Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/VxlxdoLqNiPpy4IJtbfLwlSSzV0.roa
File: VxlxdoLqNiPpy4IJtbfLwlSSzV0.roa (raw, json)
Hash identifier: uIUZieJ4FHgzdhmY+0JJ4SWlSVsKwFMrcPzkn4HdLRs=
Subject key identifier: 57:19:71:76:82:EA:36:23:E9:CB:82:09:B5:B7:CB:C2:54:92:CD:5D
Certificate issuer: /CN=39caa0bd254d1a87f4bb30db3b513fdb9af625f6
Certificate serial: 018CC9BCA1E15CFF933E267EE82765F18551
Authority key identifier: 39:CA:A0:BD:25:4D:1A:87:F4:BB:30:DB:3B:51:3F:DB:9A:F6:25:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcqgvSVNGof0uzDbO1E_25r2JfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/VxlxdoLqNiPpy4IJtbfLwlSSzV0.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209046
IP address blocks: 45.9.44.0/22 maxlen: 22
45.9.44.0/24 maxlen: 24
45.9.47.0/24 maxlen: 24
45.9.46.0/24 maxlen: 24
45.9.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a1:e1:5c:ff:93:3e:26:7e:e8:27:65:f1:85:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39caa0bd254d1a87f4bb30db3b513fdb9af625f6
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5719717682ea3623e9cb8209b5b7cbc25492cd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:4f:d7:0a:6e:b0:fd:ed:87:fc:50:3f:b7:
25:0a:ec:04:40:25:df:aa:cc:12:65:42:c0:0a:44:
05:4f:ba:6c:8e:43:2a:f1:8b:5c:1c:2e:df:9b:8b:
d9:98:56:08:f6:a8:e8:09:78:99:c0:66:52:9d:49:
80:93:97:09:af:fe:a1:05:19:e5:c4:f8:cd:01:06:
2b:4b:8e:d3:c6:4a:f3:91:51:9f:d5:de:88:56:e0:
ca:2b:b9:8a:ed:99:dd:9f:c8:5f:5c:17:b0:63:ad:
59:11:5a:09:74:b4:f9:db:85:f3:fd:dd:1d:42:f2:
dd:cc:2c:28:78:7d:17:16:00:16:bc:31:07:4d:ea:
ba:c2:80:66:90:5c:89:dd:c1:9d:dc:39:c4:65:c6:
de:69:55:03:ad:8b:13:00:72:1b:da:b9:40:e6:b5:
33:6f:5c:98:a6:20:fb:23:06:f4:f8:b6:d2:3c:ba:
15:ce:8d:27:ba:38:79:aa:83:8e:ae:ed:ae:a7:9c:
ba:68:c5:1f:93:8b:9f:8e:2c:6b:37:c9:40:32:32:
8e:9a:d2:c3:e3:b5:d1:15:f5:05:68:b3:87:b6:fe:
48:24:28:d6:cc:b7:88:f7:b2:80:e0:b3:38:0c:3d:
58:36:99:27:6f:38:5b:d8:3f:06:80:0f:a5:e9:60:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:19:71:76:82:EA:36:23:E9:CB:82:09:B5:B7:CB:C2:54:92:CD:5D
X509v3 Authority Key Identifier:
keyid:39:CA:A0:BD:25:4D:1A:87:F4:BB:30:DB:3B:51:3F:DB:9A:F6:25:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcqgvSVNGof0uzDbO1E_25r2JfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/VxlxdoLqNiPpy4IJtbfLwlSSzV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.44.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:cb:d8:b1:96:6c:64:79:7c:fa:27:e2:81:26:de:86:12:be:
