Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/8u4HQnZ9v4w3FOH1ZhsZEJ_qAqE.roa
File: 8u4HQnZ9v4w3FOH1ZhsZEJ_qAqE.roa (raw, json)
Hash identifier: 9IdWjQDQ83dOQqDcajZTMpj9k4G7u70fFgkNR6IHNbA=
Subject key identifier: F2:EE:07:42:76:7D:BF:8C:37:14:E1:F5:66:1B:19:10:9F:EA:02:A1
Certificate issuer: /CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Certificate serial: 018CC425420C281B932E2B429BC2C2925187
Authority key identifier: AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/8u4HQnZ9v4w3FOH1ZhsZEJ_qAqE.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209036
IP address blocks: 45.9.222.0/24 maxlen: 24
45.9.223.0/24 maxlen: 24
45.9.221.0/24 maxlen: 24
2a0e:1500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:42:0c:28:1b:93:2e:2b:42:9b:c2:c2:92:51:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ee0742767dbf8c3714e1f5661b19109fea02a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:a9:22:c7:a8:f0:72:31:ec:e9:8a:75:69:
53:dd:7f:53:74:b0:69:31:8d:0d:00:65:72:92:bd:
19:0b:57:1f:46:e8:e5:59:a6:c8:b0:27:b3:a4:0b:
b5:eb:27:e0:f3:a9:5f:d4:29:23:b0:97:51:be:e6:
52:7b:09:a2:97:b6:5d:31:d3:af:01:03:6a:d3:82:
0e:2d:ab:b6:c3:ca:36:86:af:31:02:00:f7:0c:79:
5c:4f:12:e1:a4:44:65:70:05:52:a8:ef:75:1f:f4:
26:9f:e0:56:73:6c:0f:3c:c0:3d:d2:96:e3:8f:1f:
3d:7c:e3:42:2c:2e:aa:89:0a:18:86:ff:cb:9d:54:
fb:34:88:7d:cf:f7:0f:de:a7:f4:70:a2:0b:51:c2:
45:24:5a:6b:4b:e4:c5:0b:af:62:2c:47:ca:e8:c0:
2e:f0:cb:05:19:9d:3a:e3:c6:6a:8e:da:30:b9:ee:
c5:d1:45:b1:3d:a8:4b:5c:74:a6:0f:bf:3c:9b:6f:
42:eb:70:9e:0a:6c:24:ea:db:af:c6:4d:aa:6c:fa:
d7:3d:8a:3b:86:1f:62:be:2a:bb:82:92:72:d9:06:
d0:b6:0e:99:a4:74:58:88:f9:f4:bd:5f:73:39:0d:
dc:ea:d3:85:80:63:04:6c:45:54:c5:fd:aa:eb:d6:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EE:07:42:76:7D:BF:8C:37:14:E1:F5:66:1B:19:10:9F:EA:02:A1
X509v3 Authority Key Identifier:
keyid:AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/8u4HQnZ9v4w3FOH1ZhsZEJ_qAqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/rdbXV2zSgkXGefmvNXXANbiiLJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.221.0-45.9.223.255
IPv6:
2a0e:1500::/29
Signature Algorithm: sha256WithRSAEncryption
25:6e:2d:c7:c5:11:7d:93:44:5f:93:27:e1:2d:9f:0b:86:c2:
66:84:8a:82:ae:84:9a:60:0f:b9:b1:16:51:da:c5:94:79:39:
a5:ef:2d:1a:9f:b8:82:d5:26:a0:d0:29:2a:32:c4:0f:06:92:
e8:42:1f:5a:b0:c9:73:08:c7:05:09:ab:ad:f9:db:d4:12:c9:
e1:20:e5:cf:a8:f6:e1:64:e9:df:88:b3:00:16:6c:87:d8:b7:
5a:ed:8f:3d:e4:e4:35:9f:e3:3e:26:ba:87:40:d3:0f:57:50:
0b:7f:76:a8:0c:71:bf:27:40:8d:46:8c:1e:83:0f:2b:a7:98:
78:59:25:20:af:52:1f:62:5e:06:3a:54:bb:d0:c4:54:49:98:
c6:f5:85:37:cc:59:0f:a7:47:4c:52:d4:ee:e7:51:de:0e:f0:
51:11:a7:47:5b:e6:72:33:59:96:39:97:05:6b:90:06:43:ec:
65:a5:07:2b:fe:e7:6f:8f:8e:9d:92:b0:b6:ae:41:d5:55:7c:
47:0a:bc:6f:5f:b1:6c:d3:f9:7e:bf:07:8a:f6:93:f9:38:78:
a5:24:3c:51:51:7c:c1:e9:b7:f6:3f:cb:ba:c7:d7:a0:5f:fc:
85:e4:60:bd:20:a9:82:46:9e:11:fe:2c:56:c0:cc:21:56:36:
15:7f:40:86
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJUIMKBuTLitCm8LCklGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDZkNzU3NmNkMjgyNDVjNjc5ZjlhZjM1NzVjMDM1Yjhh
MjJjOWUwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVlMDc0Mjc2N2RiZjhjMzcxNGUxZjU2NjFiMTkxMDlmZWEwMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnipIseo8HIx7OmKdWlT3X9TdLBp
MY0NAGVykr0ZC1cfRujlWabIsCezpAu16yfg86lf1CkjsJdRvuZSewmil7ZdMdOv
AQNq04IOLau2w8o2hq8xAgD3DHlcTxLhpERlcAVSqO91H/Qmn+BWc2wPPMA90pbj
jx89fONCLC6qiQoYhv/LnVT7NIh9z/cP3qf0cKILUcJFJFprS+TFC69iLEfK6MAu
8MsFGZ0648Zqjtowue7F0UWxPahLXHSmD788m29C63CeCmwk6tuvxk2qbPrXPYo7
hh9iviq7gpJy2QbQtg6ZpHRYiPn0vV9zOQ3c6tOFgGMEbEVUxf2q69YYYQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPLuB0J2fb+MNxTh9WYbGRCf6gKhMB8GA1UdIwQY
MBaAFK3W11ds0oJFxnn5rzV1wDW4oiyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDIt
ZGRiMDQ4NGE2ZGEyLzEvOHU0SFFuWjl2NHczRk9IMVpoc1pFSl9xQXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDItZGRiMDQ4NGE2ZGEy
LzEvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAtCd0D
BAUtCcAwDQQCAAIwBwMFAyoOFQAwDQYJKoZIhvcNAQELBQADggEBACVuLcfFEX2T
RF+TJ+EtnwuGwmaEioKuhJpgD7mxFlHaxZR5OaXvLRqfuILVJqDQKSoyxA8GkuhC
H1qwyXMIxwUJq63529QSyeEg5c+o9uFk6d+IswAWbIfYt1rtjz3k5DWf4z4muodA
0w9XUAt/dqgMcb8nQI1GjB6DDyunmHhZJSCvUh9iXgY6VLvQxFRJmMb1hTfMWQ+n
R0xS1O7nUd4O8FERp0db5nIzWZY5lwVrkAZD7GWlByv+52+Pjp2SsLauQdVVfEcK
vG9fsWzT+X6/B4r2k/k4eKUkPFFRfMHpt/Y/y7rH16Bf/IXkYL0gqYJGnhH+LFbA
zCFWNhV/QIY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:44 2025 by rpki-client