Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/bZ5J52pVLl-6uKTwRoOHwGvZ3Hc.roa
File: bZ5J52pVLl-6uKTwRoOHwGvZ3Hc.roa (raw, json)
Hash identifier: rVKunseZCmdpcu+oMxJ04a4WmetL+hyg+hbTV8sbFBI=
Subject key identifier: 6D:9E:49:E7:6A:55:2E:5F:BA:B8:A4:F0:46:83:87:C0:6B:D9:DC:77
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 019426D91EBE5331D19190D553B1037B9D5A
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/bZ5J52pVLl-6uKTwRoOHwGvZ3Hc.roa
Signing time: Thu 02 Jan 2025 11:49:10 +0000
ROA not before: Thu 02 Jan 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 08:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:1e:be:53:31:d1:91:90:d5:53:b1:03:7b:9d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 2 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d9e49e76a552e5fbab8a4f0468387c06bd9dc77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d0:9a:0b:a6:a1:9d:15:2a:98:d9:aa:88:82:
dd:aa:38:70:66:ba:7d:53:45:be:6f:05:4b:01:78:
db:52:b4:e8:1d:ce:55:a6:2a:51:75:e2:7e:2e:cf:
b1:86:93:60:96:5e:1c:22:19:b3:45:1d:b0:2c:a8:
e8:45:31:06:37:bd:27:26:dc:6e:93:10:5f:77:18:
79:1a:6c:92:fb:fc:46:59:d0:12:61:ba:4f:ba:21:
b9:c0:8e:97:4c:40:47:d2:27:f1:36:fd:50:34:79:
2b:3b:94:96:ef:3c:d4:ff:50:87:9c:63:c9:ce:85:
1c:13:eb:af:88:d1:0e:4b:4f:9e:ad:7c:34:12:ed:
fc:62:5f:f0:70:b6:35:6e:30:4b:42:65:15:be:92:
19:0c:0e:78:75:8e:2e:cd:c5:96:4d:7f:a4:11:d7:
76:61:43:e8:59:d1:d9:6c:68:7b:46:ab:6a:6c:4d:
6f:24:a0:2d:48:ee:c2:81:fb:f8:2b:37:a7:e5:8f:
4a:b3:38:d1:24:20:f0:ec:e3:f8:0a:66:b9:41:84:
63:65:ef:fd:8f:68:bc:40:d7:bf:d3:73:28:4e:40:
b4:fd:f0:80:cf:26:8a:f7:70:ef:dc:f9:8f:63:e4:
6e:9c:46:ef:1b:e6:93:91:89:fa:4c:2f:28:6b:7b:
d9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9E:49:E7:6A:55:2E:5F:BA:B8:A4:F0:46:83:87:C0:6B:D9:DC:77
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/bZ5J52pVLl-6uKTwRoOHwGvZ3Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:e2:49:f6:ca:d5:f3:3c:e6:7e:3a:44:a3:4f:c7:ab:37:16:
4b:3f:ee:ba:a8:79:49:6c:5d:0f:ca:58:e8:66:ec:3a:24:c1:
f2:d1:72:ba:a1:0e:47:9d:07:47:9e:38:92:32:95:d5:2d:d7:
3e:d8:14:a7:b7:da:63:63:02:04:c5:ba:e9:73:d3:d9:ac:2c:
9d:1a:92:2d:69:81:81:7c:1d:f7:43:1e:ff:90:14:44:34:dd:
12:6c:df:c8:26:78:04:57:b1:b8:b8:53:b4:12:30:ef:ad:85:
ef:ab:fb:c0:46:21:1f:7f:39:45:67:78:8d:d9:e7:78:93:eb:
7c:b3:ba:ec:c2:d7:14:61:b0:28:9c:b7:60:83:98:da:74:51:
71:05:d8:a7:b9:96:a0:a6:7b:31:13:5a:23:c5:2b:d5:33:44:
97:72:22:12:fd:2a:d6:27:c2:99:a0:24:54:19:1f:83:42:1f:
df:7f:f0:35:2f:bc:59:37:58:95:b7:f7:79:07:db:a7:4f:20:
45:73:96:e4:23:19:13:6b:c2:f6:88:00:bc:df:a4:ec:c9:de:
a7:8b:4a:f0:7e:20:3f:27:2a:1a:67:3c:05:cd:58:f7:bd:b5:
76:8a:9e:a6:8a:0d:fa:31:7a:2a:6f:d4:26:aa:3a:45:a2:05:
06:be:4c:b1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2R6+UzHRkZDVU7EDe51aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwMTAyMTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDllNDllNzZhNTUyZTVmYmFiOGE0ZjA0NjgzODdjMDZiZDlkYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNCaC6ahnRUqmNmqiILdqjhwZrp9
U0W+bwVLAXjbUrToHc5VpipRdeJ+Ls+xhpNgll4cIhmzRR2wLKjoRTEGN70nJtxu
kxBfdxh5GmyS+/xGWdASYbpPuiG5wI6XTEBH0ifxNv1QNHkrO5SW7zzU/1CHnGPJ
zoUcE+uviNEOS0+erXw0Eu38Yl/wcLY1bjBLQmUVvpIZDA54dY4uzcWWTX+kEdd2
YUPoWdHZbGh7RqtqbE1vJKAtSO7Cgfv4Kzen5Y9KszjRJCDw7OP4Cma5QYRjZe/9
j2i8QNe/03MoTkC0/fCAzyaK93Dv3PmPY+RunEbvG+aTkYn6TC8oa3vZrwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG2eSedqVS5furik8EaDh8Br2dx3MB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvYlo1SjUycFZMbC02dUtUd1JvT0h3R3ZaM0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALZtjMBoE
AgACMBQwEgMHBSoQugC+4AMHASoQugC+5DANBgkqhkiG9w0BAQsFAAOCAQEAd+JJ
9srV8zzmfjpEo0/HqzcWSz/uuqh5SWxdD8pY6GbsOiTB8tFyuqEOR50HR544kjKV
1S3XPtgUp7faY2MCBMW66XPT2awsnRqSLWmBgXwd90Me/5AURDTdEmzfyCZ4BFex
uLhTtBIw762F76v7wEYhH385RWd4jdnneJPrfLO67MLXFGGwKJy3YIOY2nRRcQXY
p7mWoKZ7MRNaI8Ur1TNEl3IiEv0q1ifCmaAkVBkfg0If33/wNS+8WTdYlbf3eQfb
p08gRXOW5CMZE2vC9ogAvN+k7Mnep4tK8H4gPycqGmc8Bc1Y9721doqepooN+jF6
Km/UJqo6RaIFBr5MsQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:18:23 2025 by rpki-client