Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oRisNFVeCx7ujRq4UCdIvNsIiMg.roa
File: oRisNFVeCx7ujRq4UCdIvNsIiMg.roa (raw, json)
Hash identifier: llYuMD3nJgZP6HJdJrQE7f/rB3rDoX7n5iM8nlcap6g=
Subject key identifier: A1:18:AC:34:55:5E:0B:1E:EE:8D:1A:B8:50:27:48:BC:DB:08:88:C8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01922D1F261B0D8C3542BD8AAECAF33F8A41
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oRisNFVeCx7ujRq4UCdIvNsIiMg.roa
Signing time: Thu 26 Sep 2024 06:57:48 +0000
ROA not before: Thu 26 Sep 2024 06:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.9.117.0/24 maxlen: 24
45.128.78.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 10:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:1f:26:1b:0d:8c:35:42:bd:8a:ae:ca:f3:3f:8a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 26 06:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a118ac34555e0b1eee8d1ab8502748bcdb0888c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:bc:cb:f3:0c:94:b4:af:e3:ce:b4:ef:a5:
df:63:93:b0:3c:04:30:93:05:0e:28:d4:d1:96:52:
2d:5e:fc:2a:bf:13:39:f0:3a:a6:fd:98:22:ea:df:
7b:e6:56:14:b9:19:f5:54:fd:7b:cf:cf:08:df:b4:
76:cc:21:3c:fb:74:d1:7f:a6:65:02:8b:08:ec:5b:
4d:0a:93:a1:07:90:37:12:72:67:af:83:ea:f6:1c:
48:d8:3a:52:06:1e:ce:d4:0a:c5:ab:12:fa:f3:d3:
cb:0f:f0:32:4f:6d:52:94:72:16:3d:84:1c:fe:0c:
e2:dd:dd:54:cb:35:11:e0:23:ce:c2:ab:41:59:1b:
a1:0f:b4:3e:ce:4d:8a:dc:e8:97:c6:a5:69:83:67:
50:8c:31:26:4c:7d:5b:c4:7f:69:35:e2:5f:a5:30:
a9:72:18:68:7b:38:46:45:39:4e:80:27:48:22:b3:
75:34:99:c2:39:36:12:50:ee:0a:6c:b4:90:b7:f2:
59:52:86:6a:8f:96:b1:da:af:f7:9b:ad:3d:0d:6e:
8b:ad:c1:4c:06:c1:ce:8c:84:d4:da:3e:5d:71:c8:
40:d9:35:de:ce:1a:04:72:36:7a:fd:53:47:ff:4f:
cf:70:4d:b4:65:cb:5d:a5:6e:7e:c6:78:9f:5e:ca:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:18:AC:34:55:5E:0B:1E:EE:8D:1A:B8:50:27:48:BC:DB:08:88:C8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oRisNFVeCx7ujRq4UCdIvNsIiMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.128.78.0/24
45.131.215.0/24
45.137.81.0/24
103.114.43.0/24
185.155.200.0/24
Signature Algorithm: sha256WithRSAEncryption
76:3c:74:90:a8:88:f7:f3:e9:5b:6b:24:33:cc:23:4e:ff:11:
cf:74:e8:aa:88:e9:f3:49:82:3d:f7:4d:94:e3:97:1e:93:8d:
84:0f:4e:d0:a9:a0:e5:b7:e2:9a:cf:bc:84:bc:5c:03:ce:df:
2e:ba:d2:d3:83:cd:2e:ff:e9:7c:90:82:1e:f8:ab:2b:1b:b5:
d3:bd:31:29:8c:3a:c5:df:2d:12:42:97:7a:f6:cc:bd:21:11:
ad:06:33:4e:b2:0a:3c:69:2c:02:81:df:9f:05:7a:3a:01:b6:
8d:42:78:de:a3:a1:0d:2b:3f:82:ee:07:4a:1c:dc:69:12:46:
c3:3a:e9:82:ec:95:69:b1:67:c6:51:52:57:df:ad:74:15:67:
9c:ac:25:a9:1f:11:ec:74:59:f5:65:c9:7d:66:ba:f2:c2:fe:
8e:1d:ba:9a:2e:76:ac:58:7f:e7:24:34:1c:bd:5d:65:0f:b5:
59:d0:81:b1:a7:ee:9e:98:ab:c7:db:7a:9b:47:ee:d2:c4:f2:
e7:3a:aa:26:90:ad:03:a5:5a:ac:da:c2:39:3c:68:c3:6e:ca:
75:73:11:2a:1c:3d:43:36:86:ca:d9:95:4e:ad:72:8f:f8:23:
11:d7:c7:50:55:f3:c8:17:94:c6:0f:1e:f7:06:91:29:87:c3:
39:85:74:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZItHyYbDYw1Qr2KrsrzP4pBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTI2MDY1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE4YWMzNDU1NWUwYjFlZWU4ZDFhYjg1MDI3NDhiY2RiMDg4OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv568y/MMlLSv486076XfY5OwPAQw
kwUOKNTRllItXvwqvxM58Dqm/Zgi6t975lYUuRn1VP17z88I37R2zCE8+3TRf6Zl
AosI7FtNCpOhB5A3EnJnr4Pq9hxI2DpSBh7O1ArFqxL689PLD/AyT21SlHIWPYQc
/gzi3d1UyzUR4CPOwqtBWRuhD7Q+zk2K3OiXxqVpg2dQjDEmTH1bxH9pNeJfpTCp
chhoezhGRTlOgCdIIrN1NJnCOTYSUO4KbLSQt/JZUoZqj5ax2q/3m609DW6LrcFM
BsHOjITU2j5dcchA2TXezhoEcjZ6/VNH/0/PcE20ZctdpW5+xnifXsqqAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKEYrDRVXgse7o0auFAnSLzbCIjIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb1Jpc05GVmVDeDd1alJxNFVDZEl2TnNJaU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQl1AwQA
LYBOAwQALYPXAwQALYlRAwQAZ3IrAwQAuZvIMA0GCSqGSIb3DQEBCwUAA4IBAQB2
PHSQqIj38+lbayQzzCNO/xHPdOiqiOnzSYI9902U45cek42ED07QqaDlt+Kaz7yE
vFwDzt8uutLTg80u/+l8kIIe+KsrG7XTvTEpjDrF3y0SQpd69sy9IRGtBjNOsgo8
aSwCgd+fBXo6AbaNQnjeo6ENKz+C7gdKHNxpEkbDOumC7JVpsWfGUVJX3610FWec
rCWpHxHsdFn1Zcl9Zrrywv6OHbqaLnasWH/nJDQcvV1lD7VZ0IGxp+6emKvH23qb
R+7SxPLnOqomkK0DpVqs2sI5PGjDbsp1cxEqHD1DNobK2ZVOrXKP+CMR18dQVfPI
F5TGDx73BpEph8M5hXT4
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:16 2025 by rpki-client