e2:8a:58:26:9e:0c:
b5:49:f1:9c:a1:ab:3f:e8:1b:bb:9f:50:5b:7f:17:3d:15:3a:
d1:96:27:df:10:09:8d:fd:db:c2:bc:a3:3d:8c:b3:3a:66:42:
fc:04:7d:48:66:7d:94:69:a1:95:93:a6:47:31:a0:fb:d3:0d:
51:1e:4f:31:cc:08:45:52:f5:7e:19:eb:e7:0a:37:af:a5:4e:
d8:a3:d2:89:46:ec:ce:72:be:38:94:18:d1:0c:02:95:f0:05:
a3:f6:75:cb:82:db:1a:a9:6a:6f:d6:b1:88:4e:2e:fc:3f:57:
23:b5:28:e8:3a:27:03:76:0d:2e:7c:ec:2b:d4:ac:ac:f0:9e:
91:ec:ec:3d:da:0f:bc:5a:a4:95:11:2d:a3:fd:2d:e2:ab:3e:
32:27:5d:18:95:55:b3:9f:e9:a0:30:b1:28:0e:59:a5:f6:d3:
50:7f:d3:92:b1:19:9b:97:ed:ec:6b:46:f4:2e:cc:72:bb:10:
6c:b0:72:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQEglk2hmr0eaHddoNCfoOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjQxMjI2MTk0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIxYzM1MDJkMTdlOWIzNWU1N2MyMDJkOTk3YWQ3ZGE5YjcwYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAWzoo0PvlevkEqpqwDWX1UmO1j9
sYuvFOrS2tlbDGur1czkY04hjzsISMJr01TLBu4pzc9wN51Pqp1MQtsHuzLAjhRI
5VORcvok5Mi4+vYrqoE8dVGoNxTkHvnK+/uvtRVhDYISdJLyzoK+FEYDsi859dnY
HJ30jT5k3EO+uv6zQIapJ9JSfc0YcM/JqjKxeZnFnh5HujQZEo5eAIkEESgRSbat
3+32gSjvrExlyox066kn8lchxoeqJuyaN1PgbbkNAPASZB7HmiyBX5YMLJw0ozgq
lOMYQPslV5xgDVd3cETMG1ySQ3LRYK/Lpur3uHWi5ljGr+/m6sxeq4wLUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmxw1AtF+mzXlfCAtmXrX2ptwrfMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvV2JIRFVDMFg2Yk5lVjhJQzJaZXRmYW0zQ3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQCqZN+F25CTt0Kgh4kXn0fJjYEXYu7CB6RM1pHwUywo
kwKuopcEghwZALLIy+oKBjmsysHWDlkhYlqS+bq7F+dkAZXiilgmngy1SfGcoas/
6Bu7n1Bbfxc9FTrRliffEAmN/dvCvKM9jLM6ZkL8BH1IZn2UaaGVk6ZHMaD70w1R
Hk8xzAhFUvV+GevnCjevpU7Yo9KJRuzOcr44lBjRDAKV8AWj9nXLgtsaqWpv1rGI
Ti78P1cjtSjoOicDdg0ufOwr1Kys8J6R7Ow92g+8WqSVES2j/S3iqz4yJ10YlVWz
n+mgMLEoDlml9tNQf9OSsRmbl+3sa0b0LsxyuxBssHLV
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:57:32 2025 by rpki-client