Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/1tklf3q6JYrprvDP8U4tXu2XofU.roa
File: 1tklf3q6JYrprvDP8U4tXu2XofU.roa (raw, json)
Hash identifier: vIbgNbl2Dhnrb9gVF06kLMGNdY+MdjXldDcqh0XeS7M=
Subject key identifier: D6:D9:25:7F:7A:BA:25:8A:E9:AE:F0:CF:F1:4E:2D:5E:ED:97:A1:F5
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018CC8DE4BD1EE3A219F835D46D75E6E54A7
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/1tklf3q6JYrprvDP8U4tXu2XofU.roa
Signing time: Tue 02 Jan 2024 06:31:00 +0000
ROA not before: Tue 02 Jan 2024 06:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 45.80.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:4b:d1:ee:3a:21:9f:83:5d:46:d7:5e:6e:54:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 2 06:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6d9257f7aba258ae9aef0cff14e2d5eed97a1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:de:fc:be:58:c4:10:38:ab:d8:43:81:c2:7d:
ea:83:82:d9:ca:3f:5e:96:45:b5:59:b6:41:b7:8d:
7b:84:ae:a3:a6:dc:cd:08:43:77:ab:3e:06:53:1d:
c0:12:85:1e:c8:a8:3d:ec:4c:6b:24:fe:7f:7d:0e:
08:d8:88:8a:0e:88:6a:ba:d6:d3:6a:c1:20:0d:10:
d9:f9:52:fb:2a:1c:a8:80:36:94:9e:da:96:3a:67:
99:73:9b:8f:8a:0b:03:9a:7d:76:d8:90:1c:c4:98:
76:70:fe:52:a3:14:fe:14:e5:29:00:4f:ab:8a:46:
33:38:2a:c1:df:ec:5b:78:f8:29:2d:9f:5a:ee:a7:
07:20:c9:8a:d4:2c:8e:db:76:77:05:9a:f2:99:69:
cb:de:02:61:c2:ea:a3:13:f1:77:a0:54:1f:3d:af:
3c:e3:c3:41:71:be:08:98:6a:5c:b6:4d:9c:1a:3b:
5d:c2:0f:e9:47:72:7a:17:b3:c9:52:dc:c0:6f:14:
bb:dc:83:e6:f1:ad:91:1a:95:e6:3a:12:c5:cd:77:
09:ea:59:40:b7:15:53:8a:07:53:cb:cf:d6:c5:c7:
2e:7a:a5:50:57:0b:42:b0:6a:56:f1:52:4b:42:96:
4d:42:7d:2f:d0:3d:d3:a7:52:bc:42:c6:3f:b6:c8:
11:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D9:25:7F:7A:BA:25:8A:E9:AE:F0:CF:F1:4E:2D:5E:ED:97:A1:F5
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/1tklf3q6JYrprvDP8U4tXu2XofU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.228.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:52:61:ab:15:ed:8e:3d:03:0e:7f:96:7f:fd:69:0e:22:a7:
40:db:db:35:03:9a:7c:f5:e9:36:d5:cb:c2:e5:47:7b:41:75:
04:61:94:33:fe:b0:e0:e6:4f:e7:6e:07:14:07:4f:ac:5b:e9:
25:bd:7c:d1:d7:7d:19:fe:b5:bd:5e:0e:6b:9e:c7:a2:27:eb:
40:4e:88:5c:04:4e:1f:f6:8a:be:62:f4:b6:f1:bf:b5:60:b6:
36:80:a5:07:ff:4c:dc:98:03:a6:da:ff:3b:9d:86:59:11:4a:
a7:96:b9:5b:3f:df:3e:3c:ae:b5:c6:ae:53:65:ab:9e:bd:ad:
3b:31:20:71:9a:63:51:a4:0b:89:cf:bb:19:74:3a:e2:85:00:
44:d5:bb:6e:95:5b:c9:c7:bb:a0:6a:c3:4d:54:bc:5e:5c:83:
a8:3d:f5:f6:f4:5b:bb:eb:67:b8:fc:b4:05:70:6e:a8:5d:d9:
8f:24:25:28:cc:e6:73:3f:31:0b:5f:05:82:43:39:a9:bb:01:
bd:0f:0f:0b:06:f2:b8:f3:21:a7:f7:09:ef:a6:d7:99:32:30:
83:5c:ae:12:0f:a6:8f:8e:ff:7d:fb:f3:9f:61:fd:47:5d:a1:
2e:ce:81:75:c5:02:7c:23:69:eb:62:3b:38:a2:71:7c:5b:fb:
2c:9e:af:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3kvR7john4NdRtdeblSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjQwMTAyMDYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ5MjU3ZjdhYmEyNThhZTlhZWYwY2ZmMTRlMmQ1ZWVkOTdhMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld78vljEEDir2EOBwn3qg4LZyj9e
lkW1WbZBt417hK6jptzNCEN3qz4GUx3AEoUeyKg97ExrJP5/fQ4I2IiKDohqutbT
asEgDRDZ+VL7KhyogDaUntqWOmeZc5uPigsDmn122JAcxJh2cP5SoxT+FOUpAE+r
ikYzOCrB3+xbePgpLZ9a7qcHIMmK1CyO23Z3BZrymWnL3gJhwuqjE/F3oFQfPa88
48NBcb4ImGpctk2cGjtdwg/pR3J6F7PJUtzAbxS73IPm8a2RGpXmOhLFzXcJ6llA
txVTigdTy8/WxccueqVQVwtCsGpW8VJLQpZNQn0v0D3Tp1K8QsY/tsgRnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbZJX96uiWK6a7wz/FOLV7tl6H1MB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvMXRrbGYzcTZKWXJwcnZEUDhVNHRYdTJYb2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVDkMA0G
CSqGSIb3DQEBCwUAA4IBAQC8UmGrFe2OPQMOf5Z//WkOIqdA29s1A5p89ek21cvC
5Ud7QXUEYZQz/rDg5k/nbgcUB0+sW+klvXzR130Z/rW9Xg5rnseiJ+tATohcBE4f
9oq+YvS28b+1YLY2gKUH/0zcmAOm2v87nYZZEUqnlrlbP98+PK61xq5TZaueva07
MSBxmmNRpAuJz7sZdDrihQBE1btulVvJx7ugasNNVLxeXIOoPfX29Fu762e4/LQF
cG6oXdmPJCUozOZzPzELXwWCQzmpuwG9Dw8LBvK48yGn9wnvpteZMjCDXK4SD6aP
jv99+/OfYf1HXaEuzoF1xQJ8I2nrYjs4onF8W/ssnq8+
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:44:12 2025 by rpki-client