Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1w41Ns0dqo1AKbYF_tbz2G1tztE.roa
File: 1w41Ns0dqo1AKbYF_tbz2G1tztE.roa (raw, json)
Hash identifier: iUonkQwMZsgktif31gIwdEyfN0n7JFPQV9iwc27ER78=
Subject key identifier: D7:0E:35:36:CD:1D:AA:8D:40:29:B6:05:FE:D6:F3:D8:6D:6D:CE:D1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019395D9F7BB2CF943271538CCAADEA17394
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1w41Ns0dqo1AKbYF_tbz2G1tztE.roa
Signing time: Thu 05 Dec 2024 08:05:10 +0000
ROA not before: Thu 05 Dec 2024 08:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 45.86.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:95:d9:f7:bb:2c:f9:43:27:15:38:cc:aa:de:a1:73:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 5 08:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d70e3536cd1daa8d4029b605fed6f3d86d6dced1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:63:f4:66:7f:3a:b1:ac:4b:9e:7e:1a:5f:73:
38:d6:c7:ad:98:57:6c:1e:c6:48:d8:92:af:db:a8:
c4:b0:58:c5:d8:f7:85:a0:91:90:4b:07:8c:e3:aa:
3d:ba:bc:c4:29:6e:66:c8:65:48:3c:7d:03:2e:2c:
d5:3a:fa:8e:8d:ae:6a:84:83:3a:8a:11:30:cc:86:
3f:3d:71:55:76:6d:63:3f:5f:c3:4b:c2:f8:b2:6c:
fd:ee:f3:23:4f:56:1c:30:a6:4a:ef:61:1d:f8:1c:
49:38:e2:cd:7c:5f:27:db:4d:c3:37:01:44:b2:ac:
85:03:27:85:db:54:c3:7b:69:55:a2:7e:57:10:f8:
5d:58:4f:08:79:e0:d4:a9:c8:49:53:d5:00:93:f9:
e1:e3:7e:4a:36:93:dc:de:f4:59:ef:d6:79:ef:cd:
06:29:1e:5a:71:09:c8:08:13:9b:21:18:69:30:7e:
f8:70:b9:ea:58:cc:42:9a:6e:6f:2c:cb:69:95:42:
ba:27:fd:9c:a0:78:4e:f7:0e:1c:27:6e:8e:e2:14:
a3:49:42:b3:40:ab:6f:2b:a2:87:17:2f:53:15:3a:
60:49:ed:02:a9:46:11:da:42:27:ba:cb:5d:37:d9:
03:42:4e:50:a3:ab:52:5b:fb:b3:51:13:ab:e8:92:
e6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0E:35:36:CD:1D:AA:8D:40:29:B6:05:FE:D6:F3:D8:6D:6D:CE:D1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1w41Ns0dqo1AKbYF_tbz2G1tztE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c3:ea:6e:bb:4e:a8:48:9b:9d:a9:c3:54:0f:95:7e:fe:90:
c8:73:f4:2c:39:df:93:a3:64:20:36:33:db:e9:60:26:bc:74:
47:e0:26:8d:a2:34:54:8c:07:01:51:c6:50:c7:77:1e:60:09:
fd:7f:7b:00:25:99:9f:09:5e:a5:87:6c:5b:72:69:42:a1:a3:
3c:ca:d8:f9:01:74:7d:f7:2e:0e:9c:73:ae:55:61:18:d7:16:
96:0e:61:3e:dc:7c:fc:94:64:ab:55:a6:20:f0:86:69:43:84:
62:58:62:c7:6c:fb:66:3a:0f:85:17:ce:a1:96:9b:81:c7:99:
54:f8:45:8a:6c:77:c4:64:28:28:ec:83:06:47:0f:4b:26:03:
6d:35:08:6a:b1:e5:83:49:86:1b:2e:70:6c:59:70:80:9b:89:
3a:2f:17:a6:e3:6d:a6:6b:2f:c1:d0:d8:62:07:9c:09:47:e6:
c8:e7:55:4a:1b:1e:16:98:06:03:88:aa:d6:42:8a:ed:b1:a8:
ce:8b:78:3b:73:1a:77:6c:fd:78:63:97:5a:97:27:92:70:51:
54:77:3d:5d:61:27:26:5a:ca:d8:05:3f:15:59:58:b6:e2:1b:
69:f9:6b:d9:27:28:ab:a4:de:c2:41:a0:f6:4e:c0:88:67:0d:
e5:d7:89:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOV2fe7LPlDJxU4zKreoXOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjA1MDgwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBlMzUzNmNkMWRhYThkNDAyOWI2MDVmZWQ2ZjNkODZkNmRjZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12P0Zn86saxLnn4aX3M41setmFds
HsZI2JKv26jEsFjF2PeFoJGQSweM46o9urzEKW5myGVIPH0DLizVOvqOja5qhIM6
ihEwzIY/PXFVdm1jP1/DS8L4smz97vMjT1YcMKZK72Ed+BxJOOLNfF8n203DNwFE
sqyFAyeF21TDe2lVon5XEPhdWE8IeeDUqchJU9UAk/nh435KNpPc3vRZ79Z5780G
KR5acQnICBObIRhpMH74cLnqWMxCmm5vLMtplUK6J/2coHhO9w4cJ26O4hSjSUKz
QKtvK6KHFy9TFTpgSe0CqUYR2kInustdN9kDQk5Qo6tSW/uzUROr6JLmNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcONTbNHaqNQCm2Bf7W89htbc7RMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMXc0MU5zMGRxbzFBS2JZRl90YnoyRzF0enRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVYMMA0G
CSqGSIb3DQEBCwUAA4IBAQBYw+puu06oSJudqcNUD5V+/pDIc/QsOd+To2QgNjPb
6WAmvHRH4CaNojRUjAcBUcZQx3ceYAn9f3sAJZmfCV6lh2xbcmlCoaM8ytj5AXR9
9y4OnHOuVWEY1xaWDmE+3Hz8lGSrVaYg8IZpQ4RiWGLHbPtmOg+FF86hlpuBx5lU
+EWKbHfEZCgo7IMGRw9LJgNtNQhqseWDSYYbLnBsWXCAm4k6Lxem422may/B0Nhi
B5wJR+bI51VKGx4WmAYDiKrWQortsajOi3g7cxp3bP14Y5dalyeScFFUdz1dYScm
WsrYBT8VWVi24htp+WvZJyirpN7CQaD2TsCIZw3l14ki
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:35:25 2025 by rpki-client