Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/PUxQYA4rxemwd5A0iZfnnHlw6C4.roa
File: PUxQYA4rxemwd5A0iZfnnHlw6C4.roa (raw, json)
Hash identifier: fEkTlYM/Owm10oG6JGRHluyjtlwx1O+DaqB1DpOGGCQ=
Subject key identifier: 3D:4C:50:60:0E:2B:C5:E9:B0:77:90:34:89:97:E7:9C:79:70:E8:2E
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0193DAF1DE94B13D74F8352A9BC97764F7D7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/PUxQYA4rxemwd5A0iZfnnHlw6C4.roa
Signing time: Wed 18 Dec 2024 18:05:04 +0000
ROA not before: Wed 18 Dec 2024 18:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 45.139.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 09:59:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:f1:de:94:b1:3d:74:f8:35:2a:9b:c9:77:64:f7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Dec 18 18:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d4c50600e2bc5e9b07790348997e79c7970e82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cc:58:94:da:92:c3:4c:39:5d:42:cc:31:51:
a9:c4:fa:0c:8a:b9:13:7a:5c:36:1b:8e:0c:ad:2e:
73:f4:7b:ad:37:f0:9b:44:f9:24:03:bb:09:5b:1e:
e6:8b:b4:3a:c7:b9:e8:df:4c:fc:29:68:bb:76:99:
b0:08:be:79:98:94:38:96:97:e4:6d:e3:4e:b3:2e:
45:3c:94:cf:4c:a6:b3:5f:89:d5:70:f3:b0:de:7c:
5f:db:af:ca:a9:ad:21:68:e6:1c:e8:53:81:fa:59:
f8:9a:a3:9f:f0:f4:f9:f4:bb:a3:48:79:50:ff:92:
03:0e:3f:fc:99:76:53:1e:ee:d6:b0:99:82:63:a4:
ab:75:34:8d:af:39:dc:7d:24:d9:91:35:a0:57:1f:
93:6c:54:ad:c7:50:fe:d6:99:4d:c1:b7:86:d2:7d:
82:d9:3f:71:46:7f:09:49:56:a4:c1:d2:14:fb:0c:
e6:75:3c:6c:88:4b:a3:8f:48:62:5d:e9:c0:81:3f:
99:15:97:68:20:32:d9:db:8e:41:d6:19:c5:ae:e8:
b5:d0:c2:d4:64:e5:77:10:ee:00:38:3d:a3:a7:f3:
1c:97:fe:ee:57:8b:05:c6:d8:1e:65:51:bf:53:64:
ed:35:cd:ba:95:89:06:48:c8:c0:1b:86:67:18:7f:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4C:50:60:0E:2B:C5:E9:B0:77:90:34:89:97:E7:9C:79:70:E8:2E
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/PUxQYA4rxemwd5A0iZfnnHlw6C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.71.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:0e:64:3d:be:76:21:7a:33:2e:cb:d7:af:06:3f:1a:01:a9:
a7:1c:2d:c9:07:16:0c:cd:d9:62:c5:ed:7e:4b:16:2b:3f:d2:
c7:69:40:20:91:1d:5e:38:23:1b:b3:32:f6:ca:1a:e9:b4:b5:
96:43:35:9c:f6:63:ef:f6:a7:b2:cd:ed:42:f7:45:77:97:d2:
61:2d:18:d8:35:67:bb:23:e5:48:81:d8:df:af:29:5d:b3:88:
e0:84:ec:7b:01:34:a8:80:82:0e:57:25:71:40:92:0f:bb:18:
7e:42:84:08:e4:03:8d:3c:a5:b0:cc:85:4a:34:f4:7c:cf:36:
d2:3b:5b:7b:29:4c:88:a6:91:31:de:90:93:50:86:02:17:59:
2c:82:12:b7:16:48:49:da:75:58:93:f6:9a:cf:b1:67:a9:1a:
f6:80:62:42:2a:60:d4:54:55:c2:32:dd:2d:1f:db:47:9d:71:
45:27:73:05:92:ae:b5:b1:1b:1f:80:9a:d2:97:ed:22:46:e0:
48:71:43:15:35:f0:54:5b:a0:f1:07:c1:9d:98:06:fa:68:75:
62:84:2e:3e:30:bd:c8:c7:98:6e:ac:09:00:87:c0:92:5f:cc:
b2:a1:5c:6e:a0:7d:1c:bc:e4:ff:04:7f:91:3b:70:35:81:61:
d4:ae:ad:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPa8d6UsT10+DUqm8l3ZPfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQxMjE4MTgwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRjNTA2MDBlMmJjNWU5YjA3NzkwMzQ4OTk3ZTc5Yzc5NzBlODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8xYlNqSw0w5XULMMVGpxPoMirkT
elw2G44MrS5z9HutN/CbRPkkA7sJWx7mi7Q6x7no30z8KWi7dpmwCL55mJQ4lpfk
beNOsy5FPJTPTKazX4nVcPOw3nxf26/Kqa0haOYc6FOB+ln4mqOf8PT59LujSHlQ
/5IDDj/8mXZTHu7WsJmCY6SrdTSNrzncfSTZkTWgVx+TbFStx1D+1plNwbeG0n2C
2T9xRn8JSVakwdIU+wzmdTxsiEujj0hiXenAgT+ZFZdoIDLZ245B1hnFrui10MLU
ZOV3EO4AOD2jp/Mcl/7uV4sFxtgeZVG/U2TtNc26lYkGSMjAG4ZnGH8nPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1MUGAOK8XpsHeQNImX55x5cOguMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvUFV4UVlBNHJ4ZW13ZDVBMGlaZm5uSGx3NkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYtHMA0G
CSqGSIb3DQEBCwUAA4IBAQCkDmQ9vnYhejMuy9evBj8aAamnHC3JBxYMzdlixe1+
SxYrP9LHaUAgkR1eOCMbszL2yhrptLWWQzWc9mPv9qeyze1C90V3l9JhLRjYNWe7
I+VIgdjfrylds4jghOx7ATSogIIOVyVxQJIPuxh+QoQI5AONPKWwzIVKNPR8zzbS
O1t7KUyIppEx3pCTUIYCF1ksghK3FkhJ2nVYk/aaz7FnqRr2gGJCKmDUVFXCMt0t
H9tHnXFFJ3MFkq61sRsfgJrSl+0iRuBIcUMVNfBUW6DxB8GdmAb6aHVihC4+ML3I
x5hurAkAh8CSX8yyoVxuoH0cvOT/BH+RO3A1gWHUrq1r
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:50 2025 by rpki-client