Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ryjcm6ZFH-x7WUse-lsGnjM-SrU.roa
File: Ryjcm6ZFH-x7WUse-lsGnjM-SrU.roa (raw, json)
Hash identifier: Uj6nqlGUpPvNPv/NXGR5JG/7INDgZeYE2036JfBsr1c=
Subject key identifier: 47:28:DC:9B:A6:45:1F:EC:7B:59:4B:1E:FA:5B:06:9E:33:3E:4A:B5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FD77DF6EAC29D42394447E9738054EE88
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ryjcm6ZFH-x7WUse-lsGnjM-SrU.roa
Signing time: Sun 02 Jun 2024 05:48:27 +0000
ROA not before: Sun 02 Jun 2024 05:48:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a0e:1a81:1::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a0f:7d04:aa12::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 08:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d7:7d:f6:ea:c2:9d:42:39:44:47:e9:73:80:54:ee:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 2 05:48:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4728dc9ba6451fec7b594b1efa5b069e333e4ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:a2:16:1d:bf:34:00:f2:be:bd:a5:a9:c3:
86:d6:a3:3a:65:19:57:29:f1:27:cc:52:90:d4:4c:
39:1b:d7:d4:61:f4:69:d7:6d:b4:16:e1:4a:3d:fa:
21:81:99:7d:4f:ef:d8:fb:33:34:50:cf:4a:97:9d:
20:5d:6e:43:67:9e:a9:df:7c:bd:8c:75:a6:74:13:
1f:a9:3f:20:db:17:aa:c3:80:81:4d:62:82:1b:48:
03:76:ca:d6:e8:b0:af:2e:20:5c:fb:3f:1e:ce:7a:
72:95:d5:3b:c1:97:6a:11:9b:ed:3f:2e:49:16:eb:
85:d9:98:77:37:08:03:43:c5:f6:ed:e7:94:c5:34:
d7:75:c5:59:fa:c8:46:8b:85:5d:f6:e5:8c:2f:9d:
70:34:80:54:12:a5:d5:3d:08:37:02:99:68:09:94:
c5:9b:4c:00:6e:b0:9f:48:b4:c2:d1:54:c6:57:f2:
18:d4:92:bb:df:f3:a1:46:34:f9:7e:3c:cb:d5:a6:
56:92:b2:70:eb:c5:a9:18:99:2e:fc:ca:8a:92:53:
20:27:b9:37:3a:fc:bd:ff:13:0b:5a:d3:53:1c:6d:
fa:c0:5f:b2:dd:a5:ed:d1:4d:6e:b7:69:6e:ca:b6:
2e:67:4d:89:e4:36:4b:0c:e1:f9:99:83:7b:5a:5b:
2d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:28:DC:9B:A6:45:1F:EC:7B:59:4B:1E:FA:5B:06:9E:33:3E:4A:B5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ryjcm6ZFH-x7WUse-lsGnjM-SrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0e:1a81:1::/48
2a0f:7d01::/32
2a0f:7d04:aa12::/48
Signature Algorithm: sha256WithRSAEncryption
ac:02:c7:d9:f3:18:ef:42:d5:ba:6c:81:fe:89:e2:62:b2:96:
ca:88:44:cc:d7:f8:53:b6:8e:61:c3:3e:6d:96:49:41:b4:da:
ab:ad:a3:d5:da:a7:e5:d4:b4:77:b0:1a:32:d8:8b:9e:34:7a:
d0:b6:83:b2:b6:10:51:bd:3a:65:3e:00:ce:5c:d0:f0:75:12:
bd:19:24:f6:fa:88:b5:86:36:bb:a1:26:ab:7a:04:17:aa:28:
35:37:6a:3b:7f:d0:7b:29:65:ca:fa:f7:60:3b:97:a9:5a:7b:
70:7e:fe:a2:32:e1:e4:c4:33:72:c9:2d:f5:fd:54:b3:f6:a1:
80:31:d5:95:d2:2b:40:74:ab:77:b0:84:3d:38:3b:ff:3b:4e:
08:d5:68:00:6d:1c:e9:64:87:84:a5:f3:e7:a5:10:d1:41:82:
2e:68:81:bc:77:5e:88:87:2a:66:8d:c4:d7:72:3a:69:16:42:
66:11:33:23:70:ea:99:a7:84:26:14:e1:04:20:00:22:fe:12:
94:ef:eb:c2:57:b6:49:7c:2e:f8:f1:2a:1a:19:bb:d1:3f:31:
4c:9a:83:ca:6d:68:9b:4c:72:21:be:21:af:b3:08:3b:33:5c:
cd:13:0c:b2:6b:8a:76:fd:e7:d4:a7:f4:05:1b:24:08:53:49:
80:c9:be:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY/Xffbqwp1COURH6XOAVO6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjAyMDU0ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI4ZGM5YmE2NDUxZmVjN2I1OTRiMWVmYTViMDY5ZTMzM2U0YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSaiFh2/NADyvr2lqcOG1qM6ZRlX
KfEnzFKQ1Ew5G9fUYfRp1220FuFKPfohgZl9T+/Y+zM0UM9Kl50gXW5DZ56p33y9
jHWmdBMfqT8g2xeqw4CBTWKCG0gDdsrW6LCvLiBc+z8eznpyldU7wZdqEZvtPy5J
FuuF2Zh3NwgDQ8X27eeUxTTXdcVZ+shGi4Vd9uWML51wNIBUEqXVPQg3AploCZTF
m0wAbrCfSLTC0VTGV/IY1JK73/OhRjT5fjzL1aZWkrJw68WpGJku/MqKklMgJ7k3
Ovy9/xMLWtNTHG36wF+y3aXt0U1ut2luyrYuZ02J5DZLDOH5mYN7Wlst7wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEco3JumRR/se1lLHvpbBp4zPkq1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUnlqY202WkZILXg3V1VzZS1sc0duak0tU3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MB8EAgACMBkDBwAqDhqBAAEDBQAqD30BAwcAKg99BKoSMA0GCSqG
SIb3DQEBCwUAA4IBAQCsAsfZ8xjvQtW6bIH+ieJispbKiETM1/hTto5hwz5tlklB
tNqrraPV2qfl1LR3sBoy2IueNHrQtoOythBRvTplPgDOXNDwdRK9GST2+oi1hja7
oSaregQXqig1N2o7f9B7KWXK+vdgO5epWntwfv6iMuHkxDNyyS31/VSz9qGAMdWV
0itAdKt3sIQ9ODv/O04I1WgAbRzpZIeEpfPnpRDRQYIuaIG8d16IhypmjcTXcjpp
FkJmETMjcOqZp4QmFOEEIAAi/hKU7+vCV7ZJfC748SoaGbvRPzFMmoPKbWibTHIh
viGvswg7M1zNEwyya4p2/efUp/QFGyQIU0mAyb71
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:22 2025 by rpki-client