Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/crD5jmi1yVJc4UHEe2XzyHQjrGU.roa
File: crD5jmi1yVJc4UHEe2XzyHQjrGU.roa (raw, json)
Hash identifier: eOb7U6xfFNYTA2W/UOw0gh/P4zK5+qHgbvFnXg9sTTU=
Subject key identifier: 72:B0:F9:8E:68:B5:C9:52:5C:E1:41:C4:7B:65:F3:C8:74:23:AC:65
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018DCFF4DC209749675E35E6FA681BF31212
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/crD5jmi1yVJc4UHEe2XzyHQjrGU.roa
Signing time: Thu 22 Feb 2024 08:35:47 +0000
ROA not before: Thu 22 Feb 2024 08:35:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a07:f300::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 27 Feb 2024 16:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:f4:dc:20:97:49:67:5e:35:e6:fa:68:1b:f3:12:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 22 08:35:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b0f98e68b5c9525ce141c47b65f3c87423ac65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:93:0b:fe:17:86:db:08:76:3b:57:70:b8:85:
4f:4a:35:f5:4f:d1:3b:03:20:a0:a0:a2:39:55:a0:
3b:65:2d:71:d0:4b:52:3f:bd:f0:5b:39:f5:3a:df:
cd:a9:ce:72:b0:44:58:b6:0a:83:14:ce:9b:87:73:
e1:46:af:7a:8e:58:68:c1:63:f0:48:9e:39:22:aa:
96:3e:d3:e0:10:6e:85:bb:3c:7b:f6:45:f5:00:c7:
6a:46:08:3b:a2:4e:e1:58:de:b0:c6:46:56:3c:6b:
bd:51:d8:f8:63:ca:0b:6b:52:7b:12:ad:55:4d:8c:
f7:22:dc:f3:6c:29:1a:25:14:bc:8a:74:b2:34:6d:
04:20:ee:ad:c3:b8:bb:1f:72:e0:21:e5:ef:05:13:
ae:b1:47:1c:99:a3:56:36:1a:a9:91:67:02:46:fd:
95:ea:ae:b2:b9:84:6b:45:61:fb:f2:8d:4b:e4:43:
8c:e3:b0:33:8c:8c:26:52:4e:f6:53:cc:66:c8:5b:
6e:64:72:42:3b:f6:28:67:a8:42:91:46:7e:59:c9:
ee:e8:ad:38:8e:fd:fb:4f:f3:45:b5:0b:05:65:dc:
16:61:d2:95:4f:06:b9:1f:d4:34:f9:0d:1d:e4:86:
9b:53:18:0b:fd:38:23:49:59:98:83:6d:59:66:63:
42:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:F9:8E:68:B5:C9:52:5C:E1:41:C4:7B:65:F3:C8:74:23:AC:65
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/crD5jmi1yVJc4UHEe2XzyHQjrGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a07:f300::/29
Signature Algorithm: sha256WithRSAEncryption
03:62:6b:88:df:71:8d:b9:13:50:4b:67:fe:3f:8b:21:e3:fd:
e7:c3:f1:48:40:af:ac:0b:c0:f7:ca:39:75:d5:8b:42:f4:6e:
5f:27:c6:78:e8:6f:66:7d:81:0d:24:03:11:c9:85:aa:74:d3:
91:a2:25:ed:03:e5:36:fc:34:0b:6f:72:0b:85:41:97:5f:99:
91:21:64:5a:a2:cb:6d:0a:fe:11:da:4e:a0:64:a8:33:a0:93:
64:2c:a5:46:ed:71:24:7a:af:7e:d0:74:82:5d:6a:da:97:1b:
28:ef:01:80:4c:aa:b0:bd:60:e2:b9:23:fe:89:3d:d4:6a:b4:
42:89:07:c6:f5:09:27:cf:26:f7:71:6f:ec:1a:20:3e:58:26:
f9:fc:c6:6b:ad:cf:1a:ee:98:f0:c3:9d:af:b6:37:ee:bf:33:
b1:a0:4b:d6:7c:71:c6:30:92:53:af:d0:48:3d:ee:92:a1:8b:
a9:7a:b7:22:72:a7:66:6c:6d:ad:4a:57:57:08:e0:f3:28:cc:
fa:2d:74:9b:ef:9a:bb:ae:f4:df:c5:93:56:b5:10:49:bb:0b:
7f:da:a9:fb:64:fd:eb:21:80:c3:04:59:4a:61:56:62:21:12:
2f:20:73:a6:90:4b:78:b0:93:43:8a:e5:8e:fc:32:54:c8:b6:
11:e9:13:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3P9Nwgl0lnXjXm+mgb8xISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjIyMDgzNTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIwZjk4ZTY4YjVjOTUyNWNlMTQxYzQ3YjY1ZjNjODc0MjNhYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpML/heG2wh2O1dwuIVPSjX1T9E7
AyCgoKI5VaA7ZS1x0EtSP73wWzn1Ot/Nqc5ysERYtgqDFM6bh3PhRq96jlhowWPw
SJ45IqqWPtPgEG6Fuzx79kX1AMdqRgg7ok7hWN6wxkZWPGu9Udj4Y8oLa1J7Eq1V
TYz3ItzzbCkaJRS8inSyNG0EIO6tw7i7H3LgIeXvBROusUccmaNWNhqpkWcCRv2V
6q6yuYRrRWH78o1L5EOM47AzjIwmUk72U8xmyFtuZHJCO/YoZ6hCkUZ+Wcnu6K04
jv37T/NFtQsFZdwWYdKVTwa5H9Q0+Q0d5IabUxgL/TgjSVmYg21ZZmNC7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHKw+Y5otclSXOFBxHtl88h0I6xlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvY3JENWptaTF5VkpjNFVIRWUyWHp5SFFqckdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MA0EAgACMAcDBQMqB/MAMA0GCSqGSIb3DQEBCwUAA4IBAQADYmuI
33GNuRNQS2f+P4sh4/3nw/FIQK+sC8D3yjl11YtC9G5fJ8Z46G9mfYENJAMRyYWq
dNORoiXtA+U2/DQLb3ILhUGXX5mRIWRaosttCv4R2k6gZKgzoJNkLKVG7XEkeq9+
0HSCXWralxso7wGATKqwvWDiuSP+iT3UarRCiQfG9Qknzyb3cW/sGiA+WCb5/MZr
rc8a7pjww52vtjfuvzOxoEvWfHHGMJJTr9BIPe6SoYupercicqdmbG2tSldXCODz
KMz6LXSb75q7rvTfxZNWtRBJuwt/2qn7ZP3rIYDDBFlKYVZiIRIvIHOmkEt4sJND
iuWO/DJUyLYR6RNw
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:06:10 2025 by rpki-client