Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/m8mdIGgCdDk8ECzdaCvdrLh4mtc.roa
File: m8mdIGgCdDk8ECzdaCvdrLh4mtc.roa (raw, json)
Hash identifier: 1WaQc/H22UNCHQlCBW6a/NhfTlO0CUALYrwN4KQk1Ck=
Subject key identifier: 9B:C9:9D:20:68:02:74:39:3C:10:2C:DD:68:2B:DD:AC:B8:78:9A:D7
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 018CC7271755EA9C86841873DB617891C2B9
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/m8mdIGgCdDk8ECzdaCvdrLh4mtc.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62142
IP address blocks: 45.9.192.0/24 maxlen: 26
2a0e:1106::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:17:55:ea:9c:86:84:18:73:db:61:78:91:c2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bc99d20680274393c102cdd682bddacb8789ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d5:03:5c:79:16:38:c7:fd:89:3b:a6:89:bc:
02:2d:c8:17:0d:c0:b9:74:2a:0a:bf:aa:4b:7d:be:
a2:7d:b0:7d:a1:57:d9:91:94:c6:59:4d:44:f1:37:
eb:64:45:a8:81:2f:1e:36:ee:df:25:5b:63:c7:1d:
b6:41:33:21:20:dd:5b:ee:dc:e6:a7:05:2b:87:8b:
f3:7f:76:eb:76:a4:d2:dd:cf:86:57:2b:63:f2:97:
42:f9:57:ec:ed:e7:48:45:49:28:84:fa:24:a2:1e:
70:3d:5e:ab:b8:5d:72:9a:68:2d:71:fb:e7:40:18:
e8:18:54:9b:ea:62:36:4e:bf:84:8b:a7:5e:c0:9f:
42:d6:d1:d0:a5:fe:a5:de:84:9f:ed:00:7c:b0:ed:
9d:77:8e:6b:8a:5a:8e:a3:db:ac:48:c1:b8:21:28:
66:bd:e1:b0:2d:0a:9b:94:ec:95:ac:a2:7a:9f:c6:
a7:18:a9:f2:88:5b:52:bb:a4:32:1e:a0:5d:ac:27:
7b:e4:fc:1b:fe:64:17:cb:86:9c:29:f9:e8:f2:29:
92:f2:ef:31:fb:d3:ab:08:10:bf:95:7e:ac:c4:7f:
56:b4:87:ae:0b:00:77:ca:b3:57:9a:f5:26:62:98:
ca:c2:80:e6:6f:65:98:df:f8:2a:e5:57:d1:47:ff:
75:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C9:9D:20:68:02:74:39:3C:10:2C:DD:68:2B:DD:AC:B8:78:9A:D7
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/m8mdIGgCdDk8ECzdaCvdrLh4mtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.192.0/24
IPv6:
2a0e:1106::/40
Signature Algorithm: sha256WithRSAEncryption
23:00:a8:8a:4a:39:31:4a:64:e9:ff:d9:fe:d2:7e:6b:dd:35:
37:f5:e3:79:0c:dd:f2:b6:a8:07:b3:3f:a8:75:cb:9c:9f:10:
ee:7b:da:b4:8b:14:26:a9:ee:29:f4:83:8e:a4:b2:fa:3a:5b:
fb:0d:19:a4:9c:05:0c:de:39:4f:92:3e:0d:66:f3:a1:2a:24:
41:c1:be:df:cd:bc:b3:38:d8:6f:ca:4f:89:f8:4b:4e:64:eb:
18:52:c9:2e:d8:d0:ba:66:cb:40:90:71:5a:93:34:32:fa:de:
f8:78:bc:0e:bb:57:67:0f:1a:90:9c:39:8a:8a:b1:24:ff:d0:
bb:df:ca:b6:5c:70:4d:e9:6d:11:36:c8:f0:e6:97:57:22:53:
df:e2:bb:55:d6:63:72:4c:c7:2b:ee:51:e1:11:49:f1:72:3d:
5e:0e:d1:2e:2f:27:b9:49:ab:1a:ad:e5:61:fe:9a:0a:84:e1:
9d:36:93:78:7c:d2:ac:b1:54:35:29:5b:5c:11:67:fa:2b:ff:
5f:f8:d9:ab:bb:9a:55:0e:8f:5b:ee:7d:62:47:56:ae:be:9f:
3a:3f:08:d2:c8:ba:11:59:1e:45:75:ca:db:b1:f6:f8:83:34:
85:dc:a0:cb:8a:bd:cf:95:d1:6d:3b:a7:09:c3:38:02:14:5d:
a5:61:98:26
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHJxdV6pyGhBhz22F4kcK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmM5OWQyMDY4MDI3NDM5M2MxMDJjZGQ2ODJiZGRhY2I4Nzg5YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNUDXHkWOMf9iTumibwCLcgXDcC5
dCoKv6pLfb6ifbB9oVfZkZTGWU1E8TfrZEWogS8eNu7fJVtjxx22QTMhIN1b7tzm
pwUrh4vzf3brdqTS3c+GVytj8pdC+Vfs7edIRUkohPokoh5wPV6ruF1ymmgtcfvn
QBjoGFSb6mI2Tr+Ei6dewJ9C1tHQpf6l3oSf7QB8sO2dd45rilqOo9usSMG4IShm
veGwLQqblOyVrKJ6n8anGKnyiFtSu6QyHqBdrCd75Pwb/mQXy4acKfno8imS8u8x
+9OrCBC/lX6sxH9WtIeuCwB3yrNXmvUmYpjKwoDmb2WY3/gq5VfRR/91QQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJvJnSBoAnQ5PBAs3Wgr3ay4eJrXMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvbThtZElHZ0NkRGs4RUN6ZGFDdmRyTGg0bXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALQnAMA4E
AgACMAgDBgAqDhEGADANBgkqhkiG9w0BAQsFAAOCAQEAIwCoiko5MUpk6f/Z/tJ+
a901N/XjeQzd8raoB7M/qHXLnJ8Q7nvatIsUJqnuKfSDjqSy+jpb+w0ZpJwFDN45
T5I+DWbzoSokQcG+3828szjYb8pPifhLTmTrGFLJLtjQumbLQJBxWpM0Mvre+Hi8
DrtXZw8akJw5ioqxJP/Qu9/KtlxwTeltETbI8OaXVyJT3+K7VdZjckzHK+5R4RFJ
8XI9Xg7RLi8nuUmrGq3lYf6aCoThnTaTeHzSrLFUNSlbXBFn+iv/X/jZq7uaVQ6P
W+59YkdWrr6fOj8I0si6EVkeRXXK27H2+IM0hdygy4q9z5XRbTunCcM4AhRdpWGY
Jg==
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:38:28 2025 by rpki-client