Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VDhE2o3kzehO5TxmphT1yNjIaH0.roa
File: VDhE2o3kzehO5TxmphT1yNjIaH0.roa (raw, json)
Hash identifier: ntOLTQLj31+3MBuNyzAH1YaxjNsJfcNCNJympQW1Erk=
Subject key identifier: 54:38:44:DA:8D:E4:CD:E8:4E:E5:3C:66:A6:14:F5:C8:D8:C8:68:7D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F5CFED9A442C91D8480A08A22E3B86EF5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VDhE2o3kzehO5TxmphT1yNjIaH0.roa
Signing time: Thu 09 May 2024 10:55:56 +0000
ROA not before: Thu 09 May 2024 10:55:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131642
IP address blocks: 45.12.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 12 May 2024 06:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:fe:d9:a4:42:c9:1d:84:80:a0:8a:22:e3:b8:6e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 9 10:55:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=543844da8de4cde84ee53c66a614f5c8d8c8687d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:16:e1:11:59:4b:32:96:d5:0e:51:40:98:9d:
76:22:a4:99:ef:dc:33:cf:4b:23:90:f3:16:25:7f:
ed:a1:85:45:3d:c6:63:10:dc:81:15:56:df:c2:57:
01:e4:0a:e0:51:2e:d9:6f:22:f4:a0:55:71:18:ab:
cb:41:44:15:f1:5c:41:12:d1:8c:13:4c:dd:0d:52:
13:ee:6b:a0:02:07:89:f0:34:a7:2e:c1:be:32:5c:
9c:20:ab:03:d5:b9:af:d6:41:53:04:4f:dc:02:fc:
bb:e5:7b:29:66:5c:2f:e6:0a:38:28:6d:d7:55:48:
79:d3:2b:6a:9f:8d:ee:8e:f0:8f:10:67:fc:f6:be:
4b:ae:95:5d:94:7c:82:3b:61:ee:4d:8f:81:99:47:
25:06:db:89:22:e7:5e:6a:ad:26:2e:9e:84:fc:17:
56:d0:1d:ae:11:ff:cb:52:6c:b2:33:2b:ac:a1:bd:
60:0e:d8:c1:87:24:a8:ed:b0:bb:ed:cc:64:37:de:
bd:80:a1:67:61:6d:aa:d0:0e:da:84:21:c6:e5:b2:
56:37:43:21:96:da:93:a0:7b:14:fc:82:0a:1c:d3:
a4:96:9a:16:05:47:f9:6c:6e:83:bd:6b:6a:e1:86:
d8:cf:41:02:09:08:f8:27:5c:a9:97:91:b8:fb:18:
f4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:38:44:DA:8D:E4:CD:E8:4E:E5:3C:66:A6:14:F5:C8:D8:C8:68:7D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VDhE2o3kzehO5TxmphT1yNjIaH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.62.0/23
Signature Algorithm: sha256WithRSAEncryption
65:8d:02:13:9f:43:a8:d1:16:91:91:a6:4d:70:94:52:7c:44:
7e:57:52:04:64:35:2c:b4:8b:0a:7e:52:d5:a1:d9:34:ff:d7:
73:e8:92:7c:e3:7f:33:28:24:85:bb:f0:fc:30:a8:e9:66:60:
75:61:74:15:7a:5c:1f:69:21:ee:5c:79:cd:95:a0:06:56:1c:
19:14:a5:ee:6b:b1:f8:e5:fc:8e:a8:ac:b6:c4:99:37:9d:e8:
8f:67:c2:8c:6a:3f:44:7a:1a:1e:1b:e0:e4:b9:64:d2:f8:3c:
31:02:03:4a:c9:6e:97:90:c8:55:ba:b0:12:94:d7:57:47:40:
a4:94:af:d2:35:a3:b6:b0:60:b9:69:98:04:f0:c8:bd:f1:97:
0b:c4:49:42:41:1a:fc:7b:04:54:17:d8:a3:76:3d:5b:3c:d3:
fc:c1:15:2c:c4:8b:f5:2b:97:52:2c:4d:81:ee:f2:78:c4:f4:
5f:07:a1:99:5c:ad:ee:21:7f:75:58:29:37:98:47:e4:67:b8:
6e:ef:0f:fe:2d:18:b0:a0:c3:80:7a:ba:48:76:5c:3a:ba:31:
63:97:bf:c5:18:d0:26:56:cd:bc:f2:89:b3:fb:41:16:12:bc:
ee:60:f8:b0:f7:9c:3f:65:de:e8:f4:90:02:38:e9:01:8b:f8:
c7:c1:b2:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9c/tmkQskdhICgiiLjuG71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTA5MTA1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM4NDRkYThkZTRjZGU4NGVlNTNjNjZhNjE0ZjVjOGQ4Yzg2ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhbhEVlLMpbVDlFAmJ12IqSZ79wz
z0sjkPMWJX/toYVFPcZjENyBFVbfwlcB5ArgUS7ZbyL0oFVxGKvLQUQV8VxBEtGM
E0zdDVIT7mugAgeJ8DSnLsG+MlycIKsD1bmv1kFTBE/cAvy75XspZlwv5go4KG3X
VUh50ytqn43ujvCPEGf89r5LrpVdlHyCO2HuTY+BmUclBtuJIudeaq0mLp6E/BdW
0B2uEf/LUmyyMyusob1gDtjBhySo7bC77cxkN969gKFnYW2q0A7ahCHG5bJWN0Mh
ltqToHsU/IIKHNOklpoWBUf5bG6DvWtq4YbYz0ECCQj4J1ypl5G4+xj0AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ4RNqN5M3oTuU8ZqYU9cjYyGh9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVkRoRTJvM2t6ZWhPNVR4bXBoVDF5TmpJYUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQw+MA0G
CSqGSIb3DQEBCwUAA4IBAQBljQITn0Oo0RaRkaZNcJRSfER+V1IEZDUstIsKflLV
odk0/9dz6JJ8438zKCSFu/D8MKjpZmB1YXQVelwfaSHuXHnNlaAGVhwZFKXua7H4
5fyOqKy2xJk3neiPZ8KMaj9EehoeG+DkuWTS+DwxAgNKyW6XkMhVurASlNdXR0Ck
lK/SNaO2sGC5aZgE8Mi98ZcLxElCQRr8ewRUF9ijdj1bPNP8wRUsxIv1K5dSLE2B
7vJ4xPRfB6GZXK3uIX91WCk3mEfkZ7hu7w/+LRiwoMOAerpIdlw6ujFjl7/FGNAm
Vs288omz+0EWErzuYPiw95w/Zd7o9JACOOkBi/jHwbId
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:41:48 2025 by rpki-client