Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/9bdf34-729d-4be0-b15f-5de0871182ba/1/RqbanMGs8OupmkvUhgL_aQXy6yQ.roa
File: RqbanMGs8OupmkvUhgL_aQXy6yQ.roa (raw, json)
Hash identifier: /Ezx+cuYfNYZtyz07PYRRLqmq0ZuqvIfbeWAr0mc/+c=
Subject key identifier: 46:A6:DA:9C:C1:AC:F0:EB:A9:9A:4B:D4:86:02:FF:69:05:F2:EB:24
Certificate issuer: /CN=17cf12a6589e998c9bec139af8fce70ac475ad72
Certificate serial: 01926E4868199ECCEE7582761C842B838D53
Authority key identifier: 17:CF:12:A6:58:9E:99:8C:9B:EC:13:9A:F8:FC:E7:0A:C4:75:AD:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F88SpliemYyb7BOa-PznCsR1rXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/9bdf34-729d-4be0-b15f-5de0871182ba/1/RqbanMGs8OupmkvUhgL_aQXy6yQ.roa
Signing time: Tue 08 Oct 2024 22:38:11 +0000
ROA not before: Tue 08 Oct 2024 22:38:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44176
IP address blocks: 45.81.188.0/22 maxlen: 24
45.118.184.0/22 maxlen: 24
216.205.160.0/19 maxlen: 24
2a0e:5e80::/29 maxlen: 32
2a0e:5e80::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6e:48:68:19:9e:cc:ee:75:82:76:1c:84:2b:83:8d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17cf12a6589e998c9bec139af8fce70ac475ad72
Validity
Not Before: Oct 8 22:38:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46a6da9cc1acf0eba99a4bd48602ff6905f2eb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e1:a2:e8:0c:a5:1e:8c:19:2d:38:19:9a:33:
a1:3f:0c:60:89:31:bd:76:1e:e5:ea:9b:3d:3b:09:
7f:37:f6:ac:27:35:35:94:42:8e:bd:dc:6b:b9:f8:
47:02:0e:1f:23:25:6c:5d:c4:27:dd:0e:97:53:d7:
d4:ac:a4:c4:ea:fd:b7:45:d2:74:bd:e2:9d:cc:17:
ca:fa:22:42:b2:6a:ab:df:24:2c:81:3b:ee:0d:97:
66:ab:ea:65:e2:7f:de:10:87:db:68:72:6a:d9:e7:
71:20:46:d9:70:e3:b2:cb:bf:be:6e:eb:fc:8b:90:
0b:54:7f:9d:11:f7:5c:1f:ba:8d:e7:82:d4:0e:e4:
e9:dc:d1:7e:97:2d:de:2a:5f:1e:9b:60:b9:c3:cb:
ae:e0:bd:40:b5:05:bd:d0:a9:19:0d:39:91:b9:1a:
ba:1a:73:78:b1:2e:25:0a:25:64:fc:e4:1d:27:7b:
49:7b:9f:7e:81:19:65:50:fe:37:dd:07:ff:fd:59:
f7:39:d0:1d:d0:d4:50:bf:fa:fc:38:24:70:31:df:
93:40:f0:a3:a2:39:75:d1:f7:cf:99:b5:e0:96:8a:
10:bc:46:ff:83:8a:57:2e:b1:66:e0:5c:c4:b2:85:
5d:73:d4:76:e2:67:8b:09:79:94:c5:07:6d:df:8c:
84:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A6:DA:9C:C1:AC:F0:EB:A9:9A:4B:D4:86:02:FF:69:05:F2:EB:24
X509v3 Authority Key Identifier:
keyid:17:CF:12:A6:58:9E:99:8C:9B:EC:13:9A:F8:FC:E7:0A:C4:75:AD:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F88SpliemYyb7BOa-PznCsR1rXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/9bdf34-729d-4be0-b15f-5de0871182ba/1/RqbanMGs8OupmkvUhgL_aQXy6yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/9bdf34-729d-4be0-b15f-5de0871182ba/1/F88SpliemYyb7BOa-PznCsR1rXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.188.0/22
