Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CXujsmNIMb1SWPCSVq-ZwK2ih88.roa
File: CXujsmNIMb1SWPCSVq-ZwK2ih88.roa (raw, json)
Hash identifier: ytWwQ0kAb6x1YlU/Eztq5fcv/eNDF7L3jZ8nh7GvNhc=
Subject key identifier: 09:7B:A3:B2:63:48:31:BD:52:58:F0:92:56:AF:99:C0:AD:A2:87:CF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01945ACDEA45D582AD8D56E6DFCAE3B222C2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CXujsmNIMb1SWPCSVq-ZwK2ih88.roa
Signing time: Sun 12 Jan 2025 13:57:11 +0000
ROA not before: Sun 12 Jan 2025 13:57:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208959
IP address blocks: 45.9.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:cd:ea:45:d5:82:ad:8d:56:e6:df:ca:e3:b2:22:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 12 13:57:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097ba3b2634831bd5258f09256af99c0ada287cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b5:20:82:97:32:43:48:26:70:af:a6:9f:73:
f8:28:db:54:72:21:c9:ac:48:fc:a2:ad:08:16:25:
f9:9c:e7:48:8d:c8:98:85:7e:b2:98:48:a3:d7:fe:
77:44:1b:78:46:a0:e4:4d:55:51:48:d7:a5:7a:75:
b2:25:48:27:e0:b4:78:8e:38:aa:b6:bd:cc:65:fb:
ae:f8:4e:3b:fc:88:51:f0:46:35:2c:b8:e7:3a:62:
69:1a:f4:03:e3:ed:c2:29:e1:86:f1:0b:74:c4:4e:
9c:c3:8f:63:34:d4:4d:6e:a7:3d:d7:e9:6e:a0:88:
09:56:a8:c0:16:82:e7:9c:cb:28:39:aa:1b:c7:10:
52:a4:11:98:94:5c:6d:a2:51:39:9f:52:cb:9d:83:
83:8c:05:8b:93:ca:36:99:ba:40:df:c3:98:48:7f:
b6:ce:a7:1e:ae:52:13:fc:aa:c1:20:f4:40:c6:38:
37:13:b5:a5:1b:15:f2:19:d2:60:be:0c:1b:11:d0:
08:25:aa:35:e2:c7:e2:34:c4:11:a2:de:55:18:cb:
98:fb:b8:09:bc:6f:0c:85:9e:ab:3c:97:e9:8e:e3:
20:53:43:82:30:51:ba:2b:80:69:49:05:01:37:64:
7c:3d:1a:3d:8a:0b:68:65:53:b9:84:1c:98:df:d9:
58:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7B:A3:B2:63:48:31:BD:52:58:F0:92:56:AF:99:C0:AD:A2:87:CF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CXujsmNIMb1SWPCSVq-ZwK2ih88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.118.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:60:dd:08:db:01:65:d7:12:52:51:ab:9e:cc:20:e6:4c:b3:
ec:96:e1:0a:ce:8d:da:17:7a:20:fc:ec:69:bb:35:0d:91:4b:
27:e0:45:84:29:7b:d9:af:ff:7c:94:6a:92:43:a2:38:88:92:
c7:c4:df:72:e8:e9:df:41:f0:b7:53:f8:b1:9f:3d:33:56:5f:
1c:76:ab:b3:32:f9:1b:ac:70:aa:b5:0a:bb:b1:f9:81:5e:c1:
b2:08:c9:f9:99:b9:ff:fc:c6:89:8b:6c:14:ae:2d:72:4e:19:
e6:d5:8f:05:c2:27:bb:60:f4:55:7b:64:dd:f3:a5:14:6f:22:
9c:ab:f3:36:1e:33:14:ac:9f:53:49:3d:62:ef:3f:99:82:cc:
08:72:e6:c6:49:20:3f:16:2e:f5:90:77:cf:68:af:85:26:95:
23:31:ee:6a:d8:8c:43:92:55:2f:36:b2:c5:49:fb:22:ed:25:
70:87:0a:12:f3:db:9b:0b:a1:dc:47:5a:ca:a9:12:37:af:eb:
db:3c:bb:f8:bc:f1:d4:b5:a5:22:01:e1:4f:6c:d0:7d:4c:9a:
63:76:a5:0d:20:99:64:e5:f7:04:f2:3c:08:b1:a1:b7:ce:e3:
b1:6c:76:c9:a5:3e:c5:a2:b9:e0:94:70:d5:d1:0f:43:6b:82:
dc:21:32:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRazepF1YKtjVbm38rjsiLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTEyMTM1NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdiYTNiMjYzNDgzMWJkNTI1OGYwOTI1NmFmOTljMGFkYTI4N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbUggpcyQ0gmcK+mn3P4KNtUciHJ
rEj8oq0IFiX5nOdIjciYhX6ymEij1/53RBt4RqDkTVVRSNelenWyJUgn4LR4jjiq
tr3MZfuu+E47/IhR8EY1LLjnOmJpGvQD4+3CKeGG8Qt0xE6cw49jNNRNbqc91+lu
oIgJVqjAFoLnnMsoOaobxxBSpBGYlFxtolE5n1LLnYODjAWLk8o2mbpA38OYSH+2
zqcerlIT/KrBIPRAxjg3E7WlGxXyGdJgvgwbEdAIJao14sfiNMQRot5VGMuY+7gJ
vG8MhZ6rPJfpjuMgU0OCMFG6K4BpSQUBN2R8PRo9igtoZVO5hByY39lYDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl7o7JjSDG9UljwklavmcCtoofPMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ1h1anNtTklNYjFTV1BDU1ZxLVp3SzJpaDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQl2MA0G
CSqGSIb3DQEBCwUAA4IBAQCLYN0I2wFl1xJSUauezCDmTLPsluEKzo3aF3og/Oxp
uzUNkUsn4EWEKXvZr/98lGqSQ6I4iJLHxN9y6OnfQfC3U/ixnz0zVl8cdquzMvkb
rHCqtQq7sfmBXsGyCMn5mbn//MaJi2wUri1yThnm1Y8Fwie7YPRVe2Td86UUbyKc
q/M2HjMUrJ9TST1i7z+ZgswIcubGSSA/Fi71kHfPaK+FJpUjMe5q2IxDklUvNrLF
Sfsi7SVwhwoS89ubC6HcR1rKqRI3r+vbPLv4vPHUtaUiAeFPbNB9TJpjdqUNIJlk
5fcE8jwIsaG3zuOxbHbJpT7FornglHDV0Q9Da4LcITJZ
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:59:01 2025 by rpki-client