Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/U9uxqqiq46fXw1y71Awa-Xen9h4.roa
File: U9uxqqiq46fXw1y71Awa-Xen9h4.roa (raw, json)
Hash identifier: qlmEivWTAasR3R4nyWj+5tFsobHADFiA8wxCka0OgiQ=
Subject key identifier: 53:DB:B1:AA:A8:AA:E3:A7:D7:C3:5C:BB:D4:0C:1A:F9:77:A7:F6:1E
Certificate issuer: /CN=a8847f64567e4aa4ad5cb7fc22f22df4e2bc6978
Certificate serial: 01933EE6C05AAA9091900562A01E946BDD37
Authority key identifier: A8:84:7F:64:56:7E:4A:A4:AD:5C:B7:FC:22:F2:2D:F4:E2:BC:69:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/U9uxqqiq46fXw1y71Awa-Xen9h4.roa
Signing time: Mon 18 Nov 2024 10:52:10 +0000
ROA not before: Mon 18 Nov 2024 10:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208221
IP address blocks: 45.153.12.0/22 maxlen: 24
2a0f:8b00::/34 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:e6:c0:5a:aa:90:91:90:05:62:a0:1e:94:6b:dd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8847f64567e4aa4ad5cb7fc22f22df4e2bc6978
Validity
Not Before: Nov 18 10:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53dbb1aaa8aae3a7d7c35cbbd40c1af977a7f61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:cd:c2:83:ae:fc:51:08:4f:b8:28:54:4c:
6c:7f:e8:44:0d:00:a8:66:56:b4:11:a6:08:e7:11:
a7:a1:13:f2:6d:ba:12:c2:06:9e:a4:a2:02:57:e7:
4b:c4:27:80:4c:f3:d6:7f:e5:e9:db:db:f0:89:59:
aa:e8:3a:ee:31:97:06:92:2e:28:24:cc:dd:e6:71:
5f:a3:21:f0:43:aa:d5:dd:48:b8:c7:f6:58:14:93:
b8:5e:65:0a:a3:4c:d3:ac:27:26:1e:7b:fa:cc:09:
d9:48:01:39:e0:81:e6:64:27:6b:48:21:2b:2b:6a:
24:da:9c:44:2d:5f:a8:c3:da:4a:30:ad:a4:4b:fa:
bb:45:5c:2c:13:ff:9a:d0:1c:31:81:93:e9:0e:49:
6f:14:8c:1e:bf:30:d5:a0:8d:bb:cb:2a:7e:17:8c:
77:aa:a2:d9:cb:ba:ae:42:3b:54:27:bf:fe:f0:3a:
a9:68:52:ae:7b:32:65:54:cb:26:84:91:ea:e4:c4:
21:1b:dc:82:ac:4a:35:ec:e6:15:18:ee:f4:bf:5b:
3f:a7:5b:10:b1:a8:dc:11:cd:2c:a6:4a:7f:3e:de:
63:6a:63:12:fd:cc:05:1f:1f:0c:28:50:cb:e2:5e:
2f:58:7b:8f:b1:82:c2:6c:6d:90:3c:a4:9a:7a:c5:
d7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DB:B1:AA:A8:AA:E3:A7:D7:C3:5C:BB:D4:0C:1A:F9:77:A7:F6:1E
X509v3 Authority Key Identifier:
keyid:A8:84:7F:64:56:7E:4A:A4:AD:5C:B7:FC:22:F2:2D:F4:E2:BC:69:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/U9uxqqiq46fXw1y71Awa-Xen9h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.12.0/22
IPv6:
2a0f:8b00::/34
Signature Algorithm: sha256WithRSAEncryption
35:99:31:20:b9:32:4d:4e:a3:fc:9a:1d:b0:16:9b:78:ee:b1:
