Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/BsjjQAyQyMjPnQ3pb32P0Zj5pP4.roa
File: BsjjQAyQyMjPnQ3pb32P0Zj5pP4.roa (raw, json)
Hash identifier: Iycc7iavQ5+1NH2MDbClBOoOY91ud/+9baR7h/cuKOs=
Subject key identifier: 06:C8:E3:40:0C:90:C8:C8:CF:9D:0D:E9:6F:7D:8F:D1:98:F9:A4:FE
Certificate issuer: /CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
Certificate serial: 01947879F71009361C585EA003CA337CA17E
Authority key identifier: 1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/BsjjQAyQyMjPnQ3pb32P0Zj5pP4.roa
Signing time: Sat 18 Jan 2025 08:14:06 +0000
ROA not before: Sat 18 Jan 2025 08:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57137
IP address blocks: 45.129.148.0/22 maxlen: 22
45.129.148.0/24 maxlen: 24
45.129.149.0/24 maxlen: 24
45.129.150.0/24 maxlen: 24
45.129.151.0/24 maxlen: 24
2a0e:4c40::/29 maxlen: 29
2a0e:4c40::/32 maxlen: 32
2a0e:4c41::/32 maxlen: 32
2a0e:4c42::/32 maxlen: 32
2a0e:4c43::/32 maxlen: 32
2a0e:4c44::/32 maxlen: 32
2a0e:4c45::/32 maxlen: 32
2a0e:4c46::/32 maxlen: 32
2a0e:4c47::/32 maxlen: 32
2a0e:4c47:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 12:28:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:78:79:f7:10:09:36:1c:58:5e:a0:03:ca:33:7c:a1:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
Validity
Not Before: Jan 18 08:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06c8e3400c90c8c8cf9d0de96f7d8fd198f9a4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a8:c7:8c:f5:5f:97:54:02:be:09:28:b6:4c:
1d:b5:df:1c:ed:18:4e:b3:3c:e9:00:b7:07:f1:6d:
fc:bd:ba:8c:2a:d1:ca:f3:e0:f2:9d:1b:05:73:3f:
55:f2:b2:d7:e1:78:94:e3:cf:05:34:12:bc:ee:a4:
99:d1:c5:5a:2c:1a:bf:f9:d6:d9:4f:eb:a8:d7:26:
f6:4c:d7:ec:a2:b8:c5:74:4c:d6:78:19:40:f3:59:
75:21:90:f1:64:d6:49:99:fc:10:03:d6:65:91:84:
af:53:22:7a:95:b8:49:e2:88:db:4f:ce:6f:64:95:
ea:7f:4b:c4:64:16:ec:89:8e:da:c3:1f:ff:0c:87:
77:66:e7:35:a1:91:ac:0f:1b:5d:18:41:52:46:1f:
ac:27:fe:07:bd:50:c8:be:62:23:a7:66:fa:aa:f3:
15:8d:87:95:d9:6b:35:96:c2:1b:b6:a5:c2:66:2a:
15:50:5d:fc:07:6f:57:3a:31:67:cc:7c:d6:41:3f:
d3:b8:f5:58:6d:6a:e2:ff:8a:19:b2:9c:74:4e:16:
9a:d4:22:6f:2a:4c:61:da:22:9b:dc:b3:43:8c:dc:
c3:bc:06:c7:57:10:32:3a:c5:03:73:06:59:44:e3:
1d:ea:cd:a0:96:2b:c7:a1:26:3b:47:94:92:db:91:
71:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C8:E3:40:0C:90:C8:C8:CF:9D:0D:E9:6F:7D:8F:D1:98:F9:A4:FE
X509v3 Authority Key Identifier:
keyid:1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/BsjjQAyQyMjPnQ3pb32P0Zj5pP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/HOZcV2hs5eUbNn_JlrSbzFmJa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.148.0/22
