Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/BPwtflHtQ3I_Fk6MG8pl02n7EG4.roa
File: BPwtflHtQ3I_Fk6MG8pl02n7EG4.roa (raw, json)
Hash identifier: 0qSNDJAU1qEC0jINH6qNq3YNI2sbKrQR+2U5qjiQ1sE=
Subject key identifier: 04:FC:2D:7E:51:ED:43:72:3F:16:4E:8C:1B:CA:65:D3:69:FB:10:6E
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019299C0B795142209C0D8991FF536D2DC5C
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/BPwtflHtQ3I_Fk6MG8pl02n7EG4.roa
Signing time: Thu 17 Oct 2024 09:13:16 +0000
ROA not before: Thu 17 Oct 2024 09:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 10:28:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:c0:b7:95:14:22:09:c0:d8:99:1f:f5:36:d2:dc:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 17 09:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04fc2d7e51ed43723f164e8c1bca65d369fb106e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:ac:25:50:36:af:ff:d8:db:bf:5b:b4:82:
85:2e:40:b0:38:19:6e:73:31:61:a7:79:f5:a2:16:
09:e9:5b:bc:73:aa:4d:cc:1f:a6:ca:6b:ba:42:1d:
72:bb:36:80:74:84:ee:9b:b2:40:8c:a4:d7:d5:d0:
6c:fb:0f:83:42:1e:1b:88:1f:8f:d9:03:e5:ed:0e:
33:ba:8b:a2:dc:aa:fc:06:1a:34:00:aa:6d:1b:ce:
9b:b9:18:32:d1:05:ba:04:ef:5e:97:71:c3:3a:84:
f3:fd:e5:83:7f:27:e9:7f:5d:9c:0f:0d:05:17:e4:
32:00:b5:a2:57:c8:49:64:e5:1c:3d:84:cb:79:ac:
bb:68:cd:df:41:8e:3e:83:c8:c2:c1:ae:d9:7e:bf:
75:6b:21:05:e2:72:bf:62:e4:f2:06:ae:76:a2:ae:
89:46:4a:d3:47:f6:e0:9d:73:bc:3c:b9:33:fe:90:
bc:8e:d2:1a:e4:cb:0c:19:c1:fb:6b:6f:a9:de:c6:
fc:3e:40:98:8c:98:c7:bc:01:0c:39:22:0f:0c:01:
0f:9a:7e:f0:6d:52:12:8e:44:64:93:4b:5a:5c:12:
03:95:da:af:e1:e0:ed:36:88:8a:65:cf:23:09:f1:
9d:de:d9:86:14:6b:ba:3c:7d:e3:59:67:3f:8d:7b:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FC:2D:7E:51:ED:43:72:3F:16:4E:8C:1B:CA:65:D3:69:FB:10:6E
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/BPwtflHtQ3I_Fk6MG8pl02n7EG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
b4:ae:f6:8c:13:5f:74:82:c3:40:d8:71:aa:96:5b:1e:dc:19:
7b:b2:42:6e:76:a2:5a:d4:00:99:dd:8d:0c:af:82:5c:3b:07:
72:1f:85:1f:35:bf:e7:fe:7b:c8:a5:a1:e1:f1:d8:46:48:7b:
01:35:e7:70:7a:fb:b4:3f:ec:c1:33:bb:12:92:ff:bd:ed:06:
6d:75:9d:2f:f2:a7:d7:b4:ad:c2:6b:73:e7:54:46:5d:5b:f0:
3e:b6:a8:f2:eb:a8:1e:2f:67:f8:7a:bb:d5:7b:f7:17:dd:ab:
3c:51:d0:05:53:25:43:d9:78:77:e6:c2:15:b6:f4:60:ac:5d:
d8:de:35:a8:68:ea:3b:4c:70:e6:07:e7:74:5f:8b:22:fb:8c:
05:b7:ae:eb:09:d3:f8:d3:e6:d4:8d:b9:c3:5f:81:45:eb:d1:
6a:eb:a5:13:8e:cf:92:a2:5b:53:aa:57:55:4f:bc:1c:b2:4b:
df:3e:64:a0:e4:ce:5a:43:ab:8c:98:99:7f:1e:95:dd:f5:4a:
23:f9:b2:a1:42:f1:7b:25:3f:20:c8:9f:92:7a:82:7f:e5:28:
76:2a:0e:97:22:4d:c4:e7:d2:3e:ae:84:01:d2:f4:35:32:27:
99:df:0f:13:16:ca:29:44:3b:98:65:76:38:86:ae:9f:0e:56:
79:4e:0c:a2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKZwLeVFCIJwNiZH/U20txcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE3MDkxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZjMmQ3ZTUxZWQ0MzcyM2YxNjRlOGMxYmNhNjVkMzY5ZmIxMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPisJVA2r//Y279btIKFLkCwOBlu
czFhp3n1ohYJ6Vu8c6pNzB+mymu6Qh1yuzaAdITum7JAjKTX1dBs+w+DQh4biB+P
2QPl7Q4zuoui3Kr8Bho0AKptG86buRgy0QW6BO9el3HDOoTz/eWDfyfpf12cDw0F
F+QyALWiV8hJZOUcPYTLeay7aM3fQY4+g8jCwa7Zfr91ayEF4nK/YuTyBq52oq6J
RkrTR/bgnXO8PLkz/pC8jtIa5MsMGcH7a2+p3sb8PkCYjJjHvAEMOSIPDAEPmn7w
bVISjkRkk0taXBIDldqv4eDtNoiKZc8jCfGd3tmGFGu6PH3jWWc/jXuMFwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAT8LX5R7UNyPxZOjBvKZdNp+xBuMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvQlB3dGZsSHRRM0lfRms2TUc4cGwwMm43RUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEAtK72jBNfdILD
QNhxqpZbHtwZe7JCbnaiWtQAmd2NDK+CXDsHch+FHzW/5/57yKWh4fHYRkh7ATXn
cHr7tD/swTO7EpL/ve0GbXWdL/Kn17Stwmtz51RGXVvwPrao8uuoHi9n+Hq71Xv3
F92rPFHQBVMlQ9l4d+bCFbb0YKxd2N41qGjqO0xw5gfndF+LIvuMBbeu6wnT+NPm
1I25w1+BRevRauulE47PkqJbU6pXVU+8HLJL3z5koOTOWkOrjJiZfx6V3fVKI/my
oULxeyU/IMifknqCf+UodioOlyJNxOfSPq6EAdL0NTInmd8PExbKKUQ7mGV2OIau
nw5WeU4Mog==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:58:53 2025 by rpki-client