Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZYmahyYIeJkWDj-BuA_q8TonCAc.roa
File: ZYmahyYIeJkWDj-BuA_q8TonCAc.roa (raw, json)
Hash identifier: 6eYgQilO0pl/mtamWTyM1Nq1cV7V/DIto4d5invRCIU=
Subject key identifier: 65:89:9A:87:26:08:78:99:16:0E:3F:81:B8:0F:EA:F1:3A:27:08:07
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F9A00F405B6AA1B0BDCF3C2E8DFEE0B6A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZYmahyYIeJkWDj-BuA_q8TonCAc.roa
Signing time: Tue 21 May 2024 07:15:04 +0000
ROA not before: Tue 21 May 2024 07:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.9.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:00:f4:05:b6:aa:1b:0b:dc:f3:c2:e8:df:ee:0b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 21 07:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65899a8726087899160e3f81b80feaf13a270807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:75:06:ab:c7:df:05:37:cd:97:78:5d:33:5b:
54:bd:7c:40:7e:1c:4d:32:90:da:6b:05:3e:15:de:
76:ab:fa:50:1b:16:a0:ad:a5:1f:db:0f:12:2f:7d:
84:a5:44:1e:f5:25:26:c8:4a:db:54:8a:76:53:6e:
c4:48:50:03:7b:95:28:02:cd:81:3a:3d:df:34:ff:
cc:20:57:33:56:dc:74:26:e3:74:00:91:6f:30:a9:
ea:4f:2e:d7:b4:65:7a:e2:4f:a9:ad:3b:58:46:63:
06:57:f1:54:b7:95:00:e6:8c:bf:3f:10:b7:08:09:
22:70:91:2d:9a:47:b8:cd:e4:3d:b5:f4:06:d4:8b:
ec:02:24:b7:79:6e:e2:01:63:6a:39:2d:8e:52:3c:
67:73:65:f9:d9:13:ea:3b:84:84:f5:d4:03:66:2a:
78:51:5c:f7:00:42:ac:55:d4:a9:42:ee:f7:2e:38:
01:54:fd:ac:2c:81:97:68:1f:ae:19:97:3d:2e:62:
2b:09:9c:08:da:38:50:4b:a5:ab:75:57:d0:bd:1e:
dd:ad:84:cb:32:c0:0e:74:77:de:82:c3:28:bf:f9:
74:5c:15:63:cb:db:fe:53:3c:31:0d:5d:22:ad:02:
3b:02:d1:6b:d1:12:3f:4c:bb:65:b9:a3:7a:ce:2c:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:89:9A:87:26:08:78:99:16:0E:3F:81:B8:0F:EA:F1:3A:27:08:07
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZYmahyYIeJkWDj-BuA_q8TonCAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
Signature Algorithm: sha256WithRSAEncryption
64:b5:f7:27:79:ac:eb:31:1b:53:b0:f1:67:16:d8:83:df:bf:
e3:7d:8f:5b:97:d6:c2:8b:e4:70:6f:7f:37:ea:78:0b:18:03:
31:d4:28:de:80:1b:e4:06:a0:5f:4d:da:94:ab:e0:92:e3:d8:
83:c9:cb:ed:fb:66:20:cf:65:07:00:3b:c5:3d:8b:c7:7b:91:
59:6b:ad:c0:5f:14:d5:94:0c:73:3e:bd:4d:c1:13:ea:8c:cf:
cd:72:94:3f:ce:b2:88:ba:3a:c6:35:53:a1:e6:55:5c:ff:3d:
a3:e0:da:c0:52:86:8f:0a:88:4e:b2:4d:e0:56:96:83:67:da:
97:40:5a:12:90:82:fd:67:63:39:28:a5:a6:09:09:a3:92:70:
f6:c4:15:94:f5:e5:75:6a:b2:96:74:ca:51:57:2c:fd:4e:0c:
a7:5f:4a:36:ff:80:8a:b2:08:17:bc:39:35:a2:17:d5:82:37:
f9:b2:98:b2:8b:23:f7:ec:72:d6:2a:ff:c0:fd:4a:9b:fd:f7:
a9:b5:2a:36:4a:0f:3d:a0:8b:bf:95:4e:f7:08:4b:33:f0:e7:
2c:d6:90:81:61:ba:8f:7d:df:e4:29:49:69:24:03:44:09:bc:
35:1f:60:2a:53:5f:79:fe:1d:e7:b6:2e:b7:d6:15:42:d8:96:
9a:6e:03:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+aAPQFtqobC9zzwujf7gtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTIxMDcxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg5OWE4NzI2MDg3ODk5MTYwZTNmODFiODBmZWFmMTNhMjcwODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HUGq8ffBTfNl3hdM1tUvXxAfhxN
MpDaawU+Fd52q/pQGxagraUf2w8SL32EpUQe9SUmyErbVIp2U27ESFADe5UoAs2B
Oj3fNP/MIFczVtx0JuN0AJFvMKnqTy7XtGV64k+prTtYRmMGV/FUt5UA5oy/PxC3
CAkicJEtmke4zeQ9tfQG1IvsAiS3eW7iAWNqOS2OUjxnc2X52RPqO4SE9dQDZip4
UVz3AEKsVdSpQu73LjgBVP2sLIGXaB+uGZc9LmIrCZwI2jhQS6WrdVfQvR7drYTL
MsAOdHfegsMov/l0XBVjy9v+UzwxDV0irQI7AtFr0RI/TLtluaN6ziyUfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWJmocmCHiZFg4/gbgP6vE6JwgHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWlltYWh5WUllSmtXRGotQnVBX3E4VG9uQ0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQl1MA0G
CSqGSIb3DQEBCwUAA4IBAQBktfcneazrMRtTsPFnFtiD37/jfY9bl9bCi+Rwb383
6ngLGAMx1CjegBvkBqBfTdqUq+CS49iDycvt+2Ygz2UHADvFPYvHe5FZa63AXxTV
lAxzPr1NwRPqjM/NcpQ/zrKIujrGNVOh5lVc/z2j4NrAUoaPCohOsk3gVpaDZ9qX
QFoSkIL9Z2M5KKWmCQmjknD2xBWU9eV1arKWdMpRVyz9TgynX0o2/4CKsggXvDk1
ohfVgjf5spiyiyP37HLWKv/A/Uqb/feptSo2Sg89oIu/lU73CEsz8Ocs1pCBYbqP
fd/kKUlpJANECbw1H2AqU195/h3nti631hVC2JaabgN4
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:13 2025 by rpki-client