71:d7:a0:23:9c:02:2f:8e:73:de:d8:22:e5:b5:dc:08:8c:49:
1f:06:97:c8:f4:12:67:bc:c9:50:e4:7f:b1:9a:0f:9c:ff:a3:
5e:ed:ad:02:16:bf:d3:06:51:6d:f7:68:aa:9f:20:a9:17:49:
13:7c:e6:9c:25:42:d2:3b:7d:b1:82:eb:a6:81:22:af:54:61:
5e:ce:de:1d:28:e8:c1:c4:f8:e0:6a:8a:65:79:58:a2:fd:1a:
b7:86:4f:11:34:60:17:c4:48:b8:21:eb:cd:95:6f:39:0a:aa:
77:66:51:d1:ac:53:d8:83:a9:cf:46:98:0b:15:35:57:b4:41:
68:0d:ab:90:5b:16:45:86:52:65:13:d5:a5:ac:e0:d6:33:33:
29:72:e8:1a:da:ea:08:fd:14:f8:ff:d9:ea:a0:28:4c:d3:41:
38:56:c9:8a:3c:44:75:d9:c2:ba:32:12:54:fc:6a:6f:7e:48:
4a:ce:d1:ea:fc:3d:45:bb:8f:27:c4:76:84:a5:d8:d3:17:81:
d8:99:ee:82:ec:85:7b:39:c0:d9:24:1f:6a:91:5c:d8:62:d4:
2e:cd:29:8a:ed:d9:67:51:22:ab:95:8a:af:88:b3:fd:25:05:
a5:74:85:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvKHhXP+TPiZ+6Cdl8YVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2FhMGJkMjU0ZDFhODdmNGJiMzBkYjNiNTEzZmRiOWFm
NjI1ZjYwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE5NzE3NjgyZWEzNjIzZTljYjgyMDliNWI3Y2JjMjU0OTJjZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9FP1wpusP3th/xQP7clCuwEQCXf
qswSZULACkQFT7psjkMq8YtcHC7fm4vZmFYI9qjoCXiZwGZSnUmAk5cJr/6hBRnl
xPjNAQYrS47TxkrzkVGf1d6IVuDKK7mK7Zndn8hfXBewY61ZEVoJdLT524Xz/d0d
QvLdzCwoeH0XFgAWvDEHTeq6woBmkFyJ3cGd3DnEZcbeaVUDrYsTAHIb2rlA5rUz
b1yYpiD7Iwb0+LbSPLoVzo0nujh5qoOOru2up5y6aMUfk4ufjixrN8lAMjKOmtLD
47XRFfUFaLOHtv5IJCjWzLeI97KA4LM4DD1YNpknbzhb2D8GgA+l6WDs+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFcZcXaC6jYj6cuCCbW3y8JUks1dMB8GA1UdIwQY
MBaAFDnKoL0lTRqH9Lsw2ztRP9ua9iX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2NxZ3ZTVk5Hb2YwdXpEYk8xRV8yNXIySmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xZjA5NTUtNGQ2Mi00MzNiLWIxOGMt
N2MzN2U2MzliZjBmLzEvVnhseGRvTHFOaVBweTRJSnRiZkx3bFNTelYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xZjA5NTUtNGQ2Mi00MzNiLWIxOGMtN2MzN2U2MzliZjBm
LzEvT2NxZ3ZTVk5Hb2YwdXpEYk8xRV8yNXIySmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQksMA0G
CSqGSIb3DQEBCwUAA4IBAQBPy9ixlmxkeXz6J+KBJt6GEr5x16AjnAIvjnPe2CLl
tdwIjEkfBpfI9BJnvMlQ5H+xmg+c/6Ne7a0CFr/TBlFt92iqnyCpF0kTfOacJULS
O32xguumgSKvVGFezt4dKOjBxPjgaopleVii/Rq3hk8RNGAXxEi4IevNlW85Cqp3
ZlHRrFPYg6nPRpgLFTVXtEFoDauQWxZFhlJlE9WlrODWMzMpcuga2uoI/RT4/9nq
oChM00E4VsmKPER12cK6MhJU/GpvfkhKztHq/D1Fu48nxHaEpdjTF4HYme6C7IV7
OcDZJB9qkVzYYtQuzSmK7dlnUSKrlYqviLP9JQWldIUb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:36 2025 by rpki-client