Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/RfPLtW3TTDg38n4nDtW1IqKz3Hw.roa
File: RfPLtW3TTDg38n4nDtW1IqKz3Hw.roa (raw, json)
Hash identifier: oPjD6hlcDCfcHSCI0jIz/5O4+OHBKsaFcEQtHGLOsdU=
Subject key identifier: 45:F3:CB:B5:6D:D3:4C:38:37:F2:7E:27:0E:D5:B5:22:A2:B3:DC:7C
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 018CC9BC9FF76A8C3C0ADE2AFC8E349B92B3
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/RfPLtW3TTDg38n4nDtW1IqKz3Hw.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203140
IP address blocks: 45.90.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9f:f7:6a:8c:3c:0a:de:2a:fc:8e:34:9b:92:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45f3cbb56dd34c3837f27e270ed5b522a2b3dc7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:07:b3:c0:5f:50:6a:3e:33:1d:86:d7:5c:
cb:ce:d1:59:b5:be:5c:01:8c:53:50:bf:d6:b8:8e:
3f:08:0a:de:5c:12:be:ad:be:91:fe:ed:fe:0f:7f:
99:43:ae:91:9e:cc:5d:97:96:cb:93:36:50:f5:09:
de:36:dd:a8:92:24:4d:82:a9:5d:2a:d4:94:fb:b3:
13:31:35:12:7c:49:ae:23:0b:e1:86:b9:f2:f2:5d:
db:0d:a2:60:b6:3b:0a:63:a6:07:83:c8:97:92:e6:
c0:27:ed:42:0e:29:31:5c:c5:a3:26:65:26:c5:87:
31:bc:ed:32:d9:86:dd:67:8f:68:3d:9c:ff:4d:ab:
02:0f:69:1a:e4:96:ef:e7:92:75:50:9a:d2:0e:7a:
12:9b:e9:f9:c0:ac:73:1b:f2:30:32:96:4b:86:c8:
9d:3e:47:3e:d1:f8:10:1e:4c:44:00:e7:57:43:53:
87:91:9d:53:25:87:40:a6:8b:90:db:cb:e1:e6:2f:
6c:e5:d0:bc:ba:c2:24:0c:31:f3:ad:7c:b3:de:f5:
d6:74:a9:8f:53:08:11:dd:82:17:7f:cd:4b:cb:5f:
f5:81:c2:ed:ae:0c:d7:9c:05:d7:7c:3e:75:b8:92:
73:41:ab:ff:e0:4a:3b:58:5b:49:4c:66:0a:80:c9:
02:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F3:CB:B5:6D:D3:4C:38:37:F2:7E:27:0E:D5:B5:22:A2:B3:DC:7C
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/RfPLtW3TTDg38n4nDtW1IqKz3Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.2.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:b1:b6:ed:9b:78:f1:72:a2:bc:15:4f:a3:6e:d2:9d:a1:86:
c6:74:03:7a:7c:e7:d5:dc:bc:99:89:03:60:4d:a5:34:cb:bf:
dc:2d:ec:14:18:ab:c0:f1:6e:e3:9f:e9:d2:30:76:17:f5:c8:
12:46:9e:e7:89:bb:f9:3b:08:fa:3c:2b:31:d9:ad:1e:95:68:
b2:af:7f:c9:84:79:4f:32:2c:97:4c:bd:b7:d8:4e:7b:95:46:
fa:25:12:d0:4b:18:be:7d:7b:7b:8a:3b:3f:84:87:81:b2:5a:
1d:e6:42:36:d1:26:cb:9d:33:17:b6:f9:8e:9c:6d:b4:c3:3f:
65:00:8b:51:db:b1:54:81:52:9a:73:c1:e9:69:89:f8:84:21:
ec:57:d8:64:8e:c6:98:bd:97:55:f7:b1:0e:a5:9a:6b:b3:8b:
8e:11:97:8c:0d:34:eb:9b:9d:9b:10:1c:3e:f4:ab:69:c1:ed:
a6:9e:c6:b9:cd:42:fe:e5:74:e3:91:00:0e:a8:8f:06:9d:03:
6a:ff:06:8f:f3:d8:60:67:d4:35:53:0c:c2:0e:6b:43:b8:95:
8a:2b:c1:49:37:cb:58:ea:15:ac:bf:07:ec:66:98:ee:18:9a:
7d:1c:0d:0d:c8:93:0e:4a:61:84:30:fa:d4:2b:de:dd:b9:ae:
01:35:98:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvJ/3aow8Ct4q/I40m5KzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzUxY2Y4YzNhMmQzNmM5NzQ0Yzk2NTE5ODk5OTQ1YWM2
MDc4MjAwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYzY2JiNTZkZDM0YzM4MzdmMjdlMjcwZWQ1YjUyMmEyYjNkYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsQHs8BfUGo+Mx2G11zLztFZtb5c
AYxTUL/WuI4/CAreXBK+rb6R/u3+D3+ZQ66Rnsxdl5bLkzZQ9QneNt2okiRNgqld
KtSU+7MTMTUSfEmuIwvhhrny8l3bDaJgtjsKY6YHg8iXkubAJ+1CDikxXMWjJmUm
xYcxvO0y2YbdZ49oPZz/TasCD2ka5Jbv55J1UJrSDnoSm+n5wKxzG/IwMpZLhsid
Pkc+0fgQHkxEAOdXQ1OHkZ1TJYdApouQ28vh5i9s5dC8usIkDDHzrXyz3vXWdKmP
UwgR3YIXf81Ly1/1gcLtrgzXnAXXfD51uJJzQav/4Eo7WFtJTGYKgMkCRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXzy7Vt00w4N/J+Jw7VtSKis9x8MB8GA1UdIwQY
MBaAFPN1HPjDotNsl0TJZRmJmUWsYHggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1Njct
NWNmN2MwNjIxMDY1LzEvUmZQTHRXM1RURGczOG40bkR0VzFJcUt6M0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1NjctNWNmN2MwNjIxMDY1
LzEvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVoCMA0G
CSqGSIb3DQEBCwUAA4IBAQC3sbbtm3jxcqK8FU+jbtKdoYbGdAN6fOfV3LyZiQNg
TaU0y7/cLewUGKvA8W7jn+nSMHYX9cgSRp7nibv5Owj6PCsx2a0elWiyr3/JhHlP
MiyXTL232E57lUb6JRLQSxi+fXt7ijs/hIeBslod5kI20SbLnTMXtvmOnG20wz9l
AItR27FUgVKac8HpaYn4hCHsV9hkjsaYvZdV97EOpZprs4uOEZeMDTTrm52bEBw+
9Ktpwe2mnsa5zUL+5XTjkQAOqI8GnQNq/waP89hgZ9Q1UwzCDmtDuJWKK8FJN8tY
6hWsvwfsZpjuGJp9HA0NyJMOSmGEMPrUK97dua4BNZg3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:47 2025 by rpki-client