Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CW5o2_BmymHZozuItOFFcLW9VBw.roa
File: CW5o2_BmymHZozuItOFFcLW9VBw.roa (raw, json)
Hash identifier: stmALu3Jp2ZLO1/gzMSTeZ4l1xNfD8/XX4X/7NZyy20=
Subject key identifier: 09:6E:68:DB:F0:66:CA:61:D9:A3:3B:88:B4:E1:45:70:B5:BD:54:1C
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01929A4A0B8894E46988CDEF98B7ED667F87
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CW5o2_BmymHZozuItOFFcLW9VBw.roa
Signing time: Thu 17 Oct 2024 11:43:16 +0000
ROA not before: Thu 17 Oct 2024 11:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 20:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:4a:0b:88:94:e4:69:88:cd:ef:98:b7:ed:66:7f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 17 11:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=096e68dbf066ca61d9a33b88b4e14570b5bd541c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:1f:d2:f4:ca:28:49:76:05:b6:2c:e3:93:
3b:3b:65:65:40:e2:bc:95:de:5a:31:31:6e:68:f8:
d3:1d:81:e5:0a:a7:da:fd:0c:4f:79:dd:39:4f:8b:
0e:65:65:76:82:a4:df:a9:e9:1f:c8:c3:ed:b7:2e:
4a:f9:66:f1:32:4c:53:87:8f:e8:06:8b:19:f0:0e:
17:4f:ca:63:41:35:43:52:73:85:4e:49:81:8f:46:
cd:d1:d0:3f:b0:e9:80:97:37:fd:44:9e:fe:56:6a:
3c:22:9a:04:98:a1:4c:db:c9:52:dc:47:f7:08:77:
c5:66:23:8d:46:38:f1:cc:3e:3e:b2:76:f4:4a:f8:
c2:46:4b:3e:cb:68:51:0b:2e:7f:da:a7:02:3d:7d:
5f:6f:1d:9c:ef:5d:b2:c3:aa:73:e7:96:42:20:7c:
e7:61:59:23:66:bc:72:71:8e:52:ea:9c:9d:ca:13:
1c:ac:70:13:7a:ec:99:a9:04:88:88:60:7b:87:55:
3f:ac:e8:e0:db:df:aa:6a:ca:08:e3:12:fe:61:04:
57:7c:2a:0b:ff:77:d4:da:fa:81:07:0f:1c:a9:ec:
94:d7:55:bb:38:4f:bb:77:09:f8:d3:0c:c4:72:f1:
35:9e:a9:fa:4d:95:98:39:0f:48:86:3e:b7:7d:34:
7d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6E:68:DB:F0:66:CA:61:D9:A3:3B:88:B4:E1:45:70:B5:BD:54:1C
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CW5o2_BmymHZozuItOFFcLW9VBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
2a:8b:83:e5:92:99:c2:7b:3a:be:1a:3a:9c:8e:b9:e9:9e:48:
60:bb:f5:d2:83:4d:22:63:c4:22:08:b5:a5:8b:c0:b4:1a:93:
7c:ba:94:bf:eb:02:59:42:c3:f1:65:2f:dd:36:ec:d6:dd:43:
fa:63:70:7e:9c:a9:4e:97:8c:4f:84:73:43:6b:cf:4c:82:05:
b9:6c:57:c5:4d:15:a6:2b:c0:3b:a5:ae:fc:47:57:3c:66:b1:
7c:2b:2a:b6:8f:e6:40:35:88:db:34:ce:5b:56:c1:d2:6b:9b:
4f:c5:1a:8e:a5:61:a9:93:ae:a6:a4:cf:a8:e4:30:9f:47:0a:
b2:fc:5a:d6:b1:d4:b1:a0:3a:1c:db:82:b5:53:46:38:7c:f8:
99:74:59:9b:06:fb:72:72:20:46:fe:c2:2f:ca:5d:a1:1c:91:
c1:ce:52:2c:71:e0:a6:d1:67:c6:65:2d:6b:94:4c:74:7e:58:
88:b7:3f:85:39:b1:93:fa:5f:3b:04:2d:1b:95:38:7c:02:6e:
d6:56:cd:ec:cc:6a:9d:d6:39:a9:ae:24:4f:a9:5f:ca:34:e4:
9b:b9:a6:4c:e0:89:2d:59:c1:3a:ac:b4:3c:08:2d:c4:94:32:
0f:3f:6a:2e:8d:28:a8:b9:6f:cb:c1:6d:67:ac:6c:f8:66:b0:
91:ca:d8:ba
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKaSguIlORpiM3vmLftZn+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE3MTE0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZlNjhkYmYwNjZjYTYxZDlhMzNiODhiNGUxNDU3MGI1YmQ1NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/If0vTKKEl2BbYs45M7O2VlQOK8
ld5aMTFuaPjTHYHlCqfa/QxPed05T4sOZWV2gqTfqekfyMPtty5K+WbxMkxTh4/o
BosZ8A4XT8pjQTVDUnOFTkmBj0bN0dA/sOmAlzf9RJ7+Vmo8IpoEmKFM28lS3Ef3
CHfFZiONRjjxzD4+snb0SvjCRks+y2hRCy5/2qcCPX1fbx2c712yw6pz55ZCIHzn
YVkjZrxycY5S6pydyhMcrHATeuyZqQSIiGB7h1U/rOjg29+qasoI4xL+YQRXfCoL
/3fU2vqBBw8cqeyU11W7OE+7dwn40wzEcvE1nqn6TZWYOQ9Ihj63fTR9/wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAluaNvwZsph2aM7iLThRXC1vVQcMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvQ1c1bzJfQm15bUhab3p1SXRPRkZjTFc5VkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEAKouD5ZKZwns6
vho6nI656Z5IYLv10oNNImPEIgi1pYvAtBqTfLqUv+sCWULD8WUv3Tbs1t1D+mNw
fpypTpeMT4RzQ2vPTIIFuWxXxU0VpivAO6Wu/EdXPGaxfCsqto/mQDWI2zTOW1bB
0mubT8UajqVhqZOupqTPqOQwn0cKsvxa1rHUsaA6HNuCtVNGOHz4mXRZmwb7cnIg
Rv7CL8pdoRyRwc5SLHHgptFnxmUta5RMdH5YiLc/hTmxk/pfOwQtG5U4fAJu1lbN
7MxqndY5qa4kT6lfyjTkm7mmTOCJLVnBOqy0PAgtxJQyDz9qLo0oqLlvy8FtZ6xs
+GawkcrYug==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:37:43 2025 by rpki-client