Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x_bMfNdOPlDnlgH6WqbGrBPMHs4.roa
File: x_bMfNdOPlDnlgH6WqbGrBPMHs4.roa (raw, json)
Hash identifier: +pVRptILCMr/A8hW+k+W0Y23fDouV1Ve1B8T8Jgk0a8=
Subject key identifier: C7:F6:CC:7C:D7:4E:3E:50:E7:96:01:FA:5A:A6:C6:AC:13:CC:1E:CE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019533BA017BC331F408DF82B193030EB6A1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x_bMfNdOPlDnlgH6WqbGrBPMHs4.roa
Signing time: Sun 23 Feb 2025 16:53:02 +0000
ROA not before: Sun 23 Feb 2025 16:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199524
IP address blocks: 45.142.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 15:58:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:33:ba:01:7b:c3:31:f4:08:df:82:b1:93:03:0e:b6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 23 16:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7f6cc7cd74e3e50e79601fa5aa6c6ac13cc1ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a7:2e:ce:d8:7d:91:7c:5b:96:f0:29:be:47:
72:9f:7b:6d:0f:d2:89:3a:bf:00:5b:5e:ea:27:1f:
d3:b9:50:c4:0f:46:24:48:d7:20:e8:f4:c5:62:62:
5f:3b:d3:d1:70:2b:eb:01:3f:e9:aa:87:65:49:37:
07:6d:b5:f7:de:61:fb:8e:63:4e:ba:f2:b7:d2:d3:
03:ad:21:79:81:a9:4c:67:f0:2f:fa:18:db:cb:f9:
99:be:42:3d:09:b8:18:97:bd:50:41:7b:6d:c2:29:
56:58:db:4e:7f:0e:ca:dc:d3:0b:8f:ef:3b:9f:ca:
89:7a:40:c5:f5:f6:f7:b9:93:ea:06:b3:71:8a:ba:
73:4a:be:48:b2:94:58:7d:cd:d0:84:1d:b2:9e:67:
5e:90:49:c0:ad:84:6a:f4:45:ad:12:9f:d2:fc:e2:
8c:75:28:2a:eb:02:5d:26:01:ff:15:c7:b1:9e:84:
81:14:1e:32:26:6f:00:e8:fa:66:c1:3d:5b:3c:94:
ad:dd:26:69:87:96:38:cc:8a:d2:b5:eb:06:1e:28:
52:f6:67:6c:65:fe:7b:dc:7e:02:44:29:1f:68:80:
f1:4d:d6:d8:b2:65:e9:ad:dc:58:e4:36:60:5f:1b:
b5:d5:73:1e:54:4b:8d:01:bc:15:db:78:b0:ff:07:
54:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F6:CC:7C:D7:4E:3E:50:E7:96:01:FA:5A:A6:C6:AC:13:CC:1E:CE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x_bMfNdOPlDnlgH6WqbGrBPMHs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.28.0/24
Signature Algorithm: sha256WithRSAEncryption
37:16:a4:a3:29:bf:0c:3a:60:9e:92:d2:ef:15:49:41:e0:32:
ed:30:e9:3c:f3:36:a8:e3:cd:f6:1c:eb:11:5a:07:69:d3:1f:
e2:46:b9:98:a5:8d:bf:b2:8d:11:a3:93:cc:78:65:0e:0a:56:
06:4e:1d:9d:0a:08:1f:21:dd:f2:24:32:2f:83:ae:ad:a8:59:
dc:d9:ac:f6:aa:ae:2a:3c:75:3c:7e:14:b3:e3:e1:6c:6e:71:
64:b2:37:d8:89:90:32:17:cf:4a:3f:85:87:df:ec:d9:93:6e:
a8:c6:fd:6e:9d:7d:71:3b:00:c8:35:d5:76:77:03:3b:d2:9c:
87:f9:be:ec:be:17:9e:fb:cb:60:93:72:d4:70:c6:ef:00:c2:
5e:d7:3d:72:0c:1d:34:a2:d4:10:32:aa:03:dd:93:95:51:74:
8a:d1:a0:c1:55:d9:31:ed:1e:d9:77:fc:df:b8:c4:cf:54:5a:
fe:cb:be:8d:d9:e6:4b:aa:d9:6e:c5:57:03:7f:cb:3a:3a:be:
f5:8a:dd:25:8e:9e:0c:41:72:17:26:68:f5:7f:7b:47:64:49:
5d:a9:55:7a:85:4a:2c:a8:9b:08:4e:db:b9:4a:54:39:4a:b0:
4e:51:e1:79:8a:17:0d:c6:f9:28:06:fe:bd:b9:be:72:4e:71:
13:b9:c6:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUzugF7wzH0CN+CsZMDDrahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjIzMTY1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y2Y2M3Y2Q3NGUzZTUwZTc5NjAxZmE1YWE2YzZhYzEzY2MxZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKcuzth9kXxblvApvkdyn3ttD9KJ
Or8AW17qJx/TuVDED0YkSNcg6PTFYmJfO9PRcCvrAT/pqodlSTcHbbX33mH7jmNO
uvK30tMDrSF5galMZ/Av+hjby/mZvkI9CbgYl71QQXttwilWWNtOfw7K3NMLj+87
n8qJekDF9fb3uZPqBrNxirpzSr5IspRYfc3QhB2ynmdekEnArYRq9EWtEp/S/OKM
dSgq6wJdJgH/FcexnoSBFB4yJm8A6PpmwT1bPJSt3SZph5Y4zIrStesGHihS9mds
Zf573H4CRCkfaIDxTdbYsmXprdxY5DZgXxu11XMeVEuNAbwV23iw/wdU/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMf2zHzXTj5Q55YB+lqmxqwTzB7OMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveF9iTWZOZE9QbERubGdINldxYkdyQlBNSHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4cMA0G
CSqGSIb3DQEBCwUAA4IBAQA3FqSjKb8MOmCektLvFUlB4DLtMOk88zao4832HOsR
Wgdp0x/iRrmYpY2/so0Ro5PMeGUOClYGTh2dCggfId3yJDIvg66tqFnc2az2qq4q
PHU8fhSz4+FsbnFksjfYiZAyF89KP4WH3+zZk26oxv1unX1xOwDINdV2dwM70pyH
+b7svhee+8tgk3LUcMbvAMJe1z1yDB00otQQMqoD3ZOVUXSK0aDBVdkx7R7Zd/zf
uMTPVFr+y76N2eZLqtluxVcDf8s6Or71it0ljp4MQXIXJmj1f3tHZEldqVV6hUos
qJsITtu5SlQ5SrBOUeF5ihcNxvkoBv69ub5yTnETuca3
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:48 2025 by rpki-client