Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/2RdYEODFcz64Gj99jQ55mloccxU.roa
File: 2RdYEODFcz64Gj99jQ55mloccxU.roa (raw, json)
Hash identifier: g19KmH2Qxt8Wfj5NX8I/bUToTKUM1LsI+EaSV74mkiU=
Subject key identifier: D9:17:58:10:E0:C5:73:3E:B8:1A:3F:7D:8D:0E:79:9A:5A:1C:73:15
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01909726170F3A7C41030B7DB2D399A54694
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/2RdYEODFcz64Gj99jQ55mloccxU.roa
Signing time: Tue 09 Jul 2024 10:59:34 +0000
ROA not before: Tue 09 Jul 2024 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0e:5040::/32 maxlen: 32
2a0f:fd00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Jul 2024 13:58:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:26:17:0f:3a:7c:41:03:0b:7d:b2:d3:99:a5:46:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jul 9 10:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9175810e0c5733eb81a3f7d8d0e799a5a1c7315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:65:c4:d2:1c:1d:29:8a:2f:5e:04:23:df:c4:
03:77:95:80:a8:af:c7:a3:d1:d3:98:ef:4d:12:01:
ac:61:29:ab:40:51:af:69:18:62:14:04:f9:7c:97:
7f:c9:90:ef:5b:94:fa:19:fc:b8:e3:d9:e0:9f:85:
2d:5d:fe:9a:61:5e:95:e3:cf:91:41:aa:ce:7f:11:
a7:eb:e9:46:7c:19:22:46:34:c3:f1:e5:38:1a:e9:
15:e5:ae:0a:a2:bc:f5:d3:1b:a0:3a:90:5d:c2:26:
7b:51:83:63:5b:fe:6f:11:2d:68:1a:8b:bc:91:b6:
21:28:40:fb:a3:19:c6:a6:c0:bf:8d:87:1a:a4:e7:
f4:e0:bd:e2:d5:9b:c9:85:95:84:34:19:11:95:bf:
bd:71:80:b5:65:b6:c9:8f:83:f0:0a:9c:90:e5:c6:
12:78:73:75:9e:58:4e:af:ac:a1:35:af:f4:cd:23:
26:9c:ac:12:fd:97:e6:66:31:3b:df:b3:8a:ec:e4:
a0:ff:3f:e0:b3:26:8e:7b:6e:ce:05:6d:59:f2:a7:
8c:ce:a4:b4:9b:38:8a:c4:8a:7b:df:cd:6b:53:56:
63:50:f3:2c:08:1b:b3:f8:ce:51:49:0f:8c:b2:fd:
59:d7:a7:79:ed:d6:78:5a:41:00:01:53:fa:87:d9:
46:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:17:58:10:E0:C5:73:3E:B8:1A:3F:7D:8D:0E:79:9A:5A:1C:73:15
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/2RdYEODFcz64Gj99jQ55mloccxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
93:14:98:74:fa:06:15:d6:9c:8c:8a:d7:da:cb:f6:86:71:78:
ae:a0:e4:58:5d:b8:36:98:35:6e:dc:0e:6e:5e:4e:77:3d:b3:
be:b2:f7:0c:86:c7:10:15:80:f8:2c:71:3e:b7:22:0d:df:46:
05:0c:15:9c:83:26:9f:67:c8:0c:92:19:e3:5d:47:1e:ad:b8:
29:6d:bf:b7:82:25:e9:4a:ba:08:59:65:d5:f7:d5:21:e9:c8:
6f:36:0a:ad:ac:d9:a0:38:21:dc:fd:fa:a4:1f:bb:25:0d:1d:
96:99:43:cb:e5:91:d0:59:a3:93:45:70:66:2c:7e:84:9a:41:
16:11:1a:10:e3:10:f5:fd:ef:31:17:8b:90:91:68:7e:a0:b1:
5d:6e:98:de:08:de:39:13:e5:81:97:95:c5:d8:00:f7:c9:df:
55:72:08:38:2c:66:e6:9d:0f:68:f5:0f:7b:7a:b9:49:65:4e:
22:c7:0b:71:f7:d7:dc:8c:83:49:a7:75:f6:8f:27:74:2a:5a:
f0:13:7f:83:11:56:51:86:77:c5:89:4f:e1:a8:b7:12:bb:57:
d9:e9:7f:b5:e3:c3:40:25:6c:3c:a3:cb:09:d9:c5:5e:d9:95:
0c:f2:06:02:2c:c1:a8:cf:70:ea:cb:cc:41:74:d2:9e:95:5b:
6b:27:7e:24
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZCXJhcPOnxBAwt9stOZpUaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwNzA5MTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE3NTgxMGUwYzU3MzNlYjgxYTNmN2Q4ZDBlNzk5YTVhMWM3MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWXE0hwdKYovXgQj38QDd5WAqK/H
o9HTmO9NEgGsYSmrQFGvaRhiFAT5fJd/yZDvW5T6Gfy449ngn4UtXf6aYV6V48+R
QarOfxGn6+lGfBkiRjTD8eU4GukV5a4Korz10xugOpBdwiZ7UYNjW/5vES1oGou8
kbYhKED7oxnGpsC/jYcapOf04L3i1ZvJhZWENBkRlb+9cYC1ZbbJj4PwCpyQ5cYS
eHN1nlhOr6yhNa/0zSMmnKwS/ZfmZjE737OK7OSg/z/gsyaOe27OBW1Z8qeMzqS0
mziKxIp7381rU1ZjUPMsCBuz+M5RSQ+Msv1Z16d57dZ4WkEAAVP6h9lGyQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNkXWBDgxXM+uBo/fY0OeZpaHHMVMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvMlJkWUVPREZjejY0R2o5OWpRNTVtbG9jY3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAkxSYdPoGFdac
jIrX2sv2hnF4rqDkWF24Npg1btwObl5Odz2zvrL3DIbHEBWA+CxxPrciDd9GBQwV
nIMmn2fIDJIZ411HHq24KW2/t4Il6Uq6CFll1ffVIenIbzYKrazZoDgh3P36pB+7
JQ0dlplDy+WR0Fmjk0VwZix+hJpBFhEaEOMQ9f3vMReLkJFofqCxXW6Y3gjeORPl
gZeVxdgA98nfVXIIOCxm5p0PaPUPe3q5SWVOIscLcffX3IyDSad19o8ndCpa8BN/
gxFWUYZ3xYlP4ai3ErtX2el/tePDQCVsPKPLCdnFXtmVDPIGAizBqM9w6svMQXTS
npVbayd+JA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:04 2025 by rpki-client