Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/1T1aOqP3zdHjJM_CtV1UvaBL5mo.roa
File: 1T1aOqP3zdHjJM_CtV1UvaBL5mo.roa (raw, json)
Hash identifier: TLCSk1Z+liuD+SZ/aZSvjEV+pzC1RdmXVcxPJv46hqs=
Subject key identifier: D5:3D:5A:3A:A3:F7:CD:D1:E3:24:CF:C2:B5:5D:54:BD:A0:4B:E6:6A
Certificate issuer: /CN=f12d94bb3dc534a6427fe9a67300d8f4c49146c4
Certificate serial: 0192B3F873A695E17C6A3E1C5B2D8864CC72
Authority key identifier: F1:2D:94:BB:3D:C5:34:A6:42:7F:E9:A6:73:00:D8:F4:C4:91:46:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/1T1aOqP3zdHjJM_CtV1UvaBL5mo.roa
Signing time: Tue 22 Oct 2024 11:24:17 +0000
ROA not before: Tue 22 Oct 2024 11:24:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209899
IP address blocks: 45.65.96.0/22 maxlen: 24
185.136.244.0/22 maxlen: 24
2a09:300::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:f8:73:a6:95:e1:7c:6a:3e:1c:5b:2d:88:64:cc:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12d94bb3dc534a6427fe9a67300d8f4c49146c4
Validity
Not Before: Oct 22 11:24:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d53d5a3aa3f7cdd1e324cfc2b55d54bda04be66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:f1:7e:c4:19:02:34:72:ce:00:81:1a:83:
f3:c6:f2:ae:9e:ef:b0:e9:07:0f:68:0b:3f:63:67:
66:29:2f:f3:02:5d:43:7d:34:4b:a3:79:d4:89:61:
9f:db:e2:18:b6:3e:ae:07:00:f4:a7:b8:d3:53:66:
42:d7:8e:96:a3:45:60:38:b1:8d:a7:a2:ff:7c:fb:
ad:f2:d4:86:5c:68:11:28:10:30:3b:57:63:74:47:
cc:11:cb:8c:d4:f7:75:dc:48:60:f6:17:db:03:9b:
e6:a1:75:94:34:ae:58:80:52:9e:ab:6a:fb:59:bb:
64:79:44:04:dc:42:af:aa:23:f2:74:f1:6b:42:2f:
15:4b:8b:bb:48:7e:e7:db:38:53:4b:08:36:a4:bc:
f2:5e:30:67:9a:b7:0b:25:a2:f8:3d:52:15:22:03:
59:11:c9:75:22:6a:10:c5:e2:4d:e9:a4:cb:1f:48:
20:af:58:d7:f5:de:76:e8:95:0c:62:d0:3c:3e:09:
06:93:ad:f4:c3:2b:c6:fd:bb:66:08:c4:18:9f:e1:
8b:5f:63:96:02:44:b5:71:8d:04:23:e8:4e:f5:05:
ca:df:37:88:8f:1e:07:ea:eb:74:91:2d:f9:9f:59:
31:16:9f:93:3a:de:45:2f:27:1b:0c:ba:08:19:de:
77:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3D:5A:3A:A3:F7:CD:D1:E3:24:CF:C2:B5:5D:54:BD:A0:4B:E6:6A
X509v3 Authority Key Identifier:
keyid:F1:2D:94:BB:3D:C5:34:A6:42:7F:E9:A6:73:00:D8:F4:C4:91:46:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/1T1aOqP3zdHjJM_CtV1UvaBL5mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.96.0/22
185.136.244.0/22
IPv6:
2a09:300::/29
Signature Algorithm: sha256WithRSAEncryption
46:34:d7:32:7b:51:c0:51:f1:ac:09:cd:b7:f6:f2:5e:d6:6a:
