Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/SfWd8PU5bSUqsbiu7olkUIK2bZc.roa
File: SfWd8PU5bSUqsbiu7olkUIK2bZc.roa (raw, json)
Hash identifier: 8XSBkNkff1DXnDHb+0wk5Y4w42UzHqznOLuRrVaPKOw=
Subject key identifier: 49:F5:9D:F0:F5:39:6D:25:2A:B1:B8:AE:EE:89:64:50:82:B6:6D:97
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 0193FF3DC9659701B029AC09D0337E9312EA
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/SfWd8PU5bSUqsbiu7olkUIK2bZc.roa
Signing time: Wed 25 Dec 2024 19:14:19 +0000
ROA not before: Wed 25 Dec 2024 19:14:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42675
IP address blocks: 45.15.16.0/24 maxlen: 24
2a0e:1c80:1::/48 maxlen: 48
2a12:7800::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Dec 2024 19:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ff:3d:c9:65:97:01:b0:29:ac:09:d0:33:7e:93:12:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Dec 25 19:14:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49f59df0f5396d252ab1b8aeee89645082b66d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e7:a0:4c:e2:82:cf:2f:21:17:f0:55:e3:3c:
2b:b2:df:b3:02:4d:27:b8:00:5e:9a:12:2e:7f:03:
0a:98:dd:5c:2b:0c:bf:73:76:4b:db:eb:b1:03:56:
37:17:c0:d5:9e:98:85:13:50:31:02:b9:b7:d6:4c:
0f:1b:40:c4:ba:c9:bb:84:4b:9b:a5:c9:e9:3f:43:
6c:47:33:84:79:f7:68:49:7b:1d:db:67:0d:fd:df:
19:4b:e6:c7:30:10:b1:ab:40:99:07:b7:93:fb:0d:
27:4d:61:2e:1a:c2:c7:65:19:60:19:72:f0:4a:32:
2b:8f:0a:35:a8:91:aa:52:60:84:36:26:a9:4c:6c:
38:85:b6:21:04:da:cd:24:15:51:f1:5c:5b:40:1d:
7f:d1:a2:cc:a1:f1:1d:7b:5a:8a:17:d3:9f:e5:50:
98:b4:9c:cc:02:e0:66:98:0f:14:e7:e6:9e:3d:bb:
dc:72:10:fb:0f:2b:a8:bd:a4:57:a7:54:e7:56:06:
98:2b:9e:41:f3:07:d8:23:cf:5f:6c:2b:fa:eb:98:
fb:2f:d9:0b:56:ca:ca:24:55:4c:09:3c:b2:69:ff:
e5:2b:04:66:91:3a:aa:2c:60:a1:ef:aa:1c:da:6f:
0f:57:04:de:4c:e6:0a:23:97:8b:9d:af:54:d7:f4:
42:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F5:9D:F0:F5:39:6D:25:2A:B1:B8:AE:EE:89:64:50:82:B6:6D:97
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/SfWd8PU5bSUqsbiu7olkUIK2bZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.16.0/24
IPv6:
2a0e:1c80:1::/48
2a12:7800::/32
Signature Algorithm: sha256WithRSAEncryption
29:07:21:23:5e:3f:f0:5a:74:dc:90:ec:73:b3:ce:56:4c:d0:
ea:4f:7a:d0:ce:2a:55:bc:71:aa:72:cd:74:dc:b9:b7:76:70:
ae:ba:b2:f7:8a:8e:7d:37:ac:db:ba:2e:4c:5d:bb:13:b7:0e:
89:1a:b4:51:3d:ce:eb:f5:0a:49:be:e2:ec:0f:dc:dc:a8:89:
b4:dc:58:04:c4:a4:0a:3e:b8:c7:04:e9:92:b6:c8:17:b3:2f:
29:04:d6:17:a9:9a:f0:ca:66:cf:23:29:70:97:55:d4:7f:36:
87:57:83:86:ec:10:06:25:cb:61:3e:86:84:be:3c:07:1d:22:
df:73:8e:85:da:49:9c:83:67:62:9c:1d:bd:2b:e2:f2:c5:89:
04:41:86:3c:c0:94:33:15:a3:ee:76:5b:cc:fe:cb:e7:20:ac:
48:87:5e:04:66:d1:7d:3c:2c:8f:46:49:c7:30:7e:f7:c9:66:
c8:14:f7:40:fb:b1:55:5e:1d:d9:22:dc:ca:ad:3d:82:af:62:
fc:a1:ad:98:a8:f2:1d:91:90:a3:ed:99:ad:40:0e:98:1c:f5:
de:2b:4d:98:4e:46:09:02:0f:8b:5c:b9:cb:04:eb:3a:b3:0e:
ea:bd:88:74:8b:05:12:a6:d8:5d:12:5f:b7:38:55:c6:d9:a3:
9d:78:7f:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZP/PclllwGwKawJ0DN+kxLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQxMjI1MTkxNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY1OWRmMGY1Mzk2ZDI1MmFiMWI4YWVlZTg5NjQ1MDgyYjY2ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuegTOKCzy8hF/BV4zwrst+zAk0n
uABemhIufwMKmN1cKwy/c3ZL2+uxA1Y3F8DVnpiFE1AxArm31kwPG0DEusm7hEub
pcnpP0NsRzOEefdoSXsd22cN/d8ZS+bHMBCxq0CZB7eT+w0nTWEuGsLHZRlgGXLw
SjIrjwo1qJGqUmCENiapTGw4hbYhBNrNJBVR8VxbQB1/0aLMofEde1qKF9Of5VCY
tJzMAuBmmA8U5+aePbvcchD7DyuovaRXp1TnVgaYK55B8wfYI89fbCv665j7L9kL
VsrKJFVMCTyyaf/lKwRmkTqqLGCh76oc2m8PVwTeTOYKI5eLna9U1/RC6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEn1nfD1OW0lKrG4ru6JZFCCtm2XMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvU2ZXZDhQVTViU1Vxc2JpdTdvbGtVSUsyYlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALQ8QMBYE
AgACMBADBwAqDhyAAAEDBQAqEngAMA0GCSqGSIb3DQEBCwUAA4IBAQApByEjXj/w
WnTckOxzs85WTNDqT3rQzipVvHGqcs103Lm3dnCuurL3io59N6zbui5MXbsTtw6J
GrRRPc7r9QpJvuLsD9zcqIm03FgExKQKPrjHBOmStsgXsy8pBNYXqZrwymbPIylw
l1XUfzaHV4OG7BAGJcthPoaEvjwHHSLfc46F2kmcg2dinB29K+LyxYkEQYY8wJQz
FaPudlvM/svnIKxIh14EZtF9PCyPRknHMH73yWbIFPdA+7FVXh3ZItzKrT2Cr2L8
oa2YqPIdkZCj7ZmtQA6YHPXeK02YTkYJAg+LXLnLBOs6sw7qvYh0iwUSpthdEl+3
OFXG2aOdeH9a
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:07:16 2025 by rpki-client