Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/RYXP-p0msq9C99WwFNHOEqvj0zg.roa
File: RYXP-p0msq9C99WwFNHOEqvj0zg.roa (raw, json)
Hash identifier: YSnaHqVqgp+KZjBUs3869SLyDyF3TutrM2NavYnxqzY=
Subject key identifier: 45:85:CF:FA:9D:26:B2:AF:42:F7:D5:B0:14:D1:CE:12:AB:E3:D3:38
Certificate issuer: /CN=235163d39db88816cddc597a5db5eae707d3de39
Certificate serial: 018CC5DC64FD8AAC926836C7405F756EAE7E
Authority key identifier: 23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/RYXP-p0msq9C99WwFNHOEqvj0zg.roa
Signing time: Mon 01 Jan 2024 16:30:04 +0000
ROA not before: Mon 01 Jan 2024 16:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203819
IP address blocks: 45.150.123.0/24 maxlen: 24
2a0f:be01::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:64:fd:8a:ac:92:68:36:c7:40:5f:75:6e:ae:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=235163d39db88816cddc597a5db5eae707d3de39
Validity
Not Before: Jan 1 16:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4585cffa9d26b2af42f7d5b014d1ce12abe3d338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:f5:0c:97:1e:f4:db:ab:79:ba:f0:a0:65:
5d:8e:2e:5d:40:59:90:82:d7:99:3c:ba:67:5e:b6:
21:48:23:7e:4f:05:e2:5c:f8:9a:e9:2e:11:1c:22:
75:6d:4a:32:11:0e:f3:bf:9f:9c:f0:56:2a:ea:51:
7e:31:c2:bb:89:bc:57:fc:a1:55:7d:d9:6e:05:f1:
1b:86:ff:94:3e:1e:96:0f:1d:65:e9:76:33:ef:ae:
2b:08:db:cd:ec:ea:22:96:a8:dd:72:9d:2b:4c:72:
ac:cd:b7:85:dc:77:b1:a6:1d:1b:0b:ce:5e:7e:56:
25:65:f1:bd:a4:ce:a3:21:d7:70:12:12:6e:08:db:
fd:e4:f5:89:47:f5:36:50:0b:64:1d:10:a5:6c:bc:
49:46:7a:f4:6d:89:ca:3f:8e:5f:8e:d0:6b:94:87:
36:bc:4a:75:6a:10:fa:1f:94:d4:4d:d8:92:f2:1b:
c3:11:11:79:55:96:33:90:2e:31:e7:09:40:27:fe:
e5:10:eb:5e:a5:a5:b3:fb:a6:07:30:9f:40:d7:dd:
4a:25:77:bd:0d:95:9a:5a:43:71:bc:7c:8a:a4:20:
7c:12:03:14:cd:fd:20:a2:e1:2b:eb:f3:c7:c8:cf:
30:16:57:a7:8c:2e:94:36:95:8a:a6:d7:21:75:b5:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:85:CF:FA:9D:26:B2:AF:42:F7:D5:B0:14:D1:CE:12:AB:E3:D3:38
X509v3 Authority Key Identifier:
keyid:23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/RYXP-p0msq9C99WwFNHOEqvj0zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.123.0/24
IPv6:
2a0f:be01::/40
Signature Algorithm: sha256WithRSAEncryption
a4:84:49:5a:31:97:ee:76:c6:cd:28:90:da:04:61:a3:ee:08:
b1:d1:78:5c:c6:a7:83:fd:34:0e:8a:0a:6c:3b:1c:91:24:e9:
a6:8e:59:4e:e9:90:23:7f:7c:bb:71:c5:b9:59:27:1f:8f:ec:
cf:c2:67:f0:de:70:43:30:36:61:a9:bd:2b:d8:98:a5:59:bd:
84:8f:70:a1:41:0a:00:8f:b6:8a:69:c2:d6:d4:b8:97:5e:b4:
6d:b6:08:50:c2:dc:0e:07:6d:c4:45:fe:1f:63:33:ca:cf:1b:
da:b0:11:d8:cb:39:d5:23:4a:58:7b:d8:b7:c7:ff:e5:ef:14:
8a:0a:eb:c9:4f:6b:eb:71:db:22:76:ee:96:a9:e0:e6:3a:d0:
71:67:f1:61:f3:73:26:57:68:c3:e6:0c:79:65:ec:0c:27:26:
f8:6d:0b:2e:92:27:dc:eb:98:4a:31:77:cc:22:82:00:a0:82:
60:61:ec:50:20:7c:db:4a:27:9b:d8:57:83:44:29:c4:5a:92:
9e:96:e0:d2:d8:d7:26:93:7b:c6:85:32:d4:80:95:31:8e:5b:
5b:a9:eb:e2:cd:85:ce:6f:b6:85:19:eb:00:95:c3:ae:ec:39:
57:dc:86:df:d1:22:3c:98:bc:5b:9e:8d:d2:43:61:ad:c1:ea:
1f:31:19:5b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3GT9iqySaDbHQF91bq5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTE2M2QzOWRiODg4MTZjZGRjNTk3YTVkYjVlYWU3MDdk
M2RlMzkwHhcNMjQwMTAxMTYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTg1Y2ZmYTlkMjZiMmFmNDJmN2Q1YjAxNGQxY2UxMmFiZTNkMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDv1DJce9NurebrwoGVdji5dQFmQ
gteZPLpnXrYhSCN+TwXiXPia6S4RHCJ1bUoyEQ7zv5+c8FYq6lF+McK7ibxX/KFV
fdluBfEbhv+UPh6WDx1l6XYz764rCNvN7Ooilqjdcp0rTHKszbeF3Hexph0bC85e
flYlZfG9pM6jIddwEhJuCNv95PWJR/U2UAtkHRClbLxJRnr0bYnKP45fjtBrlIc2
vEp1ahD6H5TUTdiS8hvDERF5VZYzkC4x5wlAJ/7lEOtepaWz+6YHMJ9A191KJXe9
DZWaWkNxvHyKpCB8EgMUzf0gouEr6/PHyM8wFlenjC6UNpWKptchdbX3rQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEWFz/qdJrKvQvfVsBTRzhKr49M4MB8GA1UdIwQY
MBaAFCNRY9OduIgWzdxZel216ucH0945MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgt
OTE1MDI5NmRhYTBhLzEvUllYUC1wMG1zcTlDOTlXd0ZOSE9FcXZqMHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgtOTE1MDI5NmRhYTBh
LzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALZZ7MA4E
AgACMAgDBgAqD74BADANBgkqhkiG9w0BAQsFAAOCAQEApIRJWjGX7nbGzSiQ2gRh
o+4IsdF4XMang/00DooKbDsckSTppo5ZTumQI398u3HFuVknH4/sz8Jn8N5wQzA2
Yam9K9iYpVm9hI9woUEKAI+2imnC1tS4l160bbYIUMLcDgdtxEX+H2Mzys8b2rAR
2Ms51SNKWHvYt8f/5e8UigrryU9r63HbInbulqng5jrQcWfxYfNzJldow+YMeWXs
DCcm+G0LLpIn3OuYSjF3zCKCAKCCYGHsUCB820onm9hXg0QpxFqSnpbg0tjXJpN7
xoUy1ICVMY5bW6nr4s2Fzm+2hRnrAJXDruw5V9yG39EiPJi8W56N0kNhrcHqHzEZ
Ww==
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:49:04 2025 by rpki-client