Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/2f9TYNs3xGpVdMoaXAxNwV1VoCA.roa
File: 2f9TYNs3xGpVdMoaXAxNwV1VoCA.roa (raw, json)
Hash identifier: uN/L9VfJlRzRA+DEIB2GY+sjhV1sXULkG6U8PuKR2EI=
Subject key identifier: D9:FF:53:60:DB:37:C4:6A:55:74:CA:1A:5C:0C:4D:C1:5D:55:A0:20
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 0193DBAD8D3280D67E9CC4B964755A44B565
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/2f9TYNs3xGpVdMoaXAxNwV1VoCA.roa
Signing time: Wed 18 Dec 2024 21:30:04 +0000
ROA not before: Wed 18 Dec 2024 21:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 45.143.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:db:ad:8d:32:80:d6:7e:9c:c4:b9:64:75:5a:44:b5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Dec 18 21:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9ff5360db37c46a5574ca1a5c0c4dc15d55a020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:c0:17:cc:28:ae:95:ca:2d:81:61:80:fd:
e9:b8:10:3d:b9:cb:b2:5c:74:d6:76:18:96:1d:56:
3f:85:da:78:5e:fe:20:f8:f8:a2:d6:f4:e9:5e:45:
b7:0d:04:1a:25:66:d0:ee:03:f1:ea:20:1f:ae:14:
d3:86:b4:c5:a5:7d:c0:3e:69:7f:e5:e9:8b:06:8a:
93:9d:39:2d:a4:d5:35:38:97:41:11:e6:24:00:66:
a5:8f:0d:b2:ac:65:c1:e2:33:a5:21:ed:a2:81:82:
e3:d3:15:79:80:9d:45:eb:50:ca:c3:81:01:38:ea:
71:dc:a5:d1:c7:29:fe:ff:fe:d9:fd:bc:c5:40:5c:
35:66:83:62:a3:84:c1:02:86:fa:f1:d2:a8:ee:3b:
a0:0e:f2:61:ff:92:8e:71:2f:f5:06:54:6e:47:1e:
9c:48:a1:ea:42:49:05:4d:5a:cb:b4:c9:51:b1:12:
65:48:b5:ee:2e:d5:65:f3:28:26:12:0c:f0:0b:40:
b3:5d:5c:7b:a2:39:17:fe:7a:3e:14:d5:b3:3d:3e:
c3:bd:f4:84:71:b9:5f:85:99:44:d5:15:38:95:48:
76:0f:d4:af:94:66:a3:e1:bc:7c:4d:f6:c6:11:93:
67:2b:d0:a3:1f:ce:a3:66:c7:bb:3c:03:bf:75:29:
ac:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FF:53:60:DB:37:C4:6A:55:74:CA:1A:5C:0C:4D:C1:5D:55:A0:20
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/2f9TYNs3xGpVdMoaXAxNwV1VoCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:9c:94:ab:72:4f:c2:25:cb:d0:44:80:be:6e:28:cc:ed:ab:
ac:0c:53:a2:5e:01:3c:46:57:d7:84:66:1a:2a:81:28:ec:cd:
c1:d4:06:e1:d7:f1:ad:1e:3f:f6:05:94:e6:bb:16:ac:e7:30:
94:81:4e:a0:d5:7d:d3:df:fb:66:37:9c:26:bd:4b:56:06:6f:
2a:3c:10:ff:bd:2d:1a:7a:b7:9d:dd:5a:52:8c:cc:3e:e0:81:
e0:7a:ae:07:e7:ba:90:43:1b:58:bc:e0:c7:5c:0a:2a:fe:de:
a8:f0:ce:56:2c:21:5f:a4:48:9e:c3:3c:e8:6c:77:bc:46:fe:
49:26:1a:9d:48:23:33:ea:0b:cb:5f:4f:6a:dc:94:89:5b:92:
29:9c:d3:74:4e:d2:aa:e2:6e:b2:8e:e9:6a:4a:98:fa:0c:5e:
5a:4c:d0:1a:82:22:db:9c:78:f7:05:4d:8c:c2:58:5b:3c:16:
17:a9:b3:61:b4:94:cf:8a:b3:b4:a6:b8:f5:09:cb:1c:63:a7:
f5:d4:f0:89:a1:24:c0:af:11:fa:b0:db:2f:04:0a:f5:47:5f:
43:e5:31:f8:b7:2f:7c:38:05:d8:e8:08:96:8d:21:2b:46:c8:
de:16:9d:60:e3:1e:09:60:da:8b:2c:e3:2b:30:b5:c7:07:0b:
b1:0a:8d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPbrY0ygNZ+nMS5ZHVaRLVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjQxMjE4MjEzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZmNTM2MGRiMzdjNDZhNTU3NGNhMWE1YzBjNGRjMTVkNTVhMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxPAF8worpXKLYFhgP3puBA9ucuy
XHTWdhiWHVY/hdp4Xv4g+Pii1vTpXkW3DQQaJWbQ7gPx6iAfrhTThrTFpX3APml/
5emLBoqTnTktpNU1OJdBEeYkAGaljw2yrGXB4jOlIe2igYLj0xV5gJ1F61DKw4EB
OOpx3KXRxyn+//7Z/bzFQFw1ZoNio4TBAob68dKo7jugDvJh/5KOcS/1BlRuRx6c
SKHqQkkFTVrLtMlRsRJlSLXuLtVl8ygmEgzwC0CzXVx7ojkX/no+FNWzPT7DvfSE
cblfhZlE1RU4lUh2D9SvlGaj4bx8TfbGEZNnK9CjH86jZse7PAO/dSmsXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNn/U2DbN8RqVXTKGlwMTcFdVaAgMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvMmY5VFlOczN4R3BWZE1vYVhBeE53VjFWb0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8IMA0G
CSqGSIb3DQEBCwUAA4IBAQAunJSrck/CJcvQRIC+bijM7ausDFOiXgE8RlfXhGYa
KoEo7M3B1Abh1/GtHj/2BZTmuxas5zCUgU6g1X3T3/tmN5wmvUtWBm8qPBD/vS0a
ered3VpSjMw+4IHgeq4H57qQQxtYvODHXAoq/t6o8M5WLCFfpEiewzzobHe8Rv5J
JhqdSCMz6gvLX09q3JSJW5IpnNN0TtKq4m6yjulqSpj6DF5aTNAagiLbnHj3BU2M
wlhbPBYXqbNhtJTPirO0prj1CcscY6f11PCJoSTArxH6sNsvBAr1R19D5TH4ty98
OAXY6AiWjSErRsjeFp1g4x4JYNqLLOMrMLXHBwuxCo04
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:02 2025 by rpki-client