Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rhPp1Df35bs5SqHmtrCUfZk0_xA.roa
File: rhPp1Df35bs5SqHmtrCUfZk0_xA.roa (raw, json)
Hash identifier: gLGzvthFbrwV/Hdgk3Hh3/rJB8axY+ByZz1TAd+9APg=
Subject key identifier: AE:13:E9:D4:37:F7:E5:BB:39:4A:A1:E6:B6:B0:94:7D:99:34:FF:10
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC2AAF3FDF582E003E772F4DD291A7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rhPp1Df35bs5SqHmtrCUfZk0_xA.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
2a0e:2240::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Jan 2024 07:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2a:af:3f:df:58:2e:00:3e:77:2f:4d:d2:91:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae13e9d437f7e5bb394aa1e6b6b0947d9934ff10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a9:c6:b7:d0:7c:b6:02:12:ce:5f:b6:da:d4:
8e:29:5f:55:a0:67:1a:25:0c:14:c1:e7:35:b1:6f:
3e:06:b8:a2:2f:65:35:03:1a:2a:b7:f0:22:03:43:
99:90:c7:35:84:ab:87:d3:0c:19:20:a4:dd:5d:6f:
ae:e9:a2:75:5b:01:e7:be:2d:02:9c:ea:b3:54:ef:
6c:8a:34:4c:97:86:09:cd:1f:5e:2f:47:82:08:27:
38:e1:c2:86:4f:a7:d0:03:8b:65:23:21:07:ce:fa:
25:06:d2:bc:a8:58:a1:95:21:1b:58:f9:9d:5c:79:
50:f0:04:72:fe:36:4c:21:84:71:61:1a:d0:f6:bd:
1a:6f:f3:17:1e:82:3c:fe:92:01:eb:dc:61:ee:5f:
02:52:d5:01:7e:c2:bb:c7:c4:24:b4:a1:15:f2:68:
2c:9b:a7:86:62:e0:67:aa:c5:02:b4:5c:bf:57:d3:
5a:cd:43:fa:7a:d3:7d:c8:92:e9:3a:5d:09:48:af:
f3:a7:12:35:a6:bb:ca:70:23:dc:bc:db:6c:d7:4e:
79:9a:91:6d:04:24:31:60:3a:cd:94:93:90:a0:1c:
6e:00:89:51:78:59:ac:32:2f:b4:b3:07:bd:c2:55:
42:5c:1e:9a:a8:00:97:27:70:83:28:f7:57:c2:87:
af:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:13:E9:D4:37:F7:E5:BB:39:4A:A1:E6:B6:B0:94:7D:99:34:FF:10
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rhPp1Df35bs5SqHmtrCUfZk0_xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
IPv6:
2a0e:2240::/29
Signature Algorithm: sha256WithRSAEncryption
01:0b:4c:21:7f:31:bd:26:14:e4:d1:81:8a:9a:66:e1:41:0b:
fe:73:f0:d5:9d:70:92:65:c3:64:fa:18:3f:52:a1:0e:6f:ac:
9b:53:54:6e:ca:d1:4d:d8:52:8f:29:e9:a2:fb:fc:19:0e:14:
3f:4b:8a:cd:f3:a2:22:28:34:21:12:5d:76:bd:b6:d8:84:78:
a4:0b:c6:24:f4:33:77:06:ad:af:06:49:57:49:46:0b:92:d5:
d0:48:43:66:c5:d6:28:ed:f8:88:b5:51:82:59:b3:01:af:99:
bc:b3:cf:35:c1:0c:34:70:68:ac:70:8a:a0:c4:fb:fe:14:8d:
67:83:b3:e5:d9:f4:c1:16:df:91:44:ff:b5:de:4c:f9:7c:c1:
56:04:b7:fb:f2:97:61:ee:48:43:a1:e7:82:93:aa:70:f6:a4:
1b:9a:0d:9f:54:9b:27:37:90:a3:24:d5:c4:90:21:c0:ff:d1:
36:f9:8b:c9:f1:2e:c1:b1:0f:35:5b:94:80:c7:1a:2d:a6:f1:
15:65:a4:38:a7:0e:54:4c:21:83:93:4d:64:19:4c:6e:ad:14:
b8:52:72:0e:de:b4:a2:7e:0c:0c:f9:9c:f5:58:36:b8:da:9d:
6b:fb:7a:f8:ac:b7:94:70:3c:61:a0:9c:e3:d2:07:9b:62:06:
fc:62:97:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvCqvP99YLgA+dy9N0pGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEzZTlkNDM3ZjdlNWJiMzk0YWExZTZiNmIwOTQ3ZDk5MzRmZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhanGt9B8tgISzl+22tSOKV9VoGca
JQwUwec1sW8+BriiL2U1Axoqt/AiA0OZkMc1hKuH0wwZIKTdXW+u6aJ1WwHnvi0C
nOqzVO9sijRMl4YJzR9eL0eCCCc44cKGT6fQA4tlIyEHzvolBtK8qFihlSEbWPmd
XHlQ8ARy/jZMIYRxYRrQ9r0ab/MXHoI8/pIB69xh7l8CUtUBfsK7x8QktKEV8mgs
m6eGYuBnqsUCtFy/V9NazUP6etN9yJLpOl0JSK/zpxI1prvKcCPcvNts1055mpFt
BCQxYDrNlJOQoBxuAIlReFmsMi+0swe9wlVCXB6aqACXJ3CDKPdXwoevCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK4T6dQ39+W7OUqh5rawlH2ZNP8QMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcmhQcDFEZjM1YnM1U3FIbXRyQ1VmWmswX3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYBPAwQA
LY2yAwQAXb72MA0EAgACMAcDBQMqDiJAMA0GCSqGSIb3DQEBCwUAA4IBAQABC0wh
fzG9JhTk0YGKmmbhQQv+c/DVnXCSZcNk+hg/UqEOb6ybU1RuytFN2FKPKemi+/wZ
DhQ/S4rN86IiKDQhEl12vbbYhHikC8Yk9DN3Bq2vBklXSUYLktXQSENmxdYo7fiI
tVGCWbMBr5m8s881wQw0cGiscIqgxPv+FI1ng7Pl2fTBFt+RRP+13kz5fMFWBLf7
8pdh7khDoeeCk6pw9qQbmg2fVJsnN5CjJNXEkCHA/9E2+YvJ8S7BsQ81W5SAxxot
pvEVZaQ4pw5UTCGDk01kGUxurRS4UnIO3rSifgwM+Zz1WDa42p1r+3r4rLeUcDxh
oJzj0gebYgb8Ypdq
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:25 2025 by rpki-client