IPv6:
2a0e:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
34:be:c7:f3:5d:63:1c:73:f0:55:22:8a:3a:10:7e:f9:34:41:
7f:05:3a:68:39:73:e6:70:60:b5:7d:ac:9d:23:9b:6b:7f:cc:
fa:19:cc:27:9f:ae:0e:c7:56:b7:a6:9b:1f:23:db:1c:f0:cd:
ad:e3:48:51:07:07:4e:0e:b7:07:c1:8a:73:24:42:b3:4d:26:
27:11:3d:c7:65:14:1f:ae:a7:25:4a:ab:91:0c:4b:10:aa:6b:
9e:12:4a:44:96:27:11:5c:45:26:c0:76:33:aa:38:4c:11:7d:
16:60:94:bd:b8:6f:13:ff:65:29:77:c4:87:12:5e:c7:60:f3:
36:04:05:e3:49:ab:bc:c4:c2:11:3e:1a:17:3a:22:b0:3c:b8:
15:cd:d5:53:44:06:c3:78:19:d7:32:94:b0:2a:8b:c5:92:86:
39:c6:ce:50:fc:40:36:b7:7f:36:26:34:4e:8a:16:83:25:60:
7f:d5:20:8d:42:1d:b4:7f:5c:45:e1:66:c1:4b:46:70:90:68:
87:6a:cd:0d:b8:07:1f:87:03:2b:0c:cf:e5:d6:e7:f5:2f:ff:
40:da:01:0d:d6:c4:e7:2b:a4:e7:a3:6c:04:b5:b1:dc:e2:f8:
07:57:81:1a:23:d8:21:a5:14:93:d1:05:fe:6e:11:59:9e:93:
9f:68:9b:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZR4efcQCTYcWF6gA8ozfKF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZTY1YzU3Njg2Y2U1ZTUxYjM2N2ZjOTk2YjQ5YmNjNTk4
OTZiOWMwHhcNMjUwMTE4MDgxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM4ZTM0MDBjOTBjOGM4Y2Y5ZDBkZTk2ZjdkOGZkMTk4ZjlhNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qjHjPVfl1QCvgkotkwdtd8c7RhO
szzpALcH8W38vbqMKtHK8+DynRsFcz9V8rLX4XiU488FNBK87qSZ0cVaLBq/+dbZ
T+uo1yb2TNfsorjFdEzWeBlA81l1IZDxZNZJmfwQA9ZlkYSvUyJ6lbhJ4ojbT85v
ZJXqf0vEZBbsiY7awx//DId3Zuc1oZGsDxtdGEFSRh+sJ/4HvVDIvmIjp2b6qvMV
jYeV2Ws1lsIbtqXCZioVUF38B29XOjFnzHzWQT/TuPVYbWri/4oZspx0Thaa1CJv
Kkxh2iKb3LNDjNzDvAbHVxAyOsUDcwZZROMd6s2glivHoSY7R5SS25FxgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAbI40AMkMjIz50N6W99j9GY+aT+MB8GA1UdIwQY
MBaAFBzmXFdobOXlGzZ/yZa0m8xZiWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjIt
MTI4YjVjM2QwNTNhLzEvQnNqalFBeVF5TWpQblEzcGIzMlAwWmo1cFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjItMTI4YjVjM2QwNTNh
LzEvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYGUMA0E
AgACMAcDBQMqDkxAMA0GCSqGSIb3DQEBCwUAA4IBAQA0vsfzXWMcc/BVIoo6EH75
NEF/BTpoOXPmcGC1faydI5trf8z6Gcwnn64Ox1a3ppsfI9sc8M2t40hRBwdODrcH
wYpzJEKzTSYnET3HZRQfrqclSquRDEsQqmueEkpElicRXEUmwHYzqjhMEX0WYJS9
uG8T/2Upd8SHEl7HYPM2BAXjSau8xMIRPhoXOiKwPLgVzdVTRAbDeBnXMpSwKovF
koY5xs5Q/EA2t382JjROihaDJWB/1SCNQh20f1xF4WbBS0ZwkGiHas0NuAcfhwMr
DM/l1uf1L/9A2gEN1sTnK6Tno2wEtbHc4vgHV4EaI9ghpRST0QX+bhFZnpOfaJs+
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:17:54 2025 by rpki-client