Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zU0f4qS78QXYu9KrW6vVs5rxzA4.roa
File: zU0f4qS78QXYu9KrW6vVs5rxzA4.roa (raw, json)
Hash identifier: qfFylhn8rHKQ5ouGGRUI7E5j7fXFSGTU/LdQ5Z2+zwQ=
Subject key identifier: CD:4D:1F:E2:A4:BB:F1:05:D8:BB:D2:AB:5B:AB:D5:B3:9A:F1:CC:0E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F9F1D3E9BC73EDDEFE0170FC37A7CA570
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zU0f4qS78QXYu9KrW6vVs5rxzA4.roa
Signing time: Wed 22 May 2024 07:04:04 +0000
ROA not before: Wed 22 May 2024 07:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a0e:1a81:1::/48 maxlen: 48
2a0f:7d04:aa12::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 05:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:1d:3e:9b:c7:3e:dd:ef:e0:17:0f:c3:7a:7c:a5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 22 07:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd4d1fe2a4bbf105d8bbd2ab5babd5b39af1cc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:9f:aa:1e:c7:02:6f:3a:93:26:f3:77:5f:
cb:20:c8:e0:d5:65:2e:b3:75:09:fd:84:07:7a:78:
6e:3e:e3:73:ef:05:82:c2:ac:3e:21:44:0b:ea:d6:
a1:d7:63:ea:08:16:07:e8:e3:b3:87:9a:45:29:52:
a4:80:db:19:1c:96:b8:84:5c:5c:c0:5c:47:d7:e2:
82:32:36:84:d8:eb:7a:ec:99:99:9c:71:37:44:c2:
3a:96:ec:38:e5:31:dd:af:57:35:30:00:fd:eb:78:
87:10:e7:e5:15:52:a8:70:79:69:d4:16:85:09:ff:
99:75:88:02:da:f2:0f:a4:42:37:b9:88:87:5d:a9:
10:95:75:28:b3:f0:3e:47:7f:ca:3a:99:96:87:94:
95:42:6b:fc:9a:4a:b0:6d:8a:01:91:ec:2a:92:74:
51:2c:1e:1b:32:02:89:d8:36:5d:2d:68:59:fd:b9:
48:3d:d0:71:da:10:aa:5a:1e:63:5a:20:2a:67:14:
9a:3a:ad:79:1e:45:53:aa:79:0d:f7:ef:62:82:1a:
6e:9b:6c:77:94:19:2a:80:fb:7a:c4:34:18:a6:54:
06:86:4d:5f:ed:53:eb:bf:a9:17:bc:89:c8:47:4a:
3b:2e:c2:84:d1:4d:5a:5e:32:a2:4b:c8:16:a8:e7:
dd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4D:1F:E2:A4:BB:F1:05:D8:BB:D2:AB:5B:AB:D5:B3:9A:F1:CC:0E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zU0f4qS78QXYu9KrW6vVs5rxzA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0e:1a81:1::/48
2a0f:7d04:aa12::/48
Signature Algorithm: sha256WithRSAEncryption
a2:78:85:b5:19:7b:00:29:36:c1:25:7a:2b:8a:8f:fa:99:21:
60:0f:c3:fc:87:37:50:32:db:ce:67:f1:c5:16:89:06:6f:86:
ff:de:7c:42:68:4e:68:2d:24:73:cc:9b:c1:3c:a5:5e:92:a6:
3c:4a:e9:e4:09:7b:82:79:d9:92:10:5b:72:12:a9:52:cd:1d:
4b:86:f7:8f:58:20:c7:a9:5d:45:68:b2:8f:66:aa:99:73:32:
82:1a:5e:04:fa:f3:f9:44:b2:99:53:63:97:bf:40:e8:d0:ca:
49:19:2d:81:db:df:3a:ef:95:12:f0:be:37:bf:cc:9b:fa:87:
fa:ee:16:b7:86:aa:9e:40:f0:d7:45:a1:2b:8a:b2:7a:b7:a7:
7f:d5:1f:50:1d:4f:9d:41:cf:b8:6f:69:80:2a:93:5c:cc:10:
98:8a:cc:14:25:59:c7:12:15:77:35:d8:89:e6:c2:9c:ad:dd:
d1:fa:44:ca:21:2e:bd:aa:c0:73:7d:74:01:8b:19:c6:df:9e:
2a:2f:11:58:4d:5c:92:c6:b4:7f:bb:c2:d3:84:10:d3:a6:50:
71:01:c0:31:56:a3:74:20:e7:07:08:6c:85:cf:2d:a1:9c:cd:
08:b3:f2:5c:97:9e:77:48:14:55:c6:15:72:f7:5d:37:89:1f:
52:08:e9:99
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY+fHT6bxz7d7+AXD8N6fKVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTIyMDcwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDRkMWZlMmE0YmJmMTA1ZDhiYmQyYWI1YmFiZDViMzlhZjFjYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp2fqh7HAm86kybzd1/LIMjg1WUu
s3UJ/YQHenhuPuNz7wWCwqw+IUQL6tah12PqCBYH6OOzh5pFKVKkgNsZHJa4hFxc
wFxH1+KCMjaE2Ot67JmZnHE3RMI6luw45THdr1c1MAD963iHEOflFVKocHlp1BaF
Cf+ZdYgC2vIPpEI3uYiHXakQlXUos/A+R3/KOpmWh5SVQmv8mkqwbYoBkewqknRR
LB4bMgKJ2DZdLWhZ/blIPdBx2hCqWh5jWiAqZxSaOq15HkVTqnkN9+9ighpum2x3
lBkqgPt6xDQYplQGhk1f7VPrv6kXvInIR0o7LsKE0U1aXjKiS8gWqOfdsQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFM1NH+Kku/EF2LvSq1ur1bOa8cwOMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvelUwZjRxUzc4UVhZdTlLclc2dlZzNXJ4ekE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBgEAgACMBIDBwAqDhqBAAEDBwAqD30EqhIwDQYJKoZIhvcNAQEL
BQADggEBAKJ4hbUZewApNsEleiuKj/qZIWAPw/yHN1Ay285n8cUWiQZvhv/efEJo
TmgtJHPMm8E8pV6SpjxK6eQJe4J52ZIQW3ISqVLNHUuG949YIMepXUVoso9mqplz
MoIaXgT68/lEsplTY5e/QOjQykkZLYHb3zrvlRLwvje/zJv6h/ruFreGqp5A8NdF
oSuKsnq3p3/VH1AdT51Bz7hvaYAqk1zMEJiKzBQlWccSFXc12Inmwpyt3dH6RMoh
Lr2qwHN9dAGLGcbfniovEVhNXJLGtH+7wtOEENOmUHEBwDFWo3Qg5wcIbIXPLaGc
zQiz8lyXnndIFFXGFXL3XTeJH1II6Zk=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:10:44 2025 by rpki-client