Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hcjkkYdDMvDTB6awXKaDITEAwpo.roa
File: hcjkkYdDMvDTB6awXKaDITEAwpo.roa (raw, json)
Hash identifier: KEMvpzPBZgpdi1pREzI+OtXwdb2E3WocfCFjJRmZEqE=
Subject key identifier: 85:C8:E4:91:87:43:32:F0:D3:07:A6:B0:5C:A6:83:21:31:00:C2:9A
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018E856596B910C863582BBF7B48A57588D8
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hcjkkYdDMvDTB6awXKaDITEAwpo.roa
Signing time: Thu 28 Mar 2024 14:10:11 +0000
ROA not before: Thu 28 Mar 2024 14:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 45.129.79.0/24 maxlen: 24
2a01:48a0:4201::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:65:96:b9:10:c8:63:58:2b:bf:7b:48:a5:75:88:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 28 14:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85c8e491874332f0d307a6b05ca683213100c29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ac:f5:48:0c:61:24:dd:cc:96:5d:59:47:76:
37:24:47:79:d7:25:45:c0:19:e7:c5:1d:91:41:d2:
b9:a3:4f:bc:ce:4b:28:6f:2a:ac:56:c1:8e:d4:88:
76:36:0b:b8:ca:c2:bc:be:66:ca:b7:94:e4:8a:6e:
2f:8c:ed:e2:5e:fe:53:bd:20:be:1d:65:e2:f7:ea:
3e:fa:3b:46:fd:99:ef:68:ab:25:9b:24:70:58:fe:
8a:bf:da:69:fa:b1:1f:69:f4:f6:44:ff:ac:a4:01:
7a:42:9e:b4:f0:50:df:b7:be:f1:cf:81:56:38:28:
3b:4c:61:82:40:e0:82:f5:96:46:96:90:ad:dc:c1:
b1:5b:3a:d7:7d:16:13:37:29:4e:69:de:4c:d1:22:
4c:8e:37:3b:92:1e:24:b3:55:8d:fc:fb:d5:db:7f:
93:c7:46:0a:7d:88:f4:26:9c:d5:45:06:80:2a:bc:
3c:8a:0c:da:96:17:68:f0:6e:8f:99:f8:34:64:fe:
84:90:5e:ec:d1:3d:b6:c9:e5:b1:95:cd:ad:8d:9a:
66:5a:be:e3:70:aa:bb:0c:89:8a:a3:16:ec:56:30:
5d:49:8b:63:f7:8e:c0:0f:f3:3d:01:dc:4e:ef:a0:
42:6e:70:36:5a:96:57:a3:e9:d2:9f:26:71:19:4b:
8f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C8:E4:91:87:43:32:F0:D3:07:A6:B0:5C:A6:83:21:31:00:C2:9A
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hcjkkYdDMvDTB6awXKaDITEAwpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.79.0/24
IPv6:
2a01:48a0:4201::/48
Signature Algorithm: sha256WithRSAEncryption
43:f4:bc:cd:b4:f9:20:fb:13:6c:14:bb:f0:2c:53:10:f1:fc:
4f:01:5a:4c:82:74:6c:33:ba:71:bb:85:89:8d:94:6f:7a:f2:
de:b3:10:66:0c:74:1f:96:c0:b2:22:ee:28:5e:43:d0:77:b0:
8e:43:b6:6e:0d:ad:bb:4e:90:e5:cc:68:91:36:b1:01:ba:ee:
10:0f:f4:fe:28:5e:0b:a2:57:7a:60:80:37:0d:15:74:8b:29:
54:f8:b3:2e:c3:57:72:46:fa:37:2e:36:a2:60:e5:87:81:f9:
42:af:7c:c4:34:7f:9a:29:00:5a:92:d6:e6:94:c7:49:cd:77:
be:a9:04:db:52:01:b7:5f:88:0f:a0:5a:4b:ce:26:1f:30:06:
96:19:35:a4:15:54:69:2f:08:c0:6d:86:4f:96:89:37:de:7f:
9d:9c:28:dd:61:c9:ef:28:80:1d:01:6f:79:53:5a:c3:d1:f9:
8a:eb:af:28:b4:b1:e7:ee:63:13:7c:81:be:10:80:f2:e1:10:
4f:6c:48:01:d5:22:e1:a5:62:b0:1c:e9:2c:09:95:7a:0e:f9:
c8:2a:3a:66:a8:a8:0f:d6:3e:f1:7c:2b:45:de:9d:35:15:f2:
56:62:69:ec:2c:f4:8a:68:4d:18:89:44:a2:f4:c1:44:d1:f8:
71:f9:b2:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6FZZa5EMhjWCu/e0ildYjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMzI4MTQxMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM4ZTQ5MTg3NDMzMmYwZDMwN2E2YjA1Y2E2ODMyMTMxMDBjMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKz1SAxhJN3Mll1ZR3Y3JEd51yVF
wBnnxR2RQdK5o0+8zksobyqsVsGO1Ih2Ngu4ysK8vmbKt5Tkim4vjO3iXv5TvSC+
HWXi9+o++jtG/ZnvaKslmyRwWP6Kv9pp+rEfafT2RP+spAF6Qp608FDft77xz4FW
OCg7TGGCQOCC9ZZGlpCt3MGxWzrXfRYTNylOad5M0SJMjjc7kh4ks1WN/PvV23+T
x0YKfYj0JpzVRQaAKrw8igzalhdo8G6Pmfg0ZP6EkF7s0T22yeWxlc2tjZpmWr7j
cKq7DImKoxbsVjBdSYtj947AD/M9AdxO76BCbnA2WpZXo+nSnyZxGUuPLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIXI5JGHQzLw0wemsFymgyExAMKaMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvaGNqa2tZZERNdkRUQjZhd1hLYURJVEVBd3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYFPMA8E
AgACMAkDBwAqAUigQgEwDQYJKoZIhvcNAQELBQADggEBAEP0vM20+SD7E2wUu/As
UxDx/E8BWkyCdGwzunG7hYmNlG968t6zEGYMdB+WwLIi7iheQ9B3sI5Dtm4NrbtO
kOXMaJE2sQG67hAP9P4oXguiV3pggDcNFXSLKVT4sy7DV3JG+jcuNqJg5YeB+UKv
fMQ0f5opAFqS1uaUx0nNd76pBNtSAbdfiA+gWkvOJh8wBpYZNaQVVGkvCMBthk+W
iTfef52cKN1hye8ogB0Bb3lTWsPR+Yrrryi0sefuYxN8gb4QgPLhEE9sSAHVIuGl
YrAc6SwJlXoO+cgqOmaoqA/WPvF8K0XenTUV8lZiaews9IpoTRiJRKL0wUTR+HH5
shk=
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:43 2024 by rpki-client on console-ams.rpki-client.org