Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/sSaRESLrrySFMa6e4Eu7QEJer78.roa
File: sSaRESLrrySFMa6e4Eu7QEJer78.roa (raw, json)
Hash identifier: QCC9UPHxTAuDutIcST/wJQMsuL3HxL2NhUVM48+YwUg=
Subject key identifier: B1:26:91:11:22:EB:AF:24:85:31:AE:9E:E0:4B:BB:40:42:5E:AF:BF
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 0192B989ECEA686CC3B2D95C08BFBC7605A6
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/sSaRESLrrySFMa6e4Eu7QEJer78.roa
Signing time: Wed 23 Oct 2024 13:21:16 +0000
ROA not before: Wed 23 Oct 2024 13:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211366
IP address blocks: 45.9.193.0/24 maxlen: 24
2a0e:1106:3000::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:89:ec:ea:68:6c:c3:b2:d9:5c:08:bf:bc:76:05:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Oct 23 13:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b126911122ebaf248531ae9ee04bbb40425eafbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:61:bb:14:4f:aa:5f:30:04:a0:6f:cd:85:bb:
f0:6d:59:4c:2c:97:78:66:17:25:44:1c:da:78:73:
b4:ae:c2:75:f8:80:26:7f:4c:80:c9:fc:c0:e6:0c:
dc:b5:4c:84:bc:43:92:f3:a2:ed:35:e8:21:4c:b1:
92:39:55:a7:cf:b1:0d:04:0e:1c:b4:ec:68:8d:2e:
30:36:09:2a:83:25:ce:cd:3a:31:43:72:73:46:32:
ec:ae:00:cf:9f:f1:c7:04:d3:f4:53:4d:d7:9e:e4:
2b:a0:8f:4e:db:c7:f8:5e:92:fb:93:56:3a:7a:4e:
98:e3:13:1c:b5:07:38:fa:ed:a8:ea:b5:8d:80:70:
27:5b:61:d3:9b:42:07:a6:c9:2e:f2:34:a6:6a:91:
b5:e6:ca:3a:64:60:db:8c:89:df:15:a7:b2:b2:90:
90:8f:be:10:3e:2a:8a:a5:c8:25:f0:9e:e0:c7:1f:
c7:1e:d6:fe:67:6e:68:7d:e2:31:cd:35:f2:38:2f:
46:17:33:f1:99:1f:7e:64:7c:78:39:45:30:b4:c6:
bf:d2:2b:b9:72:df:35:80:43:5e:5c:8a:82:18:c4:
be:51:af:65:8e:15:b6:3b:3f:49:ca:01:b9:93:48:
e1:6d:9d:cf:ff:17:2c:f4:ba:e6:18:e9:31:ad:fd:
3c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:26:91:11:22:EB:AF:24:85:31:AE:9E:E0:4B:BB:40:42:5E:AF:BF
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/sSaRESLrrySFMa6e4Eu7QEJer78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.193.0/24
IPv6:
2a0e:1106:3000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:68:1c:15:6a:9b:0a:ee:86:2d:87:2a:e9:8a:40:86:70:c6:
2c:9d:9f:f5:0c:9c:b8:1a:fd:fd:7c:ae:82:0e:5e:14:92:77:
38:f7:72:ed:51:b1:ad:0a:93:6f:4e:ef:aa:c5:3d:91:b7:8f:
f5:28:c6:c7:d8:f0:aa:60:da:3b:1d:45:0b:90:2c:ae:75:77:
51:48:9f:a2:d5:2b:65:08:36:80:81:ff:f3:24:05:b0:09:47:
4a:47:60:7f:2c:1e:ab:1f:68:82:49:fe:ae:aa:a8:f9:5f:30:
db:b8:db:73:92:83:f3:68:cb:96:ea:12:63:49:da:c7:f1:47:
7f:e9:1a:7e:87:20:51:bc:73:3a:14:82:42:e9:f5:50:07:ee:
75:51:db:6e:ac:ac:5e:a3:9d:51:8a:76:0b:d3:49:2b:67:e4:
e8:33:35:f6:6b:4d:4f:18:19:85:bb:93:52:56:5c:cc:e6:86:
4d:d0:36:9a:14:a5:13:69:47:cd:d6:a0:02:4a:18:c1:29:94:
5b:40:3f:a1:54:b9:b4:82:a4:db:dd:42:eb:62:a5:ab:20:2a:
a0:e6:82:47:7b:73:c0:7c:fd:b3:db:ce:33:5e:89:cd:e5:e2:
6d:4a:b0:66:a1:54:fc:04:ca:10:df:8e:ed:b7:72:d7:54:b4:
10:69:a1:91
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZK5iezqaGzDstlcCL+8dgWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjQxMDIzMTMyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTI2OTExMTIyZWJhZjI0ODUzMWFlOWVlMDRiYmI0MDQyNWVhZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGG7FE+qXzAEoG/NhbvwbVlMLJd4
ZhclRBzaeHO0rsJ1+IAmf0yAyfzA5gzctUyEvEOS86LtNeghTLGSOVWnz7ENBA4c
tOxojS4wNgkqgyXOzToxQ3JzRjLsrgDPn/HHBNP0U03XnuQroI9O28f4XpL7k1Y6
ek6Y4xMctQc4+u2o6rWNgHAnW2HTm0IHpsku8jSmapG15so6ZGDbjInfFaeyspCQ
j74QPiqKpcgl8J7gxx/HHtb+Z25ofeIxzTXyOC9GFzPxmR9+ZHx4OUUwtMa/0iu5
ct81gENeXIqCGMS+Ua9ljhW2Oz9JygG5k0jhbZ3P/xcs9LrmGOkxrf08cQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLEmkREi668khTGunuBLu0BCXq+/MB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvc1NhUkVTTHJyeVNGTWE2ZTRFdTdRRUplcjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALQnBMA4E
AgACMAgDBgAqDhEGMDANBgkqhkiG9w0BAQsFAAOCAQEACmgcFWqbCu6GLYcq6YpA
hnDGLJ2f9QycuBr9/Xyugg5eFJJ3OPdy7VGxrQqTb07vqsU9kbeP9SjGx9jwqmDa
Ox1FC5AsrnV3UUifotUrZQg2gIH/8yQFsAlHSkdgfyweqx9ogkn+rqqo+V8w27jb
c5KD82jLluoSY0nax/FHf+kafocgUbxzOhSCQun1UAfudVHbbqysXqOdUYp2C9NJ
K2fk6DM19mtNTxgZhbuTUlZczOaGTdA2mhSlE2lHzdagAkoYwSmUW0A/oVS5tIKk
291C62KlqyAqoOaCR3tzwHz9s9vOM16JzeXibUqwZqFU/ATKEN+O7bdy11S0EGmh
kQ==
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:08:44 2025 by rpki-client