Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/1Zcsy1tupXNKNd4A1qri2j36_fo.roa
File: 1Zcsy1tupXNKNd4A1qri2j36_fo.roa (raw, json)
Hash identifier: x2VniuTUVur72wgqJaBLNLUfRN1fSgUIVHnlKj1aZrM=
Subject key identifier: D5:97:2C:CB:5B:6E:A5:73:4A:35:DE:00:D6:AA:E2:DA:3D:FA:FD:FA
Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Certificate serial: 018CC8DFA800D5F0F0A606943707F4BD8C59
Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/1Zcsy1tupXNKNd4A1qri2j36_fo.roa
Signing time: Tue 02 Jan 2024 06:32:29 +0000
ROA not before: Tue 02 Jan 2024 06:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212745
IP address blocks: 45.81.228.0/22 maxlen: 22
2a0e:6080::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a8:00:d5:f0:f0:a6:06:94:37:07:f4:bd:8c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Validity
Not Before: Jan 2 06:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5972ccb5b6ea5734a35de00d6aae2da3dfafdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:55:c9:f4:68:d8:ae:6b:fd:91:f2:d9:a3:d7:
a5:c6:b9:d5:bd:1a:cd:1e:54:44:71:65:d2:ae:08:
f6:5b:d1:bf:d0:f9:63:73:31:fc:9d:5e:c0:52:17:
a4:4e:b0:5a:14:f6:1b:39:06:6e:80:14:4c:5b:13:
4d:be:dd:f6:57:29:c5:2d:45:4c:89:b0:81:1e:ad:
aa:1b:f7:41:d1:c6:27:e1:a4:6d:f6:91:fc:45:a5:
5c:0b:c9:ae:cd:5e:ba:fc:ae:96:82:f8:65:e1:a0:
4a:1f:1e:4f:17:5a:00:55:d6:80:20:6c:92:6a:87:
94:44:ed:c1:6e:b7:02:88:8f:b0:4f:c5:bf:e9:98:
51:17:4f:17:e5:86:aa:ac:ec:cd:81:0b:84:0b:40:
ef:69:9c:99:14:00:7b:de:67:80:de:2e:eb:3b:1d:
a6:a1:b2:6f:23:c8:22:f2:2d:19:1a:47:07:8b:39:
35:6a:83:ce:d0:1c:65:31:0c:b6:44:c7:9b:a4:01:
50:09:c1:66:05:89:0f:24:9c:89:ab:53:bd:55:35:
3c:12:cb:68:9f:a9:ec:0a:70:e8:21:bd:c5:2e:80:
5f:44:29:37:5d:9d:12:ca:03:45:95:0d:30:d1:f9:
f8:19:c1:3b:89:f4:a6:fb:04:9b:b8:6f:ba:a1:b6:
ff:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:97:2C:CB:5B:6E:A5:73:4A:35:DE:00:D6:AA:E2:DA:3D:FA:FD:FA
X509v3 Authority Key Identifier:
keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/1Zcsy1tupXNKNd4A1qri2j36_fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.228.0/22
IPv6:
2a0e:6080::/48
Signature Algorithm: sha256WithRSAEncryption
39:41:98:98:05:77:e8:d8:ba:74:94:11:a1:96:ba:db:7a:a2:
f9:ac:60:40:d4:d6:9d:65:dd:88:f4:0d:76:fa:0c:b8:0f:b3:
4a:7c:0d:aa:31:87:ac:0c:2a:29:e2:b9:ba:df:62:5e:10:a7:
70:a3:d1:8f:f5:0a:02:8d:b8:86:f6:60:8a:e1:98:9b:d8:44:
ee:e4:6d:1f:a6:d1:b8:70:2e:71:b7:86:36:08:05:20:4a:62:
3e:06:58:da:57:20:38:22:f3:ac:02:f4:b2:ca:58:6e:4b:f2:
23:ab:a9:79:57:5a:6d:39:22:7f:f2:fd:0f:aa:e5:4d:e4:16:
e3:29:93:5e:9f:bd:ba:21:34:5c:6f:64:d6:03:eb:48:64:8a:
f2:6c:14:08:1f:0e:46:a8:04:cf:40:23:29:61:48:08:09:ef:
93:23:c3:84:8f:26:43:c2:e6:cc:5f:96:1a:4f:1d:ff:48:c0:
87:d2:dd:e9:e5:5c:d3:df:a3:18:a2:0e:3d:70:d3:c9:8e:78:
27:80:dd:18:a4:48:9d:af:ec:c4:05:bd:10:9e:a8:9d:45:79:
9c:5e:e4:98:fd:3b:02:01:6e:8f:99:f0:a7:b5:6a:05:2e:3f:
b7:f0:24:90:dd:10:69:bb:a1:e6:40:42:64:f3:08:83:9b:d0:
ec:65:24:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI36gA1fDwpgaUNwf0vYxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk
ZDRlZTYwHhcNMjQwMTAyMDYzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk3MmNjYjViNmVhNTczNGEzNWRlMDBkNmFhZTJkYTNkZmFmZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVXJ9GjYrmv9kfLZo9elxrnVvRrN
HlREcWXSrgj2W9G/0PljczH8nV7AUhekTrBaFPYbOQZugBRMWxNNvt32VynFLUVM
ibCBHq2qG/dB0cYn4aRt9pH8RaVcC8muzV66/K6Wgvhl4aBKHx5PF1oAVdaAIGyS
aoeURO3BbrcCiI+wT8W/6ZhRF08X5YaqrOzNgQuEC0DvaZyZFAB73meA3i7rOx2m
obJvI8gi8i0ZGkcHizk1aoPO0BxlMQy2RMebpAFQCcFmBYkPJJyJq1O9VTU8Esto
n6nsCnDoIb3FLoBfRCk3XZ0SygNFlQ0w0fn4GcE7ifSm+wSbuG+6obb/MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWXLMtbbqVzSjXeANaq4to9+v36MB8GA1UdIwQY
MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt
NDJkYWZiNGI1MWQyLzEvMVpjc3kxdHVwWE5LTmQ0QTFxcmkyajM2X2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy
LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLVHkMA8E
AgACMAkDBwAqDmCAAAAwDQYJKoZIhvcNAQELBQADggEBADlBmJgFd+jYunSUEaGW
utt6ovmsYEDU1p1l3Yj0DXb6DLgPs0p8Daoxh6wMKiniubrfYl4Qp3Cj0Y/1CgKN
uIb2YIrhmJvYRO7kbR+m0bhwLnG3hjYIBSBKYj4GWNpXIDgi86wC9LLKWG5L8iOr
qXlXWm05In/y/Q+q5U3kFuMpk16fvbohNFxvZNYD60hkivJsFAgfDkaoBM9AIylh
SAgJ75Mjw4SPJkPC5sxflhpPHf9IwIfS3enlXNPfoxiiDj1w08mOeCeA3RikSJ2v
7MQFvRCeqJ1FeZxe5Jj9OwIBbo+Z8Ke1agUuP7fwJJDdEGm7oeZAQmTzCIOb0Oxl
JKs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:27 2025 by rpki-client