Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DmON0g-I4CaZpp9Ob0bUsJfUpB8.roa
File: DmON0g-I4CaZpp9Ob0bUsJfUpB8.roa (raw, json)
Hash identifier: eTpt72b4rv25ORnqtZp/g3xrm1fI3y077BzlcBX5D7Q=
Subject key identifier: 0E:63:8D:D2:0F:88:E0:26:99:A6:9F:4E:6F:46:D4:B0:97:D4:A4:1F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F2882F79D4533830F6EEAD5BFB9B23840
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DmON0g-I4CaZpp9Ob0bUsJfUpB8.roa
Signing time: Mon 29 Apr 2024 06:20:22 +0000
ROA not before: Mon 29 Apr 2024 06:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a07:f300::/29 maxlen: 29
2a0f:e847:ffff::/48 maxlen: 48
2a13:18c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 May 2024 20:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:82:f7:9d:45:33:83:0f:6e:ea:d5:bf:b9:b2:38:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 29 06:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e638dd20f88e02699a69f4e6f46d4b097d4a41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fb:0c:57:1a:00:1a:66:81:a8:71:c8:6c:f7:
91:b7:e4:a9:2f:8d:01:90:d8:2e:31:9e:f1:25:27:
98:69:ba:6e:68:37:46:65:c7:e4:2b:73:c1:d6:b3:
ee:af:ac:f6:a9:bf:9c:15:44:96:82:4d:75:3b:d5:
ab:fc:0c:04:b2:49:8c:d2:31:be:6a:b8:fb:5b:25:
e0:7c:3e:f0:a1:fe:22:41:39:4c:a5:06:94:72:10:
25:cf:9f:0c:26:49:de:23:83:87:41:14:db:5e:1d:
05:44:38:53:10:be:87:0e:98:f3:28:f8:5d:e6:d0:
99:fd:7c:d1:34:a0:0d:ba:f7:72:de:87:b5:00:cb:
76:b9:18:0d:f7:49:06:fb:6a:1a:94:1c:d6:8a:3d:
f4:4a:d1:ee:76:33:ba:c6:71:c4:0f:13:01:64:ae:
3a:09:91:83:69:1b:4e:3d:25:28:bd:71:1c:4f:06:
2c:42:15:49:59:da:a9:4e:de:35:ae:2e:99:33:c1:
a8:05:ba:f4:75:53:2d:48:02:61:74:4a:e4:81:2c:
ea:17:d1:0d:c2:9c:a7:93:21:2d:6a:ff:40:a6:c1:
e1:db:80:d7:54:16:ad:f5:6d:c0:16:3e:23:87:4f:
47:1c:8b:e6:92:c0:5a:7e:0a:c0:6c:ce:f6:8e:7c:
11:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:63:8D:D2:0F:88:E0:26:99:A6:9F:4E:6F:46:D4:B0:97:D4:A4:1F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DmON0g-I4CaZpp9Ob0bUsJfUpB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a07:f300::/29
2a0f:e847:ffff::/48
2a13:18c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
cb:76:db:01:e0:4c:31:b9:e9:93:b6:e1:f7:e5:61:60:d0:4a:
a4:be:a9:fc:d2:7f:11:4e:47:8f:68:44:e1:2b:f7:77:e5:b7:
2b:16:04:e6:d6:70:a5:ca:9d:45:86:d6:ae:da:08:44:38:e1:
e7:fd:a4:bb:f7:a7:c9:39:26:fa:c7:4b:dc:75:ee:23:20:d0:
2a:93:a8:a3:e9:5a:f2:99:ec:bd:93:38:12:a1:a2:fa:bd:66:
2c:2f:71:81:28:62:9f:75:7c:40:67:2f:ee:91:49:62:e8:1e:
9e:1d:a5:6f:1a:83:f1:69:d4:8c:f6:b1:cd:b6:7d:fd:ed:3e:
ec:34:d8:52:43:4d:4b:8d:98:ef:35:65:10:bb:aa:4c:4b:6c:
7e:6f:2e:83:b2:be:9a:50:48:1b:b9:73:a7:18:2f:09:91:19:
1d:e6:12:27:16:d5:6e:a8:2a:89:22:69:33:e5:a4:0d:52:b4:
7a:c4:ac:31:98:8a:37:4b:42:aa:71:fa:21:08:09:32:8d:a0:
a2:f6:33:68:b8:55:06:ae:6e:7b:35:13:4b:97:f6:80:8c:62:
5e:dd:07:22:01:3c:70:b7:18:4c:b3:1d:d3:8a:c8:34:1c:9d:
33:b5:ec:9b:62:bb:13:c9:b0:31:5f:a4:8a:d5:b7:3e:cc:97:
17:8c:27:d5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY8ogvedRTODD27q1b+5sjhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDI5MDYyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTYzOGRkMjBmODhlMDI2OTlhNjlmNGU2ZjQ2ZDRiMDk3ZDRhNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/sMVxoAGmaBqHHIbPeRt+SpL40B
kNguMZ7xJSeYabpuaDdGZcfkK3PB1rPur6z2qb+cFUSWgk11O9Wr/AwEskmM0jG+
arj7WyXgfD7wof4iQTlMpQaUchAlz58MJkneI4OHQRTbXh0FRDhTEL6HDpjzKPhd
5tCZ/XzRNKANuvdy3oe1AMt2uRgN90kG+2oalBzWij30StHudjO6xnHEDxMBZK46
CZGDaRtOPSUovXEcTwYsQhVJWdqpTt41ri6ZM8GoBbr0dVMtSAJhdErkgSzqF9EN
wpynkyEtav9ApsHh24DXVBat9W3AFj4jh09HHIvmksBafgrAbM72jnwR2QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFA5jjdIPiOAmmaafTm9G1LCX1KQfMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRG1PTjBnLUk0Q2FacHA5T2IwYlVzSmZVcEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MB8EAgACMBkDBQMqB/MAAwcAKg/oR///AwcAKhMYwAACMA0GCSqG
SIb3DQEBCwUAA4IBAQDLdtsB4EwxuemTtuH35WFg0Eqkvqn80n8RTkePaEThK/d3
5bcrFgTm1nClyp1Fhtau2ghEOOHn/aS796fJOSb6x0vcde4jINAqk6ij6Vrymey9
kzgSoaL6vWYsL3GBKGKfdXxAZy/ukUli6B6eHaVvGoPxadSM9rHNtn397T7sNNhS
Q01LjZjvNWUQu6pMS2x+by6Dsr6aUEgbuXOnGC8JkRkd5hInFtVuqCqJImkz5aQN
UrR6xKwxmIo3S0KqcfohCAkyjaCi9jNouFUGrm57NRNLl/aAjGJe3QciATxwtxhM
sx3Tisg0HJ0zteybYrsTybAxX6SK1bc+zJcXjCfV
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:30 2025 by rpki-client