Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/oD4wQ_of0juMqCuO7oWPZh2TT6M.roa
File: oD4wQ_of0juMqCuO7oWPZh2TT6M.roa (raw, json)
Hash identifier: +fm7496JlTXWBmViNrYbAmhgyuDUlkabR2FT0gQXMl0=
Subject key identifier: A0:3E:30:43:FA:1F:D2:3B:8C:A8:2B:8E:EE:85:8F:66:1D:93:4F:A3
Certificate issuer: /CN=52702cdee043094ac2f33170125f94f7034da8f0
Certificate serial: 018CC801424A3A87FAC1D69E4F888B11AAD6
Authority key identifier: 52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/oD4wQ_of0juMqCuO7oWPZh2TT6M.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59521
IP address blocks: 185.171.128.0/22 maxlen: 24
45.80.38.0/23 maxlen: 24
2a0a:f700::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:42:4a:3a:87:fa:c1:d6:9e:4f:88:8b:11:aa:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52702cdee043094ac2f33170125f94f7034da8f0
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a03e3043fa1fd23b8ca82b8eee858f661d934fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:65:04:fb:c4:22:dd:ab:11:ac:a8:ad:a9:d4:
e1:b0:47:6b:38:71:2c:3a:1d:5c:9e:f1:c3:a7:2d:
fe:0f:d8:f8:41:ef:ac:9a:31:d3:1a:3a:e4:eb:79:
79:1f:44:33:c9:88:ee:a2:38:38:47:af:f0:f9:02:
5e:6f:ca:3a:45:70:ed:1d:a8:ef:a8:71:7d:4b:49:
f5:81:b9:a6:e1:42:5d:d0:14:65:11:fd:fa:6f:d1:
46:c0:45:a5:28:76:39:d6:3e:cc:3e:34:94:47:65:
9f:f4:c6:0d:b1:ce:ed:5c:8f:11:d6:dd:f1:6c:76:
38:97:70:dd:b2:01:ca:e0:29:13:4f:42:83:4f:de:
75:2b:e5:27:ec:7c:ed:4c:af:0b:20:9d:69:b8:02:
92:ec:4c:f4:d3:ce:4b:bd:c8:f5:66:46:cf:ff:bd:
d1:c1:1d:e0:aa:c1:b5:5a:a8:fa:1f:bd:cd:d0:39:
9a:75:79:18:5d:fc:0a:42:fe:05:34:9f:3a:63:09:
0e:2a:15:97:5b:9f:98:a5:e0:c6:38:51:77:d8:c2:
c6:2f:80:56:82:83:f3:db:ae:32:06:6e:3c:a7:c8:
a0:bf:de:00:2f:c6:d9:a8:87:d4:f7:ad:85:52:5d:
f6:de:61:4f:e4:54:50:d7:a3:91:d8:62:ba:f4:08:
be:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3E:30:43:FA:1F:D2:3B:8C:A8:2B:8E:EE:85:8F:66:1D:93:4F:A3
X509v3 Authority Key Identifier:
keyid:52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/oD4wQ_of0juMqCuO7oWPZh2TT6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.38.0/23
185.171.128.0/22
IPv6:
2a0a:f700::/29
Signature Algorithm: sha256WithRSAEncryption
4a:d7:2b:20:01:1b:bf:95:50:46:29:4b:d7:da:e8:6e:69:f6:
4c:e0:90:6a:88:d1:94:29:1f:d9:85:18:50:3f:f8:7a:3e:88:
68:7b:0b:e5:b1:53:1c:fc:6d:56:17:4c:93:9d:ef:fd:88:45:
e6:8c:a9:fc:94:4e:f6:1b:34:48:07:27:4c:fd:2d:14:f6:3f:
48:d3:b8:1a:b6:6f:b0:8f:d6:e4:80:6b:f8:12:60:f2:5a:d0:
d0:96:18:04:7f:0f:f9:73:6f:11:e1:82:3d:ba:a9:ed:f3:e6:
b0:97:40:bc:60:d5:99:3c:94:cb:34:a5:99:e2:05:1f:34:82:
4e:69:d6:8f:70:41:44:6e:f6:f3:c2:82:a2:56:8b:03:5c:00:
de:bf:4e:96:0b:d3:7e:16:4c:5b:f5:be:64:2d:67:ac:ea:24:
69:f2:08:6f:8c:d2:ba:3f:c6:c9:e4:8d:3c:e9:68:85:52:39:
b5:00:82:bc:af:37:da:30:e0:32:11:ff:a9:35:d4:fb:5a:b9:
50:05:65:58:45:8c:fe:34:28:20:2d:cc:5a:70:56:37:0f:1f:
ab:7d:46:c1:df:21:af:c7:8e:8c:8a:07:4d:2e:0e:c7:1f:49:
c7:a4:cb:b2:fd:55:2a:96:fd:39:18:86:4c:14:9f:70:91:e4:
ca:10:e4:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAUJKOof6wdaeT4iLEarWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzAyY2RlZTA0MzA5NGFjMmYzMzE3MDEyNWY5NGY3MDM0
ZGE4ZjAwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNlMzA0M2ZhMWZkMjNiOGNhODJiOGVlZTg1OGY2NjFkOTM0ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmUE+8Qi3asRrKitqdThsEdrOHEs
Oh1cnvHDpy3+D9j4Qe+smjHTGjrk63l5H0QzyYjuojg4R6/w+QJeb8o6RXDtHajv
qHF9S0n1gbmm4UJd0BRlEf36b9FGwEWlKHY51j7MPjSUR2Wf9MYNsc7tXI8R1t3x
bHY4l3DdsgHK4CkTT0KDT951K+Un7HztTK8LIJ1puAKS7Ez0085Lvcj1ZkbP/73R
wR3gqsG1Wqj6H73N0DmadXkYXfwKQv4FNJ86YwkOKhWXW5+YpeDGOFF32MLGL4BW
goPz264yBm48p8igv94AL8bZqIfU962FUl323mFP5FRQ16OR2GK69Ai+swIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKA+MEP6H9I7jKgrju6Fj2Ydk0+jMB8GA1UdIwQY
MBaAFFJwLN7gQwlKwvMxcBJflPcDTajwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2Qt
ZTI4MGI2NTAxNzA0LzEvb0Q0d1Ffb2YwanVNcUN1TzdvV1BaaDJUVDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2QtZTI4MGI2NTAxNzA0
LzEvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVAmAwQC
uauAMA0EAgACMAcDBQMqCvcAMA0GCSqGSIb3DQEBCwUAA4IBAQBK1ysgARu/lVBG
KUvX2uhuafZM4JBqiNGUKR/ZhRhQP/h6PohoewvlsVMc/G1WF0yTne/9iEXmjKn8
lE72GzRIBydM/S0U9j9I07gatm+wj9bkgGv4EmDyWtDQlhgEfw/5c28R4YI9uqnt
8+awl0C8YNWZPJTLNKWZ4gUfNIJOadaPcEFEbvbzwoKiVosDXADev06WC9N+Fkxb
9b5kLWes6iRp8ghvjNK6P8bJ5I086WiFUjm1AIK8rzfaMOAyEf+pNdT7WrlQBWVY
RYz+NCggLcxacFY3Dx+rfUbB3yGvx46MigdNLg7HH0nHpMuy/VUqlv05GIZMFJ9w
keTKEOSu
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:43:24 2025 by rpki-client