Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/xnijCKMzoGlt0ZMClXH79wwVdyA.roa
File: xnijCKMzoGlt0ZMClXH79wwVdyA.roa (raw, json)
Hash identifier: L1a0hxGvJQjwWnlPtF5TcDUQ5tY9EnFVXG9rIoQQVqc=
Subject key identifier: C6:78:A3:08:A3:33:A0:69:6D:D1:93:02:95:71:FB:F7:0C:15:77:20
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 01923455C4B469ACB6DB4A70BD8D27AA7F78
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/xnijCKMzoGlt0ZMClXH79wwVdyA.roa
Signing time: Fri 27 Sep 2024 16:34:48 +0000
ROA not before: Fri 27 Sep 2024 16:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214798
IP address blocks: 45.129.140.0/24 maxlen: 24
185.169.107.0/24 maxlen: 24
2a09:31c0:cafe::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:34:55:c4:b4:69:ac:b6:db:4a:70:bd:8d:27:aa:7f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: Sep 27 16:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c678a308a333a0696dd193029571fbf70c157720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:63:d3:e1:d1:25:83:e5:2b:4d:68:62:1d:
ab:b2:35:3d:87:09:1a:98:8f:bf:27:00:d6:ff:0c:
f1:f4:7e:52:bd:4b:32:6d:e8:57:b6:6e:ff:4f:ee:
df:68:e6:6c:00:d0:5f:e1:96:4b:d5:d6:bf:4f:5b:
af:45:1e:89:7d:54:66:60:00:55:16:07:9e:3c:66:
e7:94:01:95:0a:4d:1c:46:fc:14:30:11:44:c2:97:
99:15:05:c2:da:71:75:4d:07:1e:58:49:7d:78:0b:
0e:9e:20:56:f1:7f:9d:ea:0d:59:66:d7:8c:dc:1c:
b2:69:c8:8d:a6:78:50:19:82:7c:98:8b:89:d2:52:
4e:b9:16:23:f9:bf:4b:e2:05:b2:d8:2c:51:89:78:
85:64:ea:b9:8a:22:bb:12:b8:22:2c:6a:73:af:0e:
d8:bd:49:70:f9:52:17:e8:ae:66:41:89:bf:45:7b:
ef:be:fe:b4:93:61:af:f6:65:88:7e:0b:2a:55:e2:
13:3e:c3:86:13:5f:bb:69:f5:d8:c2:5f:be:40:d0:
5e:d2:a3:33:c7:b4:fa:02:4c:a7:c7:8c:76:48:3c:
1c:d2:2c:80:bd:41:c1:b4:0e:78:f7:b5:db:5f:16:
d0:a1:20:b3:7a:32:67:6b:2a:9e:02:eb:00:7c:63:
79:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:78:A3:08:A3:33:A0:69:6D:D1:93:02:95:71:FB:F7:0C:15:77:20
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/xnijCKMzoGlt0ZMClXH79wwVdyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.140.0/24
185.169.107.0/24
IPv6:
2a09:31c0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
18:c8:20:3d:a6:f9:3b:28:47:eb:13:08:43:3c:23:0a:e3:d6:
aa:36:d5:0c:cb:97:fb:e1:b5:ba:a2:31:ea:6f:2b:71:58:af:
e4:cc:cd:f1:ad:b7:e0:de:5b:93:47:d3:96:2d:0e:5f:45:f4:
21:27:72:d2:6e:7a:ac:9f:d4:ee:67:5e:a9:a2:c5:3d:82:ed:
72:5d:bb:8b:81:2c:93:3f:d5:5c:91:54:f7:71:1a:39:8a:19:
9a:92:3b:72:fb:52:7d:ec:de:15:e6:e7:6a:36:87:2a:ae:f0:
b6:af:4d:cd:40:0d:88:c8:e2:33:8f:60:8f:5a:34:e9:e4:27:
f6:68:82:bf:4f:b0:23:84:78:da:c4:0f:98:b6:1c:c7:25:b4:
ef:ec:f8:f1:5a:b3:81:4e:b5:32:04:2d:04:c1:51:21:89:1c:
b5:62:a9:6c:54:e6:87:e2:2d:24:92:cd:37:ae:0c:e8:2a:07:
c8:da:1a:5f:95:01:18:f5:d5:94:8c:b5:67:e8:a7:d7:24:da:
a6:a1:5f:30:3b:24:b3:7c:b7:a8:dc:ba:fb:4d:b1:dd:8c:6a:
6d:ac:73:2c:61:0e:e0:a5:b5:e3:b0:1d:3e:57:ad:ba:90:0c:
f2:5a:33:3a:b4:78:48:7d:49:a9:4b:48:f7:4d:de:e6:6f:3c:
cc:6b:d5:51
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZI0VcS0aay220pwvY0nqn94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjQwOTI3MTYzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc4YTMwOGEzMzNhMDY5NmRkMTkzMDI5NTcxZmJmNzBjMTU3NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Bj0+HRJYPlK01oYh2rsjU9hwka
mI+/JwDW/wzx9H5SvUsybehXtm7/T+7faOZsANBf4ZZL1da/T1uvRR6JfVRmYABV
FgeePGbnlAGVCk0cRvwUMBFEwpeZFQXC2nF1TQceWEl9eAsOniBW8X+d6g1ZZteM
3ByyaciNpnhQGYJ8mIuJ0lJOuRYj+b9L4gWy2CxRiXiFZOq5iiK7ErgiLGpzrw7Y
vUlw+VIX6K5mQYm/RXvvvv60k2Gv9mWIfgsqVeITPsOGE1+7afXYwl++QNBe0qMz
x7T6Akynx4x2SDwc0iyAvUHBtA5497XbXxbQoSCzejJnayqeAusAfGN5yQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMZ4owijM6BpbdGTApVx+/cMFXcgMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEveG5pakNLTXpvR2x0MFpNQ2xYSDc5d3dWZHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYGMAwQA
ualrMA8EAgACMAkDBwAqCTHAyv4wDQYJKoZIhvcNAQELBQADggEBABjIID2m+Tso
R+sTCEM8Iwrj1qo21QzLl/vhtbqiMepvK3FYr+TMzfGtt+DeW5NH05YtDl9F9CEn
ctJueqyf1O5nXqmixT2C7XJdu4uBLJM/1VyRVPdxGjmKGZqSO3L7Un3s3hXm52o2
hyqu8LavTc1ADYjI4jOPYI9aNOnkJ/Zogr9PsCOEeNrED5i2HMcltO/s+PFas4FO
tTIELQTBUSGJHLViqWxU5ofiLSSSzTeuDOgqB8jaGl+VARj11ZSMtWfop9ck2qah
XzA7JLN8t6jcuvtNsd2Mam2scyxhDuClteOwHT5XrbqQDPJaMzq0eEh9SalLSPdN
3uZvPMxr1VE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:50 2025 by rpki-client