Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/55tXlDd7UR6qdbl5Gn1x5_zkroA.roa
File: 55tXlDd7UR6qdbl5Gn1x5_zkroA.roa (raw, json)
Hash identifier: U2fo2YtiH2p/qkNWZtH9i6J9DPkxNG5TY+CyYSGiyaQ=
Subject key identifier: E7:9B:57:94:37:7B:51:1E:AA:75:B9:79:1A:7D:71:E7:FC:E4:AE:80
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5B0B3C0F73C78F0D3A3E2DDD9142
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/55tXlDd7UR6qdbl5Gn1x5_zkroA.roa
Signing time: Tue 02 Jan 2024 12:34:48 +0000
ROA not before: Tue 02 Jan 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60952
IP address blocks: 45.132.15.0/24 maxlen: 32
92.119.149.0/24 maxlen: 32
2a06:7a02::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5b:0b:3c:0f:73:c7:8f:0d:3a:3e:2d:dd:91:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e79b5794377b511eaa75b9791a7d71e7fce4ae80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:39:5e:de:f4:50:dc:7c:28:85:aa:3d:43:
a8:28:7e:0c:68:50:ef:7b:87:e9:a3:99:02:b3:c0:
38:42:25:47:f9:99:76:fe:e7:9f:d4:47:44:ac:56:
03:8b:68:65:2a:2f:49:7c:5e:51:59:bf:57:0b:8c:
34:4d:89:4a:1b:5d:00:d2:c0:b4:96:da:6e:03:e0:
22:14:dc:51:40:1b:84:af:79:cf:6a:55:b6:f4:dd:
0a:18:4c:36:4d:55:49:39:b9:59:70:35:68:7e:1c:
39:e1:31:a7:a7:ec:05:0b:89:9d:25:47:73:8b:ba:
ec:88:da:48:e5:2b:63:ba:a4:5b:b6:12:1b:53:bf:
ea:19:4d:87:0a:b1:44:ec:d2:91:7c:65:49:7e:2a:
55:80:7b:70:43:7f:9c:ee:5b:52:db:80:3b:fd:c0:
20:1b:b9:e0:ca:05:0b:80:5d:39:05:65:07:96:f5:
5c:e9:c4:69:61:49:61:10:b7:d5:46:be:d8:5c:e4:
99:f1:af:d2:0e:b5:49:dd:b3:3f:57:ed:91:74:5a:
49:6f:ed:a2:53:3c:bb:c8:7f:ff:e5:03:f3:1b:08:
47:59:42:18:33:8a:94:94:30:5b:e3:5a:df:fd:40:
97:42:24:2e:64:b4:c1:a5:fe:e8:43:80:6b:52:40:
cf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9B:57:94:37:7B:51:1E:AA:75:B9:79:1A:7D:71:E7:FC:E4:AE:80
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/55tXlDd7UR6qdbl5Gn1x5_zkroA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.15.0/24
92.119.149.0/24
IPv6:
2a06:7a02::/48
Signature Algorithm: sha256WithRSAEncryption
51:0f:b0:e8:95:8b:a7:e3:11:fa:35:3e:9c:dd:5a:2f:b7:87:
33:df:bd:17:dd:44:a2:43:60:b7:79:8e:0c:f7:a0:8a:e0:cc:
70:8e:64:81:f1:bb:02:a3:18:c1:b6:b9:00:ae:d1:86:41:c2:
57:96:ef:fe:33:ae:09:b0:fe:14:da:b1:5e:09:ff:34:36:4a:
7b:17:69:92:80:d8:16:07:12:ea:0a:12:9d:47:ae:3b:f9:17:
39:65:49:00:2b:03:1f:3f:5d:a4:9d:d7:5e:c5:d5:49:44:09:
3c:3a:42:5a:b0:e9:bf:21:7a:63:ab:ab:66:fe:3d:e5:ea:4f:
f4:5f:dd:2f:18:f5:33:f7:87:3f:d8:47:93:dc:28:9c:07:0f:
55:66:90:8a:4e:6a:f3:a3:e4:e1:cb:51:3b:18:fa:9d:51:49:
e2:55:39:b4:ff:e6:df:cb:05:2e:0e:c2:43:10:1d:9d:9a:64:
c7:3a:4f:a8:26:4b:3e:53:90:47:f2:f6:65:23:c1:67:33:d2:
ab:56:80:32:31:e2:b7:83:96:ab:0a:2a:e8:85:1f:64:b7:2d:
59:e2:af:a6:67:56:92:62:5e:47:6b:9d:d2:44:30:fb:7b:a0:
f5:c8:3c:03:b3:7d:4d:eb:c3:e0:6f:26:66:ef:c7:31:86:14:
1e:79:3a:77
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK1sLPA9zx48NOj4t3ZFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzliNTc5NDM3N2I1MTFlYWE3NWI5NzkxYTdkNzFlN2ZjZTRhZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAc5Xt70UNx8KIWqPUOoKH4MaFDv
e4fpo5kCs8A4QiVH+Zl2/uef1EdErFYDi2hlKi9JfF5RWb9XC4w0TYlKG10A0sC0
ltpuA+AiFNxRQBuEr3nPalW29N0KGEw2TVVJOblZcDVofhw54TGnp+wFC4mdJUdz
i7rsiNpI5StjuqRbthIbU7/qGU2HCrFE7NKRfGVJfipVgHtwQ3+c7ltS24A7/cAg
G7ngygULgF05BWUHlvVc6cRpYUlhELfVRr7YXOSZ8a/SDrVJ3bM/V+2RdFpJb+2i
Uzy7yH//5QPzGwhHWUIYM4qUlDBb41rf/UCXQiQuZLTBpf7oQ4BrUkDP8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOebV5Q3e1EeqnW5eRp9cef85K6AMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNTV0WGxEZDdVUjZxZGJsNUduMXg1X3prcm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYQPAwQA
XHeVMA8EAgACMAkDBwAqBnoCAAAwDQYJKoZIhvcNAQELBQADggEBAFEPsOiVi6fj
Efo1PpzdWi+3hzPfvRfdRKJDYLd5jgz3oIrgzHCOZIHxuwKjGMG2uQCu0YZBwleW
7/4zrgmw/hTasV4J/zQ2SnsXaZKA2BYHEuoKEp1Hrjv5FzllSQArAx8/XaSd117F
1UlECTw6Qlqw6b8hemOrq2b+PeXqT/Rf3S8Y9TP3hz/YR5PcKJwHD1VmkIpOavOj
5OHLUTsY+p1RSeJVObT/5t/LBS4OwkMQHZ2aZMc6T6gmSz5TkEfy9mUjwWcz0qtW
gDIx4reDlqsKKuiFH2S3LVnir6ZnVpJiXkdrndJEMPt7oPXIPAOzfU3rw+BvJmbv
xzGGFB55Onc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:57 2025 by rpki-client