45.118.184.0/22
216.205.160.0/19
IPv6:
2a0e:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
05:21:f0:5c:b5:8d:c3:8f:25:de:22:5a:dc:7e:ba:1d:cd:e0:
04:be:3f:6e:27:0b:f2:7c:43:5b:3d:50:85:e9:6e:01:1e:a6:
aa:a4:8a:62:c0:8f:f1:1f:06:44:84:34:db:69:c6:11:eb:f9:
fe:73:3c:73:ad:18:95:f5:a8:8b:d0:9d:6c:1d:c2:b7:3f:f7:
f0:7f:bb:1e:9a:99:ea:03:7f:8b:3d:71:07:ec:11:7b:f6:87:
67:71:f1:e4:16:e2:dc:44:0b:fc:f6:69:6a:8e:b8:79:98:2e:
b9:39:e6:85:c7:a2:29:8a:a3:74:34:c6:c0:5e:ba:bd:3c:2b:
90:48:ed:dc:08:21:37:3f:97:5a:45:84:7f:f6:6f:50:34:f4:
79:fd:46:0e:7c:b9:3f:d6:77:25:53:bb:19:f9:fc:8c:87:b0:
49:be:8c:a3:18:46:f7:09:3a:44:00:49:82:4e:60:29:33:ea:
66:f5:87:c2:e3:8e:f1:9e:d7:13:34:e9:2c:c6:1f:4c:31:47:
5e:14:01:15:2c:12:da:28:48:64:19:9d:d6:49:52:58:a5:a3:
58:aa:43:3e:3b:74:3c:19:96:b1:d6:7f:1c:57:e4:6d:6b:9a:
ef:6d:64:14:ea:74:ea:40:b4:fe:a0:f3:25:6b:66:b1:82:f8:
22:98:cb:4d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJuSGgZnszudYJ2HIQrg41TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3Y2YxMmE2NTg5ZTk5OGM5YmVjMTM5YWY4ZmNlNzBhYzQ3
NWFkNzIwHhcNMjQxMDA4MjIzODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE2ZGE5Y2MxYWNmMGViYTk5YTRiZDQ4NjAyZmY2OTA1ZjJlYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOGi6AylHowZLTgZmjOhPwxgiTG9
dh7l6ps9Owl/N/asJzU1lEKOvdxrufhHAg4fIyVsXcQn3Q6XU9fUrKTE6v23RdJ0
veKdzBfK+iJCsmqr3yQsgTvuDZdmq+pl4n/eEIfbaHJq2edxIEbZcOOyy7++buv8
i5ALVH+dEfdcH7qN54LUDuTp3NF+ly3eKl8em2C5w8uu4L1AtQW90KkZDTmRuRq6
GnN4sS4lCiVk/OQdJ3tJe59+gRllUP433Qf//Vn3OdAd0NRQv/r8OCRwMd+TQPCj
ojl10ffPmbXglooQvEb/g4pXLrFm4FzEsoVdc9R24meLCXmUxQdt34yELQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEam2pzBrPDrqZpL1IYC/2kF8uskMB8GA1UdIwQY
MBaAFBfPEqZYnpmMm+wTmvj85wrEda1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjg4U3BsaWVtWXliN0JPYS1Qem5Dc1IxclhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS85YmRmMzQtNzI5ZC00YmUwLWIxNWYt
NWRlMDg3MTE4MmJhLzEvUnFiYW5NR3M4T3VwbWt2VWhnTF9hUVh5NnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS85YmRmMzQtNzI5ZC00YmUwLWIxNWYtNWRlMDg3MTE4MmJh
LzEvRjg4U3BsaWVtWXliN0JPYS1Qem5Dc1IxclhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVG8AwQC
LXa4AwQF2M2gMA0EAgACMAcDBQMqDl6AMA0GCSqGSIb3DQEBCwUAA4IBAQAFIfBc
tY3DjyXeIlrcfrodzeAEvj9uJwvyfENbPVCF6W4BHqaqpIpiwI/xHwZEhDTbacYR
6/n+czxzrRiV9aiL0J1sHcK3P/fwf7sempnqA3+LPXEH7BF79odncfHkFuLcRAv8
9mlqjrh5mC65OeaFx6IpiqN0NMbAXrq9PCuQSO3cCCE3P5daRYR/9m9QNPR5/UYO
fLk/1nclU7sZ+fyMh7BJvoyjGEb3CTpEAEmCTmApM+pm9YfC447xntcTNOksxh9M
MUdeFAEVLBLaKEhkGZ3WSVJYpaNYqkM+O3Q8GZax1n8cV+Rta5rvbWQU6nTqQLT+
oPMla2axgvgimMtN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:30 2025 by rpki-client