Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AJ7XbNzUp6yZ7JQRO69D9pjJRK4.roa
File: AJ7XbNzUp6yZ7JQRO69D9pjJRK4.roa (raw, json)
Hash identifier: KdEXtMDL55xxg0RGobwxy/E/vSkCAT/pM5aM4orpKtQ=
Subject key identifier: 00:9E:D7:6C:DC:D4:A7:AC:99:EC:94:11:3B:AF:43:F6:98:C9:44:AE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0192E69781A5090531A7B6E67704000E43AD
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AJ7XbNzUp6yZ7JQRO69D9pjJRK4.roa
Signing time: Fri 01 Nov 2024 07:19:01 +0000
ROA not before: Fri 01 Nov 2024 07:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210899
IP address blocks: 45.137.105.0/24 maxlen: 24
2a0e:d601:7220::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:97:81:a5:09:05:31:a7:b6:e6:77:04:00:0e:43:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 1 07:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=009ed76cdcd4a7ac99ec94113baf43f698c944ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5a:f4:bc:71:02:73:7c:df:63:7c:01:94:ac:
8d:8b:ac:bd:48:20:db:d2:df:7a:79:c3:6d:61:b8:
d1:25:32:1c:db:91:7f:9a:53:02:77:61:30:3e:1d:
b2:42:3b:fb:86:e6:98:79:4e:db:5f:a7:08:42:ea:
7a:86:0e:56:80:ae:21:9d:a2:b5:90:e6:8d:ae:26:
01:9b:ed:e3:61:97:3d:a8:a3:ef:f0:a3:a8:af:9d:
af:b3:eb:c3:78:f9:cf:59:96:fe:0c:a0:64:43:4b:
f3:36:5e:69:e1:d0:44:2f:1d:90:cb:91:66:32:24:
77:ac:0f:40:76:08:a1:1c:34:d6:30:9b:05:3d:28:
24:a0:81:55:7b:40:db:6b:3b:fd:f6:21:ef:aa:42:
11:ca:9d:9c:6b:9a:78:c3:9e:9a:2a:80:f5:d8:cb:
05:3d:f3:9e:04:02:4e:22:60:fb:94:2b:f4:99:15:
c9:b8:4f:43:93:1e:ea:87:ca:ef:c7:ae:c6:32:31:
bd:6a:26:ed:08:13:33:3e:c4:b6:0d:7b:3c:63:49:
8b:a5:0f:ac:cb:9f:2a:e4:44:6c:a8:5b:5c:9e:5a:
cc:f4:f4:40:b7:f7:50:07:1e:17:09:c2:94:71:ee:
e7:ce:2d:5b:a1:84:bb:08:5d:b3:38:85:97:33:59:
f4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9E:D7:6C:DC:D4:A7:AC:99:EC:94:11:3B:AF:43:F6:98:C9:44:AE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AJ7XbNzUp6yZ7JQRO69D9pjJRK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.105.0/24
IPv6:
2a0e:d601:7220::/48
Signature Algorithm: sha256WithRSAEncryption
70:34:95:61:6e:59:9f:b9:cf:40:1b:6a:9f:ca:b5:95:ec:b2:
e5:88:60:72:17:d6:52:70:f1:14:cb:60:8b:d7:3f:fa:82:6f:
df:af:e7:80:d6:03:a1:e9:9d:55:f2:6e:f6:64:d1:df:cc:8c:
64:eb:6c:d9:86:46:15:c9:39:6e:83:6e:dc:8b:46:1e:39:f6:
c0:a6:f4:43:06:e6:90:6d:50:be:7f:31:da:10:43:63:2c:c7:
66:50:45:ef:83:ce:d6:a7:7b:5e:4b:a6:7b:2e:7d:5f:a2:8c:
68:70:82:71:4f:84:50:d4:7f:ce:2f:27:74:e0:98:e7:01:98:
57:a8:25:0d:82:61:78:6f:c9:61:61:10:c5:46:50:45:11:ab:
b2:0b:05:43:81:0f:6e:b5:e1:13:70:75:71:28:ff:68:90:5a:
fb:dd:4b:11:03:e9:39:c4:b0:57:f9:47:8f:cf:66:d0:f9:d1:
4c:94:44:f9:38:67:f3:ae:72:ca:98:97:15:e8:b4:af:85:1c:
f9:1e:26:78:f9:6b:a1:d0:10:65:bb:80:0a:92:0e:36:3c:2e:
5d:a9:ab:3e:17:b0:a6:c9:9f:62:3a:75:05:6f:0b:65:8c:a0:
33:6f:ac:e3:19:1f:b3:46:96:7f:ea:79:76:5e:6e:9e:60:e8:
96:2a:e8:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZLml4GlCQUxp7bmdwQADkOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQxMTAxMDcxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDllZDc2Y2RjZDRhN2FjOTllYzk0MTEzYmFmNDNmNjk4Yzk0NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVr0vHECc3zfY3wBlKyNi6y9SCDb
0t96ecNtYbjRJTIc25F/mlMCd2EwPh2yQjv7huaYeU7bX6cIQup6hg5WgK4hnaK1
kOaNriYBm+3jYZc9qKPv8KOor52vs+vDePnPWZb+DKBkQ0vzNl5p4dBELx2Qy5Fm
MiR3rA9AdgihHDTWMJsFPSgkoIFVe0Dbazv99iHvqkIRyp2ca5p4w56aKoD12MsF
PfOeBAJOImD7lCv0mRXJuE9Dkx7qh8rvx67GMjG9aibtCBMzPsS2DXs8Y0mLpQ+s
y58q5ERsqFtcnlrM9PRAt/dQBx4XCcKUce7nzi1boYS7CF2zOIWXM1n0WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFACe12zc1KesmeyUETuvQ/aYyUSuMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQUo3WGJOelVwNnlaN0pRUk82OUQ5cGpKUks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYlpMA8E
AgACMAkDBwAqDtYBciAwDQYJKoZIhvcNAQELBQADggEBAHA0lWFuWZ+5z0Abap/K
tZXssuWIYHIX1lJw8RTLYIvXP/qCb9+v54DWA6HpnVXybvZk0d/MjGTrbNmGRhXJ
OW6DbtyLRh459sCm9EMG5pBtUL5/MdoQQ2Msx2ZQRe+Dztane15LpnsufV+ijGhw
gnFPhFDUf84vJ3TgmOcBmFeoJQ2CYXhvyWFhEMVGUEURq7ILBUOBD2614RNwdXEo
/2iQWvvdSxED6TnEsFf5R4/PZtD50UyURPk4Z/OucsqYlxXotK+FHPkeJnj5a6HQ
EGW7gAqSDjY8Ll2pqz4XsKbJn2I6dQVvC2WMoDNvrOMZH7NGln/qeXZebp5g6JYq
6CQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:06 2025 by rpki-client