Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/CIcIc10F3SjBHxoJVixf_YOVs5o.roa
File: CIcIc10F3SjBHxoJVixf_YOVs5o.roa (raw, json)
Hash identifier: HSe4GJt6gcdgDkVlJXROtRVigU7kiQY2nPh8HCQrtiE=
Subject key identifier: 08:87:08:73:5D:05:DD:28:C1:1F:1A:09:56:2C:5F:FD:83:95:B3:9A
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 01930744AD32520A5AB0242A8EF17EFB9C7D
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/CIcIc10F3SjBHxoJVixf_YOVs5o.roa
Signing time: Thu 07 Nov 2024 15:36:01 +0000
ROA not before: Thu 07 Nov 2024 15:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.125.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
91.243.190.0/24 maxlen: 24
91.243.191.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:44:ad:32:52:0a:5a:b0:24:2a:8e:f1:7e:fb:9c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Nov 7 15:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=088708735d05dd28c11f1a09562c5ffd8395b39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:23:30:d2:80:8d:85:1a:18:bf:f1:9e:6c:3d:
c4:fa:b9:01:df:54:29:29:07:01:0f:9c:15:fa:35:
90:dc:f3:49:d7:6d:41:13:61:dc:48:6a:f4:5b:66:
05:d5:bc:6c:bd:81:c2:cf:81:ff:0e:6e:3f:05:83:
1e:1a:0d:74:c4:5a:6a:de:92:64:c2:60:ec:fb:ec:
fc:6f:36:8d:93:e2:4b:bc:11:2c:73:49:0b:2f:08:
91:4c:b2:4d:cd:24:d0:6a:3f:50:9c:41:62:f3:b3:
41:ab:5f:68:c6:6e:71:50:b8:c2:47:e9:bf:21:36:
d7:dd:90:bc:fb:c4:2d:bf:62:8d:98:b4:85:f6:ae:
f6:15:62:66:9c:df:45:9d:b8:da:43:6a:bf:71:27:
8a:5a:67:91:63:48:14:f9:f6:7d:37:b3:26:ac:ac:
51:3a:12:5e:95:9b:4a:ac:ca:0f:d1:32:4b:44:7c:
fa:e5:6b:81:1b:af:b3:43:46:02:16:e0:89:a6:8b:
29:3e:9a:b4:3c:78:6d:d6:cb:cb:66:5f:0e:68:e2:
af:51:d9:37:0e:42:7e:67:be:c7:9a:e0:b2:66:cb:
5c:3d:91:6b:98:a9:8b:d0:03:7d:3c:bf:27:ba:0d:
73:04:4d:bb:cf:27:9d:e3:f6:9f:02:e4:52:04:dc:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:87:08:73:5D:05:DD:28:C1:1F:1A:09:56:2C:5F:FD:83:95:B3:9A
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/CIcIc10F3SjBHxoJVixf_YOVs5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/22
91.243.190.0/23
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
4c:96:06:4d:73:03:86:b8:de:46:22:8b:dd:e7:1a:3d:03:66:
bd:eb:59:d4:1f:9f:9f:e2:f1:14:62:94:8d:1e:06:97:d6:f3:
21:1b:54:95:d1:21:7f:75:e7:5d:e6:15:0b:0d:ed:d7:3b:98:
53:40:c1:73:f7:8e:d0:6e:52:f3:ac:88:fe:50:b8:e0:b6:18:
e3:4d:14:e1:cf:b8:d9:31:a9:8d:19:c8:97:d0:67:76:24:01:
75:98:8d:4f:cf:95:f2:a8:15:b0:27:71:e1:c1:f0:cd:af:cf:
34:b3:93:d9:10:d8:03:de:92:48:a3:2f:d0:62:93:b8:1d:2f:
be:95:90:5e:8c:12:95:dd:e7:65:a1:95:63:20:76:00:51:c8:
fd:f0:a4:97:42:c0:00:38:91:5d:f4:75:45:5f:df:65:f9:10:
6e:b8:c0:29:17:4f:f2:95:87:a1:d0:8d:33:09:9e:5a:7e:9b:
cf:ba:f1:79:6a:9d:4a:03:9c:ea:e8:c7:45:0b:bc:00:a2:21:
b9:93:8b:9e:0c:72:be:f9:bb:9e:bd:df:e3:e9:d9:fd:76:a5:
0e:d1:bf:40:3f:12:a7:fc:13:2a:12:b3:f5:42:4c:bc:b1:3a:
b0:36:90:89:b8:5d:f7:eb:83:aa:75:96:26:45:de:15:bf:d8:
a4:0e:f3:e7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMHRK0yUgpasCQqjvF++5x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjQxMTA3MTUzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg3MDg3MzVkMDVkZDI4YzExZjFhMDk1NjJjNWZmZDgzOTViMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiMw0oCNhRoYv/GebD3E+rkB31Qp
KQcBD5wV+jWQ3PNJ121BE2HcSGr0W2YF1bxsvYHCz4H/Dm4/BYMeGg10xFpq3pJk
wmDs++z8bzaNk+JLvBEsc0kLLwiRTLJNzSTQaj9QnEFi87NBq19oxm5xULjCR+m/
ITbX3ZC8+8Qtv2KNmLSF9q72FWJmnN9FnbjaQ2q/cSeKWmeRY0gU+fZ9N7MmrKxR
OhJelZtKrMoP0TJLRHz65WuBG6+zQ0YCFuCJpospPpq0PHht1svLZl8OaOKvUdk3
DkJ+Z77HmuCyZstcPZFrmKmL0AN9PL8nug1zBE27zyed4/afAuRSBNw2rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAiHCHNdBd0owR8aCVYsX/2DlbOaMB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEvQ0ljSWMxMEYzU2pCSHhvSlZpeGZfWU9WczVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQx8AwQB
W/O+MA0EAgACMAcDBQMqDqkAMA0GCSqGSIb3DQEBCwUAA4IBAQBMlgZNcwOGuN5G
Iovd5xo9A2a961nUH5+f4vEUYpSNHgaX1vMhG1SV0SF/dedd5hULDe3XO5hTQMFz
947QblLzrIj+ULjgthjjTRThz7jZMamNGciX0Gd2JAF1mI1Pz5XyqBWwJ3HhwfDN
r880s5PZENgD3pJIoy/QYpO4HS++lZBejBKV3edloZVjIHYAUcj98KSXQsAAOJFd
9HVFX99l+RBuuMApF0/ylYeh0I0zCZ5afpvPuvF5ap1KA5zq6MdFC7wAoiG5k4ue
DHK++buevd/j6dn9dqUO0b9APxKn/BMqErP1Qky8sTqwNpCJuF3364OqdZYmRd4V
v9ikDvPn
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:00 2025 by rpki-client