Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pADF0i9yGP0Sah9CYBEQuJzCil4.roa
File: pADF0i9yGP0Sah9CYBEQuJzCil4.roa (raw, json)
Hash identifier: 9OpDxyAO3SdtJniL4+5dzQ8w9ne+J/0kYsHkEWq+khg=
Subject key identifier: A4:00:C5:D2:2F:72:18:FD:12:6A:1F:42:60:11:10:B8:9C:C2:8A:5E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194F9420BC0B1090B8E84755B0ADB51DA9E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pADF0i9yGP0Sah9CYBEQuJzCil4.roa
Signing time: Wed 12 Feb 2025 08:24:02 +0000
ROA not before: Wed 12 Feb 2025 08:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.87.243.0/24 maxlen: 24
2a09:17c0:1000::/48 maxlen: 48
2a0a:2d02::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Feb 2025 14:14:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:42:0b:c0:b1:09:0b:8e:84:75:5b:0a:db:51:da:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 12 08:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a400c5d22f7218fd126a1f42601110b89cc28a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:da:08:68:26:cf:92:df:00:95:c8:29:5b:
f9:85:cc:e4:20:b2:90:ca:9d:5f:d7:91:75:19:5a:
3b:83:2f:f0:04:62:3c:d1:5e:68:f2:0c:8d:13:bc:
26:61:0e:45:40:fe:5c:3f:da:81:cb:3d:64:35:d7:
c9:73:6c:50:ab:aa:3d:96:fe:ce:1a:f9:7a:96:84:
80:b3:27:60:2a:1f:98:bc:ba:2f:0d:f4:07:4f:5d:
14:1a:90:c2:96:22:59:85:da:3e:c8:2d:0b:c4:0a:
09:93:f7:a9:e6:0c:64:0b:06:9f:95:a5:67:ee:6f:
16:3c:ed:aa:09:9d:19:ee:c8:c3:49:e2:33:a1:3b:
fb:a1:b9:96:e2:86:c6:18:9f:66:fd:46:f6:d5:33:
7b:67:fd:ea:f2:b7:0d:ee:71:b7:8c:82:24:f9:29:
5d:d7:32:97:88:60:94:b7:89:35:98:19:2e:e8:be:
e1:d6:ac:d1:4c:ae:5e:1a:d6:7b:ba:02:5e:f8:00:
b3:85:89:c8:d5:fa:72:90:16:c5:54:cb:78:2e:43:
d5:25:bc:bf:f1:81:a5:c4:9c:bb:11:c0:6d:4a:97:
e0:5d:4f:ac:d5:81:b8:3a:59:7a:58:b4:68:bf:70:
97:7f:51:47:a9:20:e5:e8:73:3a:52:fc:08:43:bf:
4b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:00:C5:D2:2F:72:18:FD:12:6A:1F:42:60:11:10:B8:9C:C2:8A:5E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pADF0i9yGP0Sah9CYBEQuJzCil4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.243.0/24
IPv6:
2a09:17c0:1000::/48
2a0a:2d02::/32
Signature Algorithm: sha256WithRSAEncryption
2b:7f:0e:a1:ea:c2:d8:6d:d6:4c:54:51:b8:7e:d4:59:17:1d:
c9:2d:32:99:8a:19:ab:7f:d5:af:92:00:7e:80:47:5b:ae:bf:
ef:3a:0b:a5:a8:12:fd:1c:69:15:6a:aa:dd:cb:88:d5:48:12:
5a:42:a5:0b:c3:94:ee:ac:55:4d:94:b3:ac:43:92:dd:6a:30:
d6:89:d4:20:ec:bb:a2:b9:96:4b:9a:0b:b6:5b:d5:cb:55:11:
da:d9:23:73:ab:98:13:77:57:d4:a0:11:38:f4:2d:b9:5c:9b:
5c:11:df:f5:a3:da:71:76:26:39:60:36:2d:3f:92:0c:03:0b:
85:46:a5:6b:c9:89:35:b2:59:80:07:27:c6:8a:90:88:c1:4e:
86:85:37:80:1c:14:a5:f6:f7:3b:c5:26:7d:c9:b3:28:0b:e6:
8e:dd:4c:90:22:3c:72:4d:51:e1:68:6b:f0:10:c3:c5:db:2e:
49:c6:f9:18:37:61:5e:a7:4d:a4:22:48:a3:ac:23:d8:c4:fb:
69:79:76:3c:b5:00:c9:51:86:20:8f:25:ab:d9:66:a5:61:83:
13:0e:7c:63:70:d2:30:77:71:33:79:e1:ca:3f:cd:15:a2:c5:
b3:4c:0c:7b:40:d5:89:c7:b3:08:91:b5:bc:e7:c1:95:86:45:
1c:f9:81:be
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZT5QgvAsQkLjoR1WwrbUdqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjEyMDgyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAwYzVkMjJmNzIxOGZkMTI2YTFmNDI2MDExMTBiODljYzI4YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKzaCGgmz5LfAJXIKVv5hczkILKQ
yp1f15F1GVo7gy/wBGI80V5o8gyNE7wmYQ5FQP5cP9qByz1kNdfJc2xQq6o9lv7O
Gvl6loSAsydgKh+YvLovDfQHT10UGpDCliJZhdo+yC0LxAoJk/ep5gxkCwaflaVn
7m8WPO2qCZ0Z7sjDSeIzoTv7obmW4obGGJ9m/Ub21TN7Z/3q8rcN7nG3jIIk+Sld
1zKXiGCUt4k1mBku6L7h1qzRTK5eGtZ7ugJe+ACzhYnI1fpykBbFVMt4LkPVJby/
8YGlxJy7EcBtSpfgXU+s1YG4Oll6WLRov3CXf1FHqSDl6HM6UvwIQ79LZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKQAxdIvchj9EmofQmARELicwopeMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcEFERjBpOXlHUDBTYWg5Q1lCRVF1SnpDaWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALVfzMBYE
AgACMBADBwAqCRfAEAADBQAqCi0CMA0GCSqGSIb3DQEBCwUAA4IBAQArfw6h6sLY
bdZMVFG4ftRZFx3JLTKZihmrf9WvkgB+gEdbrr/vOgulqBL9HGkVaqrdy4jVSBJa
QqULw5TurFVNlLOsQ5LdajDWidQg7LuiuZZLmgu2W9XLVRHa2SNzq5gTd1fUoBE4
9C25XJtcEd/1o9pxdiY5YDYtP5IMAwuFRqVryYk1slmAByfGipCIwU6GhTeAHBSl
9vc7xSZ9ybMoC+aO3UyQIjxyTVHhaGvwEMPF2y5JxvkYN2Fep02kIkijrCPYxPtp
eXY8tQDJUYYgjyWr2WalYYMTDnxjcNIwd3EzeeHKP80VosWzTAx7QNWJx7MIkbW8
58GVhkUc+YG+
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:10 2025 by rpki-client