Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/DJjDf957_BXlLY1eZ-s8nAeCohc.roa
File: DJjDf957_BXlLY1eZ-s8nAeCohc.roa (raw, json)
Hash identifier: w8Aj5mEJX0sQRtfb43J1DfE69c7i8zVdV4cX2DefEwU=
Subject key identifier: 0C:98:C3:7F:DE:7B:FC:15:E5:2D:8D:5E:67:EB:3C:9C:07:82:A2:17
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018F817B2EE219FBD8C43334AD9CF2E7A3CD
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/DJjDf957_BXlLY1eZ-s8nAeCohc.roa
Signing time: Thu 16 May 2024 12:58:04 +0000
ROA not before: Thu 16 May 2024 12:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jul 2024 10:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:7b:2e:e2:19:fb:d8:c4:33:34:ad:9c:f2:e7:a3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: May 16 12:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c98c37fde7bfc15e52d8d5e67eb3c9c0782a217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:a4:06:ce:f5:53:22:6c:83:44:1a:7c:b3:
c9:71:93:c1:10:5d:ff:48:0a:b7:58:04:c1:41:7e:
e6:14:69:81:e1:9a:a5:2f:d6:80:b2:03:f9:ae:d5:
15:cb:4b:e4:ce:de:cd:86:81:47:07:ef:f7:33:f2:
98:80:10:21:2b:b6:97:ed:89:9c:5a:bb:5d:de:d4:
04:53:ff:9d:c2:07:e9:cf:92:e0:6d:9d:09:5b:a7:
de:1f:b7:dc:07:ac:b0:13:15:0a:66:af:9a:72:e5:
5d:7d:20:12:f7:dc:5b:14:90:b6:f5:40:2a:50:fc:
bc:3f:b2:79:fc:03:4c:b8:44:a8:a6:10:6a:1b:74:
93:5b:70:40:7e:73:8e:3a:26:da:26:a5:72:04:03:
b8:3f:7b:05:d1:93:3b:12:3a:c8:1c:18:ef:92:aa:
b6:43:ef:55:60:2b:93:c1:ac:8d:ad:ed:a3:52:4e:
36:84:79:2f:57:33:ed:7e:7c:3a:a9:5b:ee:e5:91:
e9:58:8e:af:5e:24:32:22:89:a6:ee:9f:a3:b6:07:
17:e9:a4:fc:85:a9:40:98:4a:1c:b4:90:58:77:f3:
73:81:14:d4:4a:0d:81:54:02:4e:8f:03:69:6e:c1:
a4:c5:30:4a:69:71:6d:e9:06:36:3e:f4:04:c5:09:
e2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:98:C3:7F:DE:7B:FC:15:E5:2D:8D:5E:67:EB:3C:9C:07:82:A2:17
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/DJjDf957_BXlLY1eZ-s8nAeCohc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:4e:8c:6d:c6:5c:1d:fa:6d:41:2f:a4:d8:c2:c8:36:9f:44:
fc:da:e6:fc:2e:9f:9a:52:53:0d:df:6c:11:f4:d7:0b:cc:db:
f1:fb:6d:d6:ba:13:1d:e6:57:1b:ca:1f:95:5e:81:45:0e:72:
0e:03:ae:73:9a:05:60:4f:5a:15:b4:87:0f:e7:89:55:4a:22:
6e:05:7f:f2:07:a5:54:7e:6a:b1:2d:0e:4a:f3:8f:12:71:a8:
31:1d:54:f0:f3:74:03:e2:78:6e:d0:4a:a6:58:60:3d:8c:e1:
d4:1b:99:fc:8e:6f:25:30:9f:f2:d3:0a:26:3a:96:0b:05:03:
5e:04:eb:cd:de:b8:da:e0:97:1c:ec:17:1a:09:c0:f7:d1:e6:
14:4b:72:9d:c3:80:dd:2d:7e:07:da:b2:ed:5d:9b:86:24:f9:
f4:6d:e0:bc:91:60:83:f8:b1:6f:cc:81:26:40:71:eb:c5:52:
b2:29:f4:c4:32:42:c0:33:3d:c5:0c:2a:a8:5f:b3:00:93:fe:
c1:d9:57:0f:d4:4a:9a:73:73:bd:2a:8c:64:76:b3:fe:dd:35:
a4:69:e9:8e:60:6c:aa:1e:42:b8:6d:f1:7f:84:6f:88:f9:53:
a4:91:87:13:be:17:b3:b8:2b:aa:05:8e:3c:88:9a:68:84:33:
6b:1f:fc:75
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY+Bey7iGfvYxDM0rZzy56PNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwNTE2MTI1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk4YzM3ZmRlN2JmYzE1ZTUyZDhkNWU2N2ViM2M5YzA3ODJhMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdikBs71UyJsg0QafLPJcZPBEF3/
SAq3WATBQX7mFGmB4ZqlL9aAsgP5rtUVy0vkzt7NhoFHB+/3M/KYgBAhK7aX7Ymc
Wrtd3tQEU/+dwgfpz5LgbZ0JW6feH7fcB6ywExUKZq+acuVdfSAS99xbFJC29UAq
UPy8P7J5/ANMuESophBqG3STW3BAfnOOOibaJqVyBAO4P3sF0ZM7EjrIHBjvkqq2
Q+9VYCuTwayNre2jUk42hHkvVzPtfnw6qVvu5ZHpWI6vXiQyIomm7p+jtgcX6aT8
halAmEoctJBYd/NzgRTUSg2BVAJOjwNpbsGkxTBKaXFt6QY2PvQExQniuQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAyYw3/ee/wV5S2NXmfrPJwHgqIXMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvREpqRGY5NTdfQlhsTFkxZVotczhuQWVDb2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAn06MbcZcHfpt
QS+k2MLINp9E/Nrm/C6fmlJTDd9sEfTXC8zb8ftt1roTHeZXG8oflV6BRQ5yDgOu
c5oFYE9aFbSHD+eJVUoibgV/8gelVH5qsS0OSvOPEnGoMR1U8PN0A+J4btBKplhg
PYzh1BuZ/I5vJTCf8tMKJjqWCwUDXgTrzd642uCXHOwXGgnA99HmFEtyncOA3S1+
B9qy7V2bhiT59G3gvJFgg/ixb8yBJkBx68VSsin0xDJCwDM9xQwqqF+zAJP+wdlX
D9RKmnNzvSqMZHaz/t01pGnpjmBsqh5CuG3xf4RviPlTpJGHE74Xs7grqgWOPIia
aIQzax/8dQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:57:53 2025 by rpki-client