Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/udTVd1o8oDHSaSNRBJy6whYewAQ.roa
File: udTVd1o8oDHSaSNRBJy6whYewAQ.roa (raw, json)
Hash identifier: qk7UOUQTx/LsRWpITTU11KtTbgMf7KAs+HC5NtaiASo=
Subject key identifier: B9:D4:D5:77:5A:3C:A0:31:D2:69:23:51:04:9C:BA:C2:16:1E:C0:04
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 019420684D2DA90FA64C8E7D8AF3122E63B8
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/udTVd1o8oDHSaSNRBJy6whYewAQ.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35793
IP address blocks: 45.11.128.0/24 maxlen: 24
45.11.129.0/24 maxlen: 24
45.11.130.0/24 maxlen: 24
45.11.131.0/24 maxlen: 24
45.95.100.0/24 maxlen: 24
45.95.101.0/24 maxlen: 24
45.95.102.0/24 maxlen: 24
45.95.103.0/24 maxlen: 24
185.151.160.0/24 maxlen: 24
185.151.161.0/24 maxlen: 24
185.151.162.0/24 maxlen: 24
185.151.163.0/24 maxlen: 24
2a07:7940:12::/48 maxlen: 48
2a07:7940:14::/48 maxlen: 48
2a07:7940:16::/48 maxlen: 48
2a07:7940:41::/48 maxlen: 48
2a07:7940:45::/48 maxlen: 48
2a07:7940:46::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Mar 2025 09:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4d:2d:a9:0f:a6:4c:8e:7d:8a:f3:12:2e:63:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d4d5775a3ca031d2692351049cbac2161ec004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4a:8d:5c:b6:60:d0:02:eb:4b:26:db:4b:6a:
bd:ed:b6:a8:cb:c9:20:bf:c5:06:4e:7a:72:e2:ef:
0b:1a:e2:67:ac:92:c9:d4:a7:e7:83:b8:05:a3:77:
c7:c1:52:d8:ea:9b:03:04:8f:68:99:c9:59:a4:1c:
4b:3c:75:a5:91:6c:1d:97:51:cf:dc:7a:13:a8:39:
65:01:94:f9:eb:ed:aa:76:ba:ec:83:de:f7:ab:06:
59:92:47:db:a7:ec:93:4c:af:3d:a2:4e:5c:cd:f9:
12:cb:63:44:57:ce:9d:6b:4f:9d:ea:40:b9:80:8b:
f4:93:cf:6d:54:12:e6:9d:29:69:1d:5b:f9:94:15:
5d:74:86:c3:3a:85:11:ab:c2:1b:be:fd:c6:d9:c2:
f1:0a:9f:2d:2f:db:f3:27:13:2f:4c:97:24:02:93:
3c:5f:57:58:f7:ca:3d:fb:ca:16:2a:0b:8e:0b:0f:
d1:33:07:07:5d:81:23:23:fc:c5:8d:eb:fa:5f:6d:
10:2b:7e:dc:8b:10:cc:57:db:7a:a1:4f:67:ee:79:
c1:15:35:8e:68:66:6c:29:0b:8b:8b:1e:44:51:e1:
23:4f:18:7f:12:28:23:e4:23:91:2f:bf:c6:90:fb:
31:48:1c:b4:9d:95:c1:96:ad:1c:96:ba:2b:c2:9a:
1e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D4:D5:77:5A:3C:A0:31:D2:69:23:51:04:9C:BA:C2:16:1E:C0:04
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/udTVd1o8oDHSaSNRBJy6whYewAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.128.0/22
