Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/pvcMVFuYYku2qxoycEGvZvMuVjQ.roa
File: pvcMVFuYYku2qxoycEGvZvMuVjQ.roa (raw, json)
Hash identifier: OLtaf7uOhuBOuvx2u+B1OkGppgEyu9H6mFv7AYLpG40=
Subject key identifier: A6:F7:0C:54:5B:98:62:4B:B6:AB:1A:32:70:41:AF:66:F3:2E:56:34
Certificate issuer: /CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Certificate serial: 018E67495D7CD717346312A3F909D9AD6E4C
Authority key identifier: 4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/pvcMVFuYYku2qxoycEGvZvMuVjQ.roa
Signing time: Fri 22 Mar 2024 17:50:45 +0000
ROA not before: Fri 22 Mar 2024 17:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215675
IP address blocks: 45.129.164.0/24 maxlen: 24
2a07:ddc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 May 2024 12:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:67:49:5d:7c:d7:17:34:63:12:a3:f9:09:d9:ad:6e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Validity
Not Before: Mar 22 17:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6f70c545b98624bb6ab1a327041af66f32e5634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:64:7c:17:7f:37:65:6f:18:84:19:91:08:48:
e5:df:39:58:3e:54:13:3f:e5:1d:b2:91:2d:32:7e:
0d:c2:54:00:fc:df:87:e7:48:90:55:0a:e6:60:87:
4b:37:42:5f:39:3e:1e:1a:b9:83:79:e9:2e:b7:6b:
f7:2d:2d:e9:24:04:a6:54:db:42:21:9e:d4:39:1b:
b6:38:ae:01:b0:99:b5:4e:94:12:1e:c4:1e:88:7c:
b6:5d:62:06:98:03:86:06:4e:82:68:89:7e:d0:0b:
7c:72:a4:82:27:0a:3d:31:e2:8b:1d:78:8b:16:7f:
4d:39:78:61:0b:6a:d2:62:03:ad:30:06:ff:72:5b:
8d:cd:b6:6f:a8:2d:63:de:e9:5f:8a:17:36:a1:97:
ac:26:ac:fa:3d:74:9d:8a:b4:16:1b:60:13:a3:e7:
1b:9c:10:d0:a1:2d:1e:80:6b:63:0b:0f:f5:8d:b6:
bb:07:e7:b9:44:bd:18:fb:be:a7:3f:a8:25:bd:10:
5f:a8:09:f2:46:a1:2c:a9:e0:36:bb:9c:8c:92:7e:
0d:b3:d9:58:3a:2f:db:f9:e6:cb:fc:bd:d5:f7:ee:
30:6a:40:a7:c4:07:6a:03:8b:01:8a:96:66:d8:24:
4d:b2:0e:f5:33:8a:3c:de:cc:7a:4c:52:8b:94:32:
04:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F7:0C:54:5B:98:62:4B:B6:AB:1A:32:70:41:AF:66:F3:2E:56:34
X509v3 Authority Key Identifier:
keyid:4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/pvcMVFuYYku2qxoycEGvZvMuVjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.164.0/24
IPv6:
2a07:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
69:a6:2a:06:23:42:86:6b:a1:db:92:5c:95:98:e3:2b:ba:44:
9b:58:6e:8f:fc:9a:b3:83:50:87:f7:f6:1f:a9:7c:43:21:98:
26:fd:26:2e:2e:c6:80:8f:31:7e:2a:67:31:05:e5:0d:e2:77:
73:e1:df:08:cf:91:be:1a:d5:be:b5:73:4c:33:58:23:e5:e3:
e8:7e:2c:da:b7:ef:79:64:b9:ad:24:6d:8c:b7:3a:ee:c5:f5:
3f:5c:1f:d6:25:ee:fe:b2:1f:94:80:48:c4:dc:fd:b7:8b:12:
d1:3b:ee:5f:1f:1c:a8:b5:b4:3f:a8:26:c2:28:37:82:16:ad:
c4:9c:f1:de:92:ec:ad:40:07:47:a0:dd:f6:1c:e7:f4:db:92:
45:f5:9c:83:64:f4:20:55:1e:39:d4:58:47:6a:c5:1b:56:a6:
73:a7:0f:a3:52:78:39:4f:d2:16:2b:b3:40:c0:28:24:05:a2:
fa:65:af:f3:ad:b1:23:52:0b:51:fb:62:bc:65:17:bf:ad:9b:
34:5d:73:b9:f2:26:3e:ce:be:9b:56:1e:4a:0b:75:87:2e:9f:
d0:32:2f:94:f5:1b:86:10:85:a4:77:7a:10:7c:15:b2:20:34:
66:9b:c1:52:2d:c2:72:6d:ca:e0:69:3a:8f:82:8a:3b:5c:f8:
64:4b:4f:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5nSV181xc0YxKj+QnZrW5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Q3NWE1MTA5ZTJjMTA2ZTExOTNkNTdlZTJiOTk5ZmVj
MjdmZTAwHhcNMjQwMzIyMTc1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY3MGM1NDViOTg2MjRiYjZhYjFhMzI3MDQxYWY2NmYzMmU1NjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmR8F383ZW8YhBmRCEjl3zlYPlQT
P+UdspEtMn4NwlQA/N+H50iQVQrmYIdLN0JfOT4eGrmDeekut2v3LS3pJASmVNtC
IZ7UORu2OK4BsJm1TpQSHsQeiHy2XWIGmAOGBk6CaIl+0At8cqSCJwo9MeKLHXiL
Fn9NOXhhC2rSYgOtMAb/cluNzbZvqC1j3ulfihc2oZesJqz6PXSdirQWG2ATo+cb
nBDQoS0egGtjCw/1jba7B+e5RL0Y+76nP6glvRBfqAnyRqEsqeA2u5yMkn4Ns9lY
Oi/b+ebL/L3V9+4wakCnxAdqA4sBipZm2CRNsg71M4o83sx6TFKLlDIEgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKb3DFRbmGJLtqsaMnBBr2bzLlY0MB8GA1UdIwQY
MBaAFE7NdaUQniwQbhGT1X7iuZn+wn/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYt
NDA3MjU1N2M0N2ZhLzEvcHZjTVZGdVlZa3UycXhveWNFR3Zadk11VmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYtNDA3MjU1N2M0N2Zh
LzEvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYGkMA0E
AgACMAcDBQMqB93AMA0GCSqGSIb3DQEBCwUAA4IBAQBppioGI0KGa6HbklyVmOMr
ukSbWG6P/Jqzg1CH9/YfqXxDIZgm/SYuLsaAjzF+KmcxBeUN4ndz4d8Iz5G+GtW+
tXNMM1gj5ePofizat+95ZLmtJG2MtzruxfU/XB/WJe7+sh+UgEjE3P23ixLRO+5f
HxyotbQ/qCbCKDeCFq3EnPHekuytQAdHoN32HOf025JF9ZyDZPQgVR451FhHasUb
VqZzpw+jUng5T9IWK7NAwCgkBaL6Za/zrbEjUgtR+2K8ZRe/rZs0XXO58iY+zr6b
Vh5KC3WHLp/QMi+U9RuGEIWkd3oQfBWyIDRmm8FSLcJybcrgaTqPgoo7XPhkS088
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:03 2025 by rpki-client