Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qj3DQFZ2qrnDVFnMnrib5Qe8PH0.roa
File: Qj3DQFZ2qrnDVFnMnrib5Qe8PH0.roa (raw, json)
Hash identifier: lzYSm9fGYgD5IgG+Vr9D1Cc9wq+ail0joPu1rfDaoNA=
Subject key identifier: 42:3D:C3:40:56:76:AA:B9:C3:54:59:CC:9E:B8:9B:E5:07:BC:3C:7D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019435EE05C359D80028ABBB65B515FB04AA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qj3DQFZ2qrnDVFnMnrib5Qe8PH0.roa
Signing time: Sun 05 Jan 2025 10:06:19 +0000
ROA not before: Sun 05 Jan 2025 10:06:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60068
IP address blocks: 45.12.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:ee:05:c3:59:d8:00:28:ab:bb:65:b5:15:fb:04:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 5 10:06:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423dc3405676aab9c35459cc9eb89be507bc3c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4f:ea:ec:90:68:e1:8f:29:c5:e1:23:1a:1c:
2f:99:21:94:37:9e:c0:0e:70:d4:9b:31:65:ee:bf:
9b:9a:56:f6:1f:45:d8:8b:e9:92:d6:83:b4:ce:f3:
b6:f7:3c:e5:da:19:17:3f:28:4d:df:fb:0c:02:89:
ed:61:92:83:84:0e:41:ed:62:dc:6c:24:d9:37:70:
dc:ae:f1:d6:8e:d9:35:b6:50:ef:87:26:94:a1:1b:
86:5d:bf:6f:18:c3:b7:95:b8:47:ad:80:0b:2b:e1:
c8:1a:86:34:21:c3:2d:b5:ef:e4:1f:47:0b:1b:ba:
86:ec:62:f0:81:bb:29:dc:a7:e9:69:15:65:3e:93:
1e:14:ab:5f:5b:b6:d7:09:96:ff:a0:19:e9:5c:84:
53:19:03:ca:49:80:a0:b9:44:f8:f0:be:73:c4:e4:
b2:2f:db:e0:27:bd:cb:3b:c4:aa:ef:30:28:0e:5b:
38:b2:0d:a4:0a:8e:95:cc:a3:41:0c:98:f1:8a:74:
7e:ec:a0:9d:0f:37:31:0c:f9:2d:c8:90:79:14:0c:
77:6e:44:52:cc:a4:9a:8a:21:db:82:1f:a6:2b:b8:
27:b8:12:2b:53:d1:3c:d3:0d:9d:d8:08:1b:b3:91:
de:03:97:ff:b8:3b:00:5e:b3:68:1e:7e:c6:37:52:
1e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3D:C3:40:56:76:AA:B9:C3:54:59:CC:9E:B8:9B:E5:07:BC:3C:7D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qj3DQFZ2qrnDVFnMnrib5Qe8PH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.61.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a3:a7:09:42:14:4a:39:9b:dd:1f:15:bb:e0:d4:76:7f:f3:
fc:e2:66:da:99:15:bf:5b:93:ae:79:b7:b9:a6:12:68:6f:23:
45:df:d3:68:7b:d8:72:36:74:67:f4:42:a9:c5:5f:49:bb:d7:
fa:db:75:36:d7:00:8a:d6:87:71:51:40:6e:22:91:57:fc:40:
da:53:03:14:27:55:ca:7e:00:9c:31:1a:62:b5:4c:05:89:39:
17:4c:75:fe:79:2a:25:d3:da:9f:50:b6:d3:ac:39:91:d0:f3:
5f:6e:7d:28:e5:4b:bb:82:6b:11:bc:57:40:37:7a:ac:0e:96:
64:3e:20:9a:35:a4:81:11:c2:d0:13:0d:1f:40:7e:03:7d:fe:
4c:97:19:a9:b9:15:10:ed:21:80:15:cf:62:41:b3:79:73:96:
f7:f8:a8:32:f9:a4:55:ed:56:6b:db:b2:fb:58:ae:db:47:3b:
2c:a5:80:de:04:e5:56:6f:67:88:b3:a0:03:c2:7b:f9:7b:e8:
35:de:c0:d9:54:e6:c2:a6:8f:42:3c:93:65:df:43:d8:84:f6:
04:1f:4f:10:d8:b4:f0:73:da:05:6d:c2:bb:8a:e3:2c:b9:b8:
c3:47:3d:f1:51:65:8b:1b:d2:14:7d:81:ad:91:89:ed:c8:d0:
30:10:ef:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ17gXDWdgAKKu7ZbUV+wSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTA1MTAwNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNkYzM0MDU2NzZhYWI5YzM1NDU5Y2M5ZWI4OWJlNTA3YmMzYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU/q7JBo4Y8pxeEjGhwvmSGUN57A
DnDUmzFl7r+bmlb2H0XYi+mS1oO0zvO29zzl2hkXPyhN3/sMAontYZKDhA5B7WLc
bCTZN3DcrvHWjtk1tlDvhyaUoRuGXb9vGMO3lbhHrYALK+HIGoY0IcMtte/kH0cL
G7qG7GLwgbsp3KfpaRVlPpMeFKtfW7bXCZb/oBnpXIRTGQPKSYCguUT48L5zxOSy
L9vgJ73LO8Sq7zAoDls4sg2kCo6VzKNBDJjxinR+7KCdDzcxDPktyJB5FAx3bkRS
zKSaiiHbgh+mK7gnuBIrU9E80w2d2Agbs5HeA5f/uDsAXrNoHn7GN1IedQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI9w0BWdqq5w1RZzJ64m+UHvDx9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUWozRFFGWjJxcm5EVkZuTW5yaWI1UWU4UEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQw9MA0G
CSqGSIb3DQEBCwUAA4IBAQAzo6cJQhRKOZvdHxW74NR2f/P84mbamRW/W5Ouebe5
phJobyNF39Noe9hyNnRn9EKpxV9Ju9f623U21wCK1odxUUBuIpFX/EDaUwMUJ1XK
fgCcMRpitUwFiTkXTHX+eSol09qfULbTrDmR0PNfbn0o5Uu7gmsRvFdAN3qsDpZk
PiCaNaSBEcLQEw0fQH4Dff5MlxmpuRUQ7SGAFc9iQbN5c5b3+Kgy+aRV7VZr27L7
WK7bRzsspYDeBOVWb2eIs6ADwnv5e+g13sDZVObCpo9CPJNl30PYhPYEH08Q2LTw
c9oFbcK7iuMsubjDRz3xUWWLG9IUfYGtkYntyNAwEO8Y
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:56:26 2025 by rpki-client