45.95.100.0/22
185.151.160.0/22
IPv6:
2a07:7940:12::/48
2a07:7940:14::/48
2a07:7940:16::/48
2a07:7940:41::/48
2a07:7940:45::-2a07:7940:46:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:6e:2c:d6:e5:73:8a:0f:8d:d3:28:1e:ed:58:56:38:fa:cb:
99:21:eb:34:22:e9:e7:83:54:cd:eb:d1:b5:23:42:15:0a:f4:
8e:f0:a2:3b:24:67:92:0b:70:12:0c:c0:d9:e2:e3:94:13:05:
34:ca:84:e9:fa:53:dd:2c:8f:b0:5d:04:dc:67:e6:0e:6f:6a:
4d:54:f6:73:de:35:ea:a7:52:20:4b:f5:b6:80:ad:b4:58:67:
b0:60:d1:33:ab:70:28:b2:28:20:90:a3:46:66:4f:9d:e3:b3:
ed:52:9f:2b:6d:48:a2:78:11:0e:24:f2:4f:85:94:4d:2f:75:
4e:5a:ea:f4:cd:ed:1a:95:7b:8e:ae:4b:ba:f1:59:4d:60:a4:
17:bf:6a:ed:ea:f0:2b:9b:d5:c4:f6:46:b4:89:37:ef:28:d9:
77:85:e8:99:c1:68:52:fc:74:ff:d1:93:e6:7a:e7:03:d4:e4:
57:3e:8e:02:4f:e2:15:67:44:10:79:e8:5e:aa:29:2f:61:57:
9f:cf:ea:9f:1c:63:f8:de:74:09:43:02:1d:d8:8a:43:fd:08:
c2:1b:b2:4c:af:f8:ba:70:18:41:da:bc:1d:5e:9a:a4:cd:bc:
e0:c6:90:16:50:16:3a:8f:65:56:d7:59:80:67:a4:55:9f:5e:
24:e2:9e:44
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQgaE0tqQ+mTI59ivMSLmO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ0ZDU3NzVhM2NhMDMxZDI2OTIzNTEwNDljYmFjMjE2MWVjMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkqNXLZg0ALrSybbS2q97baoy8kg
v8UGTnpy4u8LGuJnrJLJ1Kfng7gFo3fHwVLY6psDBI9omclZpBxLPHWlkWwdl1HP
3HoTqDllAZT56+2qdrrsg973qwZZkkfbp+yTTK89ok5czfkSy2NEV86da0+d6kC5
gIv0k89tVBLmnSlpHVv5lBVddIbDOoURq8Ibvv3G2cLxCp8tL9vzJxMvTJckApM8
X1dY98o9+8oWKguOCw/RMwcHXYEjI/zFjev6X20QK37cixDMV9t6oU9n7nnBFTWO
aGZsKQuLix5EUeEjTxh/Eigj5CORL7/GkPsxSBy0nZXBlq0clrorwpoe+wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLnU1XdaPKAx0mkjUQScusIWHsAEMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvdWRUVmQxbzhvREhTYVNOUkJKeTZ3aFlld0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjAYBAIAATASAwQCLQuAAwQC
LV9kAwQCuZegMD4EAgACMDgDBwAqB3lAABIDBwAqB3lAABQDBwAqB3lAABYDBwAq
B3lAAEEwEgMHACoHeUAARQMHACoHeUAARjANBgkqhkiG9w0BAQsFAAOCAQEACm4s
1uVzig+N0yge7VhWOPrLmSHrNCLp54NUzevRtSNCFQr0jvCiOyRnkgtwEgzA2eLj
lBMFNMqE6fpT3SyPsF0E3GfmDm9qTVT2c9416qdSIEv1toCttFhnsGDRM6twKLIo
IJCjRmZPneOz7VKfK21IongRDiTyT4WUTS91Tlrq9M3tGpV7jq5LuvFZTWCkF79q
7erwK5vVxPZGtIk37yjZd4XomcFoUvx0/9GT5nrnA9TkVz6OAk/iFWdEEHnoXqop
L2FXn8/qnxxj+N50CUMCHdiKQ/0IwhuyTK/4unAYQdq8HV6apM284MaQFlAWOo9l
VtdZgGekVZ9eJOKeRA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:07:30 2025 by rpki-client