Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/xGrKS_7fIZAr--QcVe4rlk4LUrE.roa
File: xGrKS_7fIZAr--QcVe4rlk4LUrE.roa (raw, json)
Hash identifier: d+a6fGxhsrjWA8L3BsW9wjwHxXWu/4T+PL0txa2lkUk=
Subject key identifier: C4:6A:CA:4B:FE:DF:21:90:2B:FB:E4:1C:55:EE:2B:96:4E:0B:52:B1
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 01946E65178DF650518FE968FE347AD961C5
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/xGrKS_7fIZAr--QcVe4rlk4LUrE.roa
Signing time: Thu 16 Jan 2025 09:15:06 +0000
ROA not before: Thu 16 Jan 2025 09:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214063
IP address blocks: 45.12.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 07:33:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:65:17:8d:f6:50:51:8f:e9:68:fe:34:7a:d9:61:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Jan 16 09:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c46aca4bfedf21902bfbe41c55ee2b964e0b52b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4e:35:7f:28:9b:72:a4:ff:40:25:65:c2:31:
e7:1e:7d:b4:c1:69:79:57:ed:1c:70:37:9d:60:af:
e2:28:94:71:8b:0b:ef:e9:48:37:2f:e8:9e:a1:6e:
41:cd:71:b2:4b:29:25:dd:51:06:a3:26:46:cf:2c:
35:4e:3c:fb:29:3a:e0:7f:c8:1b:ac:6b:bf:e7:d3:
03:3f:e9:7c:3d:89:4f:26:01:bb:b6:b0:19:60:0f:
25:2d:84:d7:8c:b5:69:3a:c2:cd:aa:97:5c:c8:c5:
90:13:64:27:94:c0:0c:e3:a4:06:52:39:a7:6f:8d:
98:98:ca:dc:4c:18:f6:8a:3a:bb:3b:8f:e9:ce:cd:
fa:5e:11:6a:c9:d1:84:26:92:c7:04:1f:4f:af:be:
99:77:f2:3d:71:b3:91:ca:c6:6c:75:4a:68:78:c8:
2b:9a:cd:75:25:d2:b4:02:ed:30:91:90:f9:3c:ab:
7b:e9:19:00:5e:d2:a3:c2:75:09:06:a1:e2:6e:07:
0e:d4:3e:67:52:ed:63:89:c2:68:8e:e7:f8:d7:5e:
8f:7f:f4:2b:02:f9:76:8e:ad:26:4e:36:2d:40:12:
ab:2f:7d:91:0c:bd:8a:ec:b2:27:ce:59:04:a6:9f:
04:d2:23:eb:f1:ed:2f:77:dc:22:b0:b8:58:11:b0:
d0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6A:CA:4B:FE:DF:21:90:2B:FB:E4:1C:55:EE:2B:96:4E:0B:52:B1
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/xGrKS_7fIZAr--QcVe4rlk4LUrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.127.0/24
Signature Algorithm: sha256WithRSAEncryption
82:3a:6b:62:65:b4:29:c4:4e:ce:66:08:e7:a6:3e:90:66:76:
f6:ef:97:90:bf:0b:3d:0f:b0:4a:e7:89:6a:e4:b6:c5:a4:2a:
8c:2e:a7:1b:33:48:47:87:24:c5:42:2c:27:a1:c7:00:1e:4b:
10:ce:43:54:06:09:ac:85:d4:ed:87:47:69:0d:fb:23:8d:cd:
a9:90:da:b0:0c:d0:27:37:ce:38:23:23:be:86:18:bf:7a:d6:
95:f1:3c:d7:5b:09:ad:f8:af:5d:09:8d:be:0b:2e:c8:ea:20:
c4:32:7c:03:a9:38:66:21:ee:bc:d1:33:43:75:75:a4:81:42:
81:8e:7b:2e:5f:fa:63:d8:12:92:ae:bf:c6:c8:2f:ee:29:f8:
ff:5a:a8:5d:7e:8b:96:ee:89:be:ce:4d:75:35:1e:37:70:3a:
bc:f2:a9:09:bb:9d:43:9c:56:f9:0d:70:d2:7c:2a:06:3d:4a:
31:5c:6d:f3:62:d2:82:8b:9c:86:6d:ae:d6:ef:fe:22:76:fc:
8d:08:5b:21:72:91:00:59:15:14:78:bd:c1:34:0c:4b:eb:5c:
98:d6:97:ea:36:ba:fb:9c:40:2f:3e:9b:80:50:e9:a6:bd:04:
f6:25:b4:15:ad:5a:ec:c1:7e:78:01:b6:f1:a7:cf:bb:89:03:
45:fa:91:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRuZReN9lBRj+lo/jR62WHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjUwMTE2MDkxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZhY2E0YmZlZGYyMTkwMmJmYmU0MWM1NWVlMmI5NjRlMGI1MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU41fyibcqT/QCVlwjHnHn20wWl5
V+0ccDedYK/iKJRxiwvv6Ug3L+ieoW5BzXGySykl3VEGoyZGzyw1Tjz7KTrgf8gb
rGu/59MDP+l8PYlPJgG7trAZYA8lLYTXjLVpOsLNqpdcyMWQE2QnlMAM46QGUjmn
b42YmMrcTBj2ijq7O4/pzs36XhFqydGEJpLHBB9Pr76Zd/I9cbORysZsdUpoeMgr
ms11JdK0Au0wkZD5PKt76RkAXtKjwnUJBqHibgcO1D5nUu1jicJojuf4116Pf/Qr
Avl2jq0mTjYtQBKrL32RDL2K7LInzlkEpp8E0iPr8e0vd9wisLhYEbDQ0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRqykv+3yGQK/vkHFXuK5ZOC1KxMB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEveEdyS1NfN2ZJWkFyLS1RY1ZlNHJsazRMVXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQx/MA0G
CSqGSIb3DQEBCwUAA4IBAQCCOmtiZbQpxE7OZgjnpj6QZnb275eQvws9D7BK54lq
5LbFpCqMLqcbM0hHhyTFQiwnoccAHksQzkNUBgmshdTth0dpDfsjjc2pkNqwDNAn
N844IyO+hhi/etaV8TzXWwmt+K9dCY2+Cy7I6iDEMnwDqThmIe680TNDdXWkgUKB
jnsuX/pj2BKSrr/GyC/uKfj/WqhdfouW7om+zk11NR43cDq88qkJu51DnFb5DXDS
fCoGPUoxXG3zYtKCi5yGba7W7/4idvyNCFshcpEAWRUUeL3BNAxL61yY1pfqNrr7
nEAvPpuAUOmmvQT2JbQVrVrswX54Abbxp8+7iQNF+pEl
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:39 2025 by rpki-client