13:e6:7d:b1:3c:30:73:3c:32:94:28:22:86:ba:ea:48:60:ae:
1e:1d:24:0d:d0:10:10:cd:22:d6:8d:18:b1:28:c2:aa:23:4d:
59:ed:09:ac:63:85:4b:3a:06:04:36:a4:9b:12:c2:4f:f8:3e:
d4:d8:27:4a:e6:b6:8e:13:dd:07:39:88:80:83:56:35:6a:77:
4b:7e:c0:9f:eb:54:52:db:c3:59:0c:a3:61:3e:92:71:88:8b:
af:8c:f3:1e:c0:39:dd:21:35:5c:47:89:ba:6b:9e:6d:3e:00:
b6:d8:5d:a0:0f:9d:5c:d9:ed:68:c5:4d:bc:cc:51:ac:fd:a5:
37:26:08:d5:d0:a5:fc:f6:11:66:f2:6d:b2:cc:16:9a:2f:82:
7f:d3:6f:ae:48:d6:2f:00:a5:77:71:a4:0c:5f:7f:61:db:5b:
e8:a2:68:6a:98:8e:38:a6:2a:23:92:e1:a6:40:e4:60:64:85:
b1:e2:2d:d2:f5:f2:e0:f3:73:82:a4:8a:bd:75:48:61:df:f6:
74:90:00:91:13:3e:4b:f4:06:5e:1d:dc:f7:eb:88:eb:f7:3a:
a4:cd:69:c8:34:5b:5c:24:2b:01:4d:ae:c1:ca:c6:de:88:a7:
37:31:9c:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKz+HOmleF8aj4cWy2IZMxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMmQ5NGJiM2RjNTM0YTY0MjdmZTlhNjczMDBkOGY0YzQ5
MTQ2YzQwHhcNMjQxMDIyMTEyNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTNkNWEzYWEzZjdjZGQxZTMyNGNmYzJiNTVkNTRiZGEwNGJlNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+DxfsQZAjRyzgCBGoPzxvKunu+w
6QcPaAs/Y2dmKS/zAl1DfTRLo3nUiWGf2+IYtj6uBwD0p7jTU2ZC146Wo0VgOLGN
p6L/fPut8tSGXGgRKBAwO1djdEfMEcuM1Pd13Ehg9hfbA5vmoXWUNK5YgFKeq2r7
WbtkeUQE3EKvqiPydPFrQi8VS4u7SH7n2zhTSwg2pLzyXjBnmrcLJaL4PVIVIgNZ
Ecl1ImoQxeJN6aTLH0ggr1jX9d526JUMYtA8PgkGk630wyvG/btmCMQYn+GLX2OW
AkS1cY0EI+hO9QXK3zeIjx4H6ut0kS35n1kxFp+TOt5FLycbDLoIGd53CwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNU9Wjqj983R4yTPwrVdVL2gS+ZqMB8GA1UdIwQY
MBaAFPEtlLs9xTSmQn/ppnMA2PTEkUbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFMyVXV6M0ZOS1pDZi1tbWN3RFk5TVNSUnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hNjM1YWYtYTQ2ZC00ZDBiLWI5MzEt
YTNhYmRiZDFkYTA2LzEvMVQxYU9xUDN6ZEhqSk1fQ3RWMVV2YUJMNW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hNjM1YWYtYTQ2ZC00ZDBiLWI5MzEtYTNhYmRiZDFkYTA2
LzEvOFMyVXV6M0ZOS1pDZi1tbWN3RFk5TVNSUnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUFgAwQC
uYj0MA0EAgACMAcDBQMqCQMAMA0GCSqGSIb3DQEBCwUAA4IBAQBGNNcye1HAUfGs
Cc239vJe1moT5n2xPDBzPDKUKCKGuupIYK4eHSQN0BAQzSLWjRixKMKqI01Z7Qms
Y4VLOgYENqSbEsJP+D7U2CdK5raOE90HOYiAg1Y1andLfsCf61RS28NZDKNhPpJx
iIuvjPMewDndITVcR4m6a55tPgC22F2gD51c2e1oxU28zFGs/aU3JgjV0KX89hFm
8m2yzBaaL4J/02+uSNYvAKV3caQMX39h21voomhqmI44piojkuGmQORgZIWx4i3S
9fLg83OCpIq9dUhh3/Z0kACREz5L9AZeHdz364jr9zqkzWnINFtcJCsBTa7Bysbe
iKc3MZxu
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:49:58 2025 by rpki-client