Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/4iVZAXDoeJcgAXm3epBp3Xyoy4M.roa
File: 4iVZAXDoeJcgAXm3epBp3Xyoy4M.roa (raw, json)
Hash identifier: z5wL7u9sGsg6RwKvmfjnOBY19uerktVKpvRSzrSf97c=
Subject key identifier: E2:25:59:01:70:E8:78:97:20:01:79:B7:7A:90:69:DD:7C:A8:CB:83
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018D56C52EAD6A0D38CBF8A14911604AC52F
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/4iVZAXDoeJcgAXm3epBp3Xyoy4M.roa
Signing time: Mon 29 Jan 2024 19:49:39 +0000
ROA not before: Mon 29 Jan 2024 19:49:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0f:fd00:cafe::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 20:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:c5:2e:ad:6a:0d:38:cb:f8:a1:49:11:60:4a:c5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 29 19:49:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e225590170e87897200179b77a9069dd7ca8cb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:66:3c:1c:4b:f0:b7:9d:a0:d0:79:40:e0:8b:
f6:ef:6e:92:61:65:20:be:51:63:06:ae:98:4a:5c:
43:c3:f9:ac:5e:5a:bd:60:19:d5:03:46:06:e0:20:
82:a5:d9:c0:09:65:8f:ad:20:d2:94:c9:bf:c6:6a:
87:d0:65:a6:09:39:08:83:08:07:bd:5f:88:b7:29:
cc:73:2f:42:45:53:bd:5a:97:a0:99:9d:54:b1:b4:
82:07:63:69:db:8d:65:9e:06:50:80:ba:c3:f4:10:
62:69:00:70:0d:d9:c6:ed:fa:94:db:94:be:41:52:
e3:97:68:5f:82:90:20:68:7e:76:15:aa:c0:67:a4:
79:2d:25:9d:d2:97:08:b4:79:aa:9a:0d:ad:2a:72:
61:d2:a3:9b:80:e6:96:73:bf:48:d7:5e:e9:02:f8:
6c:38:5a:47:7d:51:92:45:85:79:d5:9c:12:13:f8:
7a:bd:9c:21:bc:1f:f0:41:fd:66:77:72:c6:4d:75:
63:5e:b1:9e:a7:86:56:17:cf:0f:d8:c2:bd:bd:fa:
e8:8b:c0:22:04:69:76:a2:1d:db:7f:5f:81:a4:f4:
ed:82:a6:4b:cc:de:8f:89:b5:2d:7e:69:2b:82:74:
41:6b:84:19:c8:73:b5:91:34:25:3d:9c:d4:43:6a:
a0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:25:59:01:70:E8:78:97:20:01:79:B7:7A:90:69:DD:7C:A8:CB:83
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/4iVZAXDoeJcgAXm3epBp3Xyoy4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
34:fb:d4:52:75:aa:ce:d5:2a:d5:68:46:86:ed:9f:2f:a8:aa:
97:ae:0b:c0:88:4b:79:27:f9:ed:68:ff:dc:0f:61:94:4d:28:
8f:e8:63:4f:b0:66:ac:38:73:8a:6c:a3:5e:33:4b:30:52:67:
23:3c:60:89:25:ec:c3:69:87:ef:f1:66:a8:4f:59:e8:b9:1e:
07:10:fb:07:ea:64:10:1a:1f:f1:13:6a:94:7f:87:b4:21:93:
6c:4d:0b:7a:69:39:d4:bc:1f:35:94:6c:e5:a9:ec:ab:d5:25:
70:48:2c:08:09:ce:bd:24:60:80:fd:86:6d:c3:d2:26:66:74:
74:f6:bb:c0:fb:c3:f6:b0:cd:6e:a1:a5:d9:fb:44:8e:d1:c3:
d2:6a:c8:ce:81:9e:ad:70:29:cb:81:d7:01:72:42:5b:1a:69:
75:31:39:58:8e:62:6b:c8:39:d9:48:e6:ec:0d:ac:3a:49:f3:
23:e8:df:23:13:77:53:4d:76:3d:06:6b:66:92:5f:3f:0e:21:
94:5f:96:e5:1c:94:53:d2:69:0c:dc:12:79:a6:b8:f9:59:4f:
f5:2d:11:3a:93:e9:98:c2:75:c3:2e:6d:98:07:f0:55:b6:c6:
30:29:43:d3:14:0a:ea:f9:0c:84:a6:50:fe:5d:56:47:17:dc:
69:70:2d:42
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1WxS6tag04y/ihSRFgSsUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwMTI5MTk0OTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjI1NTkwMTcwZTg3ODk3MjAwMTc5Yjc3YTkwNjlkZDdjYThjYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGY8HEvwt52g0HlA4Iv2726SYWUg
vlFjBq6YSlxDw/msXlq9YBnVA0YG4CCCpdnACWWPrSDSlMm/xmqH0GWmCTkIgwgH
vV+ItynMcy9CRVO9WpegmZ1UsbSCB2Np241lngZQgLrD9BBiaQBwDdnG7fqU25S+
QVLjl2hfgpAgaH52FarAZ6R5LSWd0pcItHmqmg2tKnJh0qObgOaWc79I117pAvhs
OFpHfVGSRYV51ZwSE/h6vZwhvB/wQf1md3LGTXVjXrGep4ZWF88P2MK9vfroi8Ai
BGl2oh3bf1+BpPTtgqZLzN6PibUtfmkrgnRBa4QZyHO1kTQlPZzUQ2qg2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOIlWQFw6HiXIAF5t3qQad18qMuDMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvNGlWWkFYRG9lSmNnQVhtM2VwQnAzWHlveTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCLYHgMBYE
AgACMBADBQMqDlBAAwcAKg/9AMr+MA0GCSqGSIb3DQEBCwUAA4IBAQA0+9RSdarO
1SrVaEaG7Z8vqKqXrgvAiEt5J/ntaP/cD2GUTSiP6GNPsGasOHOKbKNeM0swUmcj
PGCJJezDaYfv8WaoT1nouR4HEPsH6mQQGh/xE2qUf4e0IZNsTQt6aTnUvB81lGzl
qeyr1SVwSCwICc69JGCA/YZtw9ImZnR09rvA+8P2sM1uoaXZ+0SO0cPSasjOgZ6t
cCnLgdcBckJbGml1MTlYjmJryDnZSObsDaw6SfMj6N8jE3dTTXY9Bmtmkl8/DiGU
X5blHJRT0mkM3BJ5prj5WU/1LRE6k+mYwnXDLm2YB/BVtsYwKUPTFArq+QyEplD+
XVZHF9xpcC1C
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:52:33 2025 by rpki-client