Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dI-WXKK5OvVoJ9zv_JBI_gqFmF8.roa
File: dI-WXKK5OvVoJ9zv_JBI_gqFmF8.roa (raw, json)
Hash identifier: t0I+JHxury0I5+4KZLcxzNy92EasPf4hjCggkIg9CRI=
Subject key identifier: 74:8F:96:5C:A2:B9:3A:F5:68:27:DC:EF:FC:90:48:FE:0A:85:98:5F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427481D2DB7EDDCB3D5BA8BC527AAB00C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dI-WXKK5OvVoJ9zv_JBI_gqFmF8.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 31 Jan 2025 07:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1d:2d:b7:ed:dc:b3:d5:ba:8b:c5:27:aa:b0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=748f965ca2b93af56827dceffc9048fe0a85985f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0f:54:b2:08:89:cb:60:64:2f:b3:6e:9b:d2:
2a:0b:57:46:57:87:e6:17:9c:57:4e:57:33:2d:23:
02:c1:ad:7c:bb:42:35:c1:ab:cf:4c:a5:3e:1b:42:
bf:35:32:10:48:b1:e5:37:69:17:58:3e:23:31:49:
d1:1f:0e:0e:97:70:e0:16:cf:26:ef:ad:74:a6:15:
71:5f:ac:aa:ea:66:bf:fa:45:79:20:2a:86:52:4f:
a8:a3:df:c4:d8:f5:25:4f:8b:17:6a:b5:72:38:8a:
0a:ad:65:85:d1:d9:68:ce:6d:1e:1f:30:41:6b:75:
17:44:4d:06:74:df:be:6a:36:21:ae:81:4b:f8:6e:
48:6f:2e:fd:97:9a:98:bc:50:eb:68:f6:b0:5c:da:
ae:11:ab:e4:fd:20:1b:e8:c3:51:c6:df:a2:e2:82:
a7:95:22:fb:61:b2:7a:19:c1:ee:8f:f5:ae:96:ca:
cc:09:db:3c:7b:80:4a:55:41:1d:02:b9:11:d1:13:
f8:9b:2d:23:09:39:bb:4d:43:c2:40:b2:c5:47:18:
7a:8d:6e:30:b5:13:4c:c2:5e:d9:c2:a4:34:65:c1:
f2:98:a6:c1:3f:db:4b:56:ae:13:37:e9:cd:cd:30:
55:dd:e0:cb:e4:6f:eb:f0:3e:c6:e8:92:4f:b4:1f:
76:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8F:96:5C:A2:B9:3A:F5:68:27:DC:EF:FC:90:48:FE:0A:85:98:5F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dI-WXKK5OvVoJ9zv_JBI_gqFmF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.152.203.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
75:0f:a4:53:5f:3f:8c:f6:74:84:47:04:51:95:96:3a:d0:99:
b1:03:74:1f:9b:df:bf:71:ff:11:73:59:1b:92:6b:57:d5:87:
3d:48:25:7a:3a:24:82:29:45:d6:c2:52:62:bb:69:51:06:14:
48:97:7a:76:28:5b:11:34:31:fc:99:4a:3b:eb:26:85:22:aa:
4e:19:3f:f7:75:37:76:1a:56:7e:ac:2a:9c:b6:7b:0a:c3:18:
8e:8a:bf:84:eb:2a:2a:6f:84:3d:4e:4b:65:6c:ac:0d:12:66:
31:76:ad:b7:95:fe:ec:aa:ed:54:57:25:93:5a:4f:9c:3a:3f:
f2:d8:d8:5c:fc:c6:02:88:65:fb:57:fb:4e:15:73:19:13:d3:
65:2c:89:5a:1b:50:64:b2:9c:2c:05:a4:f3:ed:b3:58:9f:f5:
e7:02:4e:17:2a:70:15:cc:b3:42:9c:17:3b:6d:c9:14:3c:35:
3d:b1:8d:55:81:c9:fe:fb:87:42:02:e3:cc:68:9c:9d:f1:6e:
8f:a9:63:79:c7:ec:7d:0f:99:76:3b:80:02:3c:83:1a:ca:82:
6f:35:bf:ca:00:fc:a6:74:7f:55:69:79:73:7a:00:da:ed:4b:
53:9d:d6:72:ac:79:40:00:2e:41:95:c6:bb:68:51:b8:5d:ea:
b5:e5:1b:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQnSB0tt+3cs9W6i8UnqrAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhmOTY1Y2EyYjkzYWY1NjgyN2RjZWZmYzkwNDhmZTBhODU5ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Q9UsgiJy2BkL7Num9IqC1dGV4fm
F5xXTlczLSMCwa18u0I1wavPTKU+G0K/NTIQSLHlN2kXWD4jMUnRHw4Ol3DgFs8m
7610phVxX6yq6ma/+kV5ICqGUk+oo9/E2PUlT4sXarVyOIoKrWWF0dlozm0eHzBB
a3UXRE0GdN++ajYhroFL+G5Iby79l5qYvFDraPawXNquEavk/SAb6MNRxt+i4oKn
lSL7YbJ6GcHuj/WulsrMCds8e4BKVUEdArkR0RP4my0jCTm7TUPCQLLFRxh6jW4w
tRNMwl7ZwqQ0ZcHymKbBP9tLVq4TN+nNzTBV3eDL5G/r8D7G6JJPtB926QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHSPllyiuTr1aCfc7/yQSP4KhZhfMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZEktV1hLSzVPdlZvSjl6dl9KQklfZ3FGbUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAAjhmAwQA
AjsXAwQALZjLAwQAwSf0MA0EAgACMAcDBQMqD0oAMA0GCSqGSIb3DQEBCwUAA4IB
AQB1D6RTXz+M9nSERwRRlZY60JmxA3Qfm9+/cf8Rc1kbkmtX1Yc9SCV6OiSCKUXW
wlJiu2lRBhRIl3p2KFsRNDH8mUo76yaFIqpOGT/3dTd2GlZ+rCqctnsKwxiOir+E
6yoqb4Q9TktlbKwNEmYxdq23lf7squ1UVyWTWk+cOj/y2Nhc/MYCiGX7V/tOFXMZ
E9NlLIlaG1BkspwsBaTz7bNYn/XnAk4XKnAVzLNCnBc7bckUPDU9sY1Vgcn++4dC
AuPMaJyd8W6PqWN5x+x9D5l2O4ACPIMayoJvNb/KAPymdH9VaXlzegDa7UtTndZy
rHlAAC5Blca7aFG4Xeq15RuI
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:38:52 2025 by rpki-client