Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/KeP9lH62pt5NuBHhaBRz_mWpe2A.roa
File: KeP9lH62pt5NuBHhaBRz_mWpe2A.roa (raw, json)
Hash identifier: kYH80uKvJ/fCU4mR5ZkbGGTzBmWKfcbx3Ubfvq1ooTk=
Subject key identifier: 29:E3:FD:94:7E:B6:A6:DE:4D:B8:11:E1:68:14:73:FE:65:A9:7B:60
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018CC5DD130DB9DCB170F5D88FD04E27D7EB
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/KeP9lH62pt5NuBHhaBRz_mWpe2A.roa
Signing time: Mon 01 Jan 2024 16:30:49 +0000
ROA not before: Mon 01 Jan 2024 16:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35771
IP address blocks: 45.135.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:13:0d:b9:dc:b1:70:f5:d8:8f:d0:4e:27:d7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 16:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e3fd947eb6a6de4db811e1681473fe65a97b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:0f:a4:e6:a2:e0:3e:71:42:dd:7e:c0:eb:
41:16:95:01:46:5b:60:f1:c9:83:57:f9:6f:ef:fb:
a2:7d:70:6e:dc:93:2b:fe:66:7e:bc:5c:63:f7:3a:
31:81:7c:f5:67:c9:e3:7e:d8:b1:fe:18:8a:ee:53:
64:59:d4:7a:a3:22:af:02:cb:ef:bc:6a:ba:3b:34:
69:03:a7:8d:0d:30:c0:34:0f:d9:dd:b4:98:3a:53:
b2:68:7f:61:90:57:d8:d9:10:33:c6:75:32:f1:60:
35:41:9c:c9:2f:68:3c:b2:40:4e:e1:3c:ac:d7:b7:
7c:11:70:bc:c2:a7:20:b3:38:68:cc:fa:7d:c5:36:
94:51:41:e4:8e:89:ec:1b:9b:08:56:59:26:bd:69:
8d:d2:e9:9b:36:d6:d3:3f:22:7a:fa:5d:e5:d2:93:
e6:59:60:44:81:1a:c4:34:2b:80:92:41:5a:c3:50:
5c:ad:59:ac:42:42:fe:6f:82:68:14:3b:07:a2:b5:
f1:2b:ee:eb:ac:9e:5d:23:38:28:dc:34:e0:b7:cd:
cb:39:fd:5a:07:07:e8:15:95:98:aa:e2:10:61:99:
fd:1c:d8:35:53:a0:2c:71:dd:01:0c:8d:41:bc:8d:
9f:93:14:79:5d:e7:32:af:02:cc:36:e2:67:61:1f:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:FD:94:7E:B6:A6:DE:4D:B8:11:E1:68:14:73:FE:65:A9:7B:60
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/KeP9lH62pt5NuBHhaBRz_mWpe2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.225.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:47:b8:fe:df:55:ce:f8:c9:26:50:0e:6d:50:fc:3a:32:e0:
50:e6:e2:7c:5c:30:04:7a:fb:69:61:05:4c:3d:13:9d:d1:2c:
de:a9:ee:a8:a5:59:24:f0:a2:4f:06:2c:54:7e:83:e3:24:92:
f2:64:63:71:1e:5e:47:12:84:b7:3c:5a:73:47:52:8d:00:b1:
8a:25:4d:99:8f:68:33:a4:fe:fc:18:28:89:b6:fc:b9:ef:50:
85:e4:9e:93:32:b7:28:f8:ad:ac:64:57:82:13:ed:e2:2e:32:
db:4f:46:62:93:15:b6:2e:ab:a6:ec:28:a2:2d:0e:35:73:9e:
c8:96:b8:07:59:a4:62:53:9c:c6:67:68:dd:5d:2e:33:1f:27:
57:a5:fd:8c:d3:c9:91:d9:18:f9:0d:2e:22:8a:37:f8:ad:55:
f2:69:a2:03:58:f3:0a:1c:4c:ae:24:b6:43:0c:5a:a3:9d:18:
4f:b5:46:36:70:b0:1e:cb:40:7f:93:69:20:0b:5a:88:e8:fe:
ea:7f:fc:5c:5b:3b:1f:fa:22:e5:75:f8:3b:81:75:e6:6e:28:
93:f5:88:ea:b1:c8:0a:e5:f9:30:49:56:85:ab:46:cb:91:40:
f0:c1:62:d8:02:79:ce:07:11:fe:2b:4b:9e:fa:8e:e2:28:26:
7e:27:89:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3RMNudyxcPXYj9BOJ9frMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTAxMTYzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUzZmQ5NDdlYjZhNmRlNGRiODExZTE2ODE0NzNmZTY1YTk3YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQEPpOai4D5xQt1+wOtBFpUBRltg
8cmDV/lv7/uifXBu3JMr/mZ+vFxj9zoxgXz1Z8njftix/hiK7lNkWdR6oyKvAsvv
vGq6OzRpA6eNDTDANA/Z3bSYOlOyaH9hkFfY2RAzxnUy8WA1QZzJL2g8skBO4Tys
17d8EXC8wqcgszhozPp9xTaUUUHkjonsG5sIVlkmvWmN0umbNtbTPyJ6+l3l0pPm
WWBEgRrENCuAkkFaw1BcrVmsQkL+b4JoFDsHorXxK+7rrJ5dIzgo3DTgt83LOf1a
BwfoFZWYquIQYZn9HNg1U6Ascd0BDI1BvI2fkxR5XecyrwLMNuJnYR/m0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnj/ZR+tqbeTbgR4WgUc/5lqXtgMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvS2VQOWxINjJwdDVOdUJIaGFCUnpfbVdwZTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfhMA0G
CSqGSIb3DQEBCwUAA4IBAQBsR7j+31XO+MkmUA5tUPw6MuBQ5uJ8XDAEevtpYQVM
PROd0Szeqe6opVkk8KJPBixUfoPjJJLyZGNxHl5HEoS3PFpzR1KNALGKJU2Zj2gz
pP78GCiJtvy571CF5J6TMrco+K2sZFeCE+3iLjLbT0ZikxW2Lqum7CiiLQ41c57I
lrgHWaRiU5zGZ2jdXS4zHydXpf2M08mR2Rj5DS4iijf4rVXyaaIDWPMKHEyuJLZD
DFqjnRhPtUY2cLAey0B/k2kgC1qI6P7qf/xcWzsf+iLldfg7gXXmbiiT9YjqscgK
5fkwSVaFq0bLkUDwwWLYAnnOBxH+K0ue+o7iKCZ+J4kV
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:58:09 2025 by rpki-client