Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/jPgEFI6wEKwrHcqQlr2xsynMf7E.roa
File: jPgEFI6wEKwrHcqQlr2xsynMf7E.roa (raw, json)
Hash identifier: vpUpWLvUYHwqBcuBnTvciYk7GCSgNOx5f6g5n2b8xVI=
Subject key identifier: 8C:F8:04:14:8E:B0:10:AC:2B:1D:CA:90:96:BD:B1:B3:29:CC:7F:B1
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 018CC26D58EF1FEE512127550048FCE075ED
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/jPgEFI6wEKwrHcqQlr2xsynMf7E.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204068
IP address blocks: 45.129.58.0/24 maxlen: 24
45.129.57.0/24 maxlen: 24
2a03:1b20:beed::/48 maxlen: 48
2a03:1b20:beee::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:58:ef:1f:ee:51:21:27:55:00:48:fc:e0:75:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf804148eb010ac2b1dca9096bdb1b329cc7fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:17:c1:b2:54:8b:08:23:a7:66:60:11:bb:1e:
65:bb:7c:ab:a8:b9:f4:ff:5f:8f:44:ca:0e:de:89:
c4:85:a3:40:4e:50:17:3d:ce:f7:77:4c:af:e9:b7:
84:23:bc:70:a8:b5:77:f7:22:1c:cc:65:09:36:ea:
48:73:4c:30:64:f0:54:75:ec:01:8e:01:d6:ba:61:
a7:cc:fc:f7:29:8d:e4:de:ac:1c:8a:88:3c:19:9a:
ba:df:bc:e0:1f:27:a0:29:2e:8a:63:a3:2f:16:eb:
72:48:6e:e7:48:c7:bf:59:39:46:8a:c9:08:64:74:
e5:f8:e8:b6:7f:e4:46:89:12:f3:ff:21:51:23:db:
1b:13:aa:83:2e:ac:de:35:bb:32:d6:d1:c0:8d:f2:
b1:06:65:28:91:da:7d:9f:d8:29:9f:30:88:18:91:
68:02:e9:be:36:2e:2e:fb:6b:e9:a1:83:6d:40:2e:
6c:82:35:9c:d6:ad:ee:88:66:56:e3:1b:0b:7f:3a:
53:a1:eb:86:40:d7:37:d0:44:9a:17:ca:c3:3f:87:
1c:c1:b5:d0:f7:fc:9d:79:2c:14:1f:12:ba:a5:7b:
c7:11:5e:f4:e6:2e:be:29:1d:ea:98:b6:0d:c7:d6:
9d:ee:27:a2:86:88:86:b0:a8:0e:f8:d2:3c:4f:3d:
36:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F8:04:14:8E:B0:10:AC:2B:1D:CA:90:96:BD:B1:B3:29:CC:7F:B1
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/jPgEFI6wEKwrHcqQlr2xsynMf7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.57.0-45.129.58.255
IPv6:
2a03:1b20:beed::-2a03:1b20:beee:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:cf:18:82:5e:90:76:f9:d9:23:da:82:40:ff:24:91:5e:1d:
b9:91:d5:0c:35:e0:e2:77:bf:31:ea:17:cc:81:e9:60:b5:f8:
95:c4:ea:70:f0:6f:0a:36:89:93:b7:31:54:83:b9:31:65:f1:
2b:c3:8e:04:9c:9d:b3:59:1c:d4:7c:99:05:6a:23:d1:d0:93:
d2:77:88:67:1e:ff:f7:3e:ec:27:ce:28:fb:d0:82:6b:41:98:
22:d8:57:9a:c2:fe:ec:b8:ea:c9:11:80:38:ed:16:74:46:6b:
c2:bc:44:56:a3:8b:de:c1:d3:4f:0a:17:15:18:17:96:6f:94:
a7:0d:8a:1f:41:9e:05:06:a0:fc:dd:57:96:7d:59:e7:c6:69:
c0:98:e4:03:e3:2b:56:4b:e5:d0:30:7a:14:3f:39:10:77:a1:
5d:c7:d4:a9:84:6b:05:76:8d:bb:96:83:b7:e4:87:32:af:fd:
df:c2:62:53:22:3e:96:e0:11:c8:7d:7e:08:c3:0e:12:ef:09:
cd:da:4f:bd:53:e3:3e:b9:27:65:73:c0:26:1d:4c:d2:b6:58:
64:96:f6:f5:d6:96:81:a8:ad:a3:3f:64:c3:ec:43:95:46:f5:
18:d9:73:37:49:8a:89:a1:8d:56:31:0a:f8:2d:0f:44:af:83:
76:89:da:08
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzCbVjvH+5RISdVAEj84HXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y4MDQxNDhlYjAxMGFjMmIxZGNhOTA5NmJkYjFiMzI5Y2M3ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RfBslSLCCOnZmARux5lu3yrqLn0
/1+PRMoO3onEhaNATlAXPc73d0yv6beEI7xwqLV39yIczGUJNupIc0wwZPBUdewB
jgHWumGnzPz3KY3k3qwciog8GZq637zgHyegKS6KY6MvFutySG7nSMe/WTlGiskI
ZHTl+Oi2f+RGiRLz/yFRI9sbE6qDLqzeNbsy1tHAjfKxBmUokdp9n9gpnzCIGJFo
Aum+Ni4u+2vpoYNtQC5sgjWc1q3uiGZW4xsLfzpToeuGQNc30ESaF8rDP4ccwbXQ
9/ydeSwUHxK6pXvHEV705i6+KR3qmLYNx9ad7ieihoiGsKgO+NI8Tz02NQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIz4BBSOsBCsKx3KkJa9sbMpzH+xMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvalBnRUZJNndFS3dySGNxUWxyMnhzeW5NZjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAAtgTkD
BAAtgTowGgQCAAIwFDASAwcAKgMbIL7tAwcAKgMbIL7uMA0GCSqGSIb3DQEBCwUA
A4IBAQAozxiCXpB2+dkj2oJA/ySRXh25kdUMNeDid78x6hfMgelgtfiVxOpw8G8K
NomTtzFUg7kxZfErw44EnJ2zWRzUfJkFaiPR0JPSd4hnHv/3Puwnzij70IJrQZgi
2Feawv7suOrJEYA47RZ0RmvCvERWo4vewdNPChcVGBeWb5SnDYofQZ4FBqD83VeW
fVnnxmnAmOQD4ytWS+XQMHoUPzkQd6Fdx9SphGsFdo27loO35Icyr/3fwmJTIj6W
4BHIfX4Iww4S7wnN2k+9U+M+uSdlc8AmHUzStlhklvb11paBqK2jP2TD7EOVRvUY
2XM3SYqJoY1WMQr4LQ9Er4N2idoI
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:39:31 2025 by rpki-client