72:81:1b:93:a4:62:46:5a:a0:7b:ef:89:2d:40:a5:11:1c:48:
91:53:39:f8:cd:0b:8f:28:f6:bc:13:5f:ef:d5:53:27:93:84:
b3:a5:de:37:66:a5:c2:01:0e:d5:94:ea:43:16:00:91:7b:75:
dc:cc:1c:60:e9:d9:8e:2d:0e:de:c8:91:78:bc:70:60:00:25:
d2:09:5d:5d:af:92:3f:e0:76:03:f9:59:38:fe:b7:7f:38:79:
27:75:9e:c3:f5:4e:4f:78:87:e4:58:ac:7f:ff:cd:53:6e:e2:
81:21:c4:99:20:e4:7f:d0:e9:48:69:3e:b3:b8:d2:bb:66:84:
6e:c6:d9:38:9c:25:98:4b:de:7a:22:ed:a6:88:00:97:b8:7e:
c9:36:56:fe:95:a5:cb:2b:f3:35:ee:f5:70:28:14:38:36:26:
21:a3:f5:2f:8a:28:c1:ec:87:f4:55:5e:4c:15:ba:e3:87:7a:
37:7f:68:8d:79:7e:a6:ae:21:85:f5:93:70:3b:a2:d2:4d:1c:
9b:dd:69:47:2c:3b:ce:e6:bf:81:ac:5d:e5:31:d0:f2:07:9f:
78:80:83:27:a4:d0:39:ee:6f:04:4f:13:3f:6d:1e:bb:0d:ea:
38:af:07:30
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZM+5sBaqpCRkAVioB6Ua903MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODQ3ZjY0NTY3ZTRhYTRhZDVjYjdmYzIyZjIyZGY0ZTJi
YzY5NzgwHhcNMjQxMTE4MTA1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RiYjFhYWE4YWFlM2E3ZDdjMzVjYmJkNDBjMWFmOTc3YTdmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOvNwoOu/FEIT7goVExsf+hEDQCo
Zla0EaYI5xGnoRPybboSwgaepKICV+dLxCeATPPWf+Xp29vwiVmq6DruMZcGki4o
JMzd5nFfoyHwQ6rV3Ui4x/ZYFJO4XmUKo0zTrCcmHnv6zAnZSAE54IHmZCdrSCEr
K2ok2pxELV+ow9pKMK2kS/q7RVwsE/+a0BwxgZPpDklvFIwevzDVoI27yyp+F4x3
qqLZy7quQjtUJ7/+8DqpaFKuezJlVMsmhJHq5MQhG9yCrEo17OYVGO70v1s/p1sQ
sajcEc0spkp/Pt5jamMS/cwFHx8MKFDL4l4vWHuPsYLCbG2QPKSaesXXaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFPbsaqoquOn18Ncu9QMGvl3p/YeMB8GA1UdIwQY
MBaAFKiEf2RWfkqkrVy3/CLyLfTivGl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlSX1pGWi1TcVN0WExmOEl2SXQ5T0s4YVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xN2FmOTQtNzIxNC00YWRiLWIzMDQt
MTAyNTU3MThhMTg1LzEvVTl1eHFxaXE0NmZYdzF5NzFBd2EtWGVuOWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xN2FmOTQtNzIxNC00YWRiLWIzMDQtMTAyNTU3MThhMTg1
LzEvcUlSX1pGWi1TcVN0WExmOEl2SXQ5T0s4YVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLZkMMA4E
AgACMAgDBgYqD4sAADANBgkqhkiG9w0BAQsFAAOCAQEANZkxILkyTU6j/JodsBab
eO6xcoEbk6RiRlqge++JLUClERxIkVM5+M0Ljyj2vBNf79VTJ5OEs6XeN2alwgEO
1ZTqQxYAkXt13MwcYOnZji0O3siReLxwYAAl0gldXa+SP+B2A/lZOP63fzh5J3We
w/VOT3iH5Fisf//NU27igSHEmSDkf9DpSGk+s7jSu2aEbsbZOJwlmEveeiLtpogA
l7h+yTZW/pWlyyvzNe71cCgUODYmIaP1L4ooweyH9FVeTBW644d6N39ojXl+pq4h
hfWTcDui0k0cm91pRyw7zua/gaxd5THQ8gefeICDJ6TQOe5vBE8TP20euw3qOK8H
MA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:56 2025 by rpki-client