Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/HbnKTU_rg-pIemi27kHxC8P5HeY.roa
File: HbnKTU_rg-pIemi27kHxC8P5HeY.roa (raw, json)
Hash identifier: g5MEaKXZBJoeL23urXmxPSrSGgH9TWQJ7qWLO5ZJR6s=
Subject key identifier: 1D:B9:CA:4D:4F:EB:83:EA:48:7A:68:B6:EE:41:F1:0B:C3:F9:1D:E6
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0192923DBA56D2C8A5D80E2F5398A713B219
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/HbnKTU_rg-pIemi27kHxC8P5HeY.roa
Signing time: Tue 15 Oct 2024 22:12:51 +0000
ROA not before: Tue 15 Oct 2024 22:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Oct 2024 23:27:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:92:3d:ba:56:d2:c8:a5:d8:0e:2f:53:98:a7:13:b2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 15 22:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db9ca4d4feb83ea487a68b6ee41f10bc3f91de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:12:e8:f8:6e:fd:8b:28:1c:b9:45:b5:88:
57:ae:a6:ca:b4:e5:40:e1:33:cf:ba:c0:78:a2:3d:
20:0a:7d:c2:4f:c5:4b:3e:23:7b:8a:ee:29:9b:81:
7e:0f:ab:a8:e1:53:7c:fd:72:ad:17:f5:93:3c:13:
93:3c:9f:7b:5d:a3:dc:22:b1:fc:f8:71:fa:6a:a9:
76:33:87:61:de:8a:56:02:dc:ba:71:66:6d:fa:92:
64:44:f9:2c:71:a7:b0:4d:7e:f6:a5:25:ea:ac:87:
f9:4c:00:e6:a1:a8:63:ed:ea:a7:89:71:92:e0:fe:
dd:64:8b:d7:13:bd:0b:20:f1:64:c1:0d:f5:f9:2d:
5f:ba:da:46:c6:d2:61:83:16:e1:16:ff:24:33:63:
8a:62:f7:43:92:12:3d:1e:1f:79:2d:9d:ed:73:42:
68:84:34:76:c9:ee:2c:37:95:a1:9a:2c:67:8a:b0:
d1:6e:8b:94:fd:16:fe:2c:e8:28:57:6e:ae:34:09:
18:fc:87:b4:b9:96:04:11:7b:ec:b4:57:f0:6b:e1:
f7:23:9e:d2:55:27:b2:52:ea:42:52:3f:61:9f:f5:
0c:b3:44:52:a1:bb:a3:71:dd:5b:3c:b1:88:a0:a2:
31:66:03:f0:9d:c7:5a:4e:fd:c1:a0:60:6d:13:c7:
e5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B9:CA:4D:4F:EB:83:EA:48:7A:68:B6:EE:41:F1:0B:C3:F9:1D:E6
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/HbnKTU_rg-pIemi27kHxC8P5HeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
5d:f1:d9:51:a8:01:54:13:9f:af:f9:f5:49:6d:7d:89:4d:cd:
a4:dd:3f:e9:86:dd:ec:28:e3:38:9e:a6:af:24:95:9b:83:fd:
c6:e1:5a:02:8a:3d:55:74:63:ed:2a:4e:ec:df:d0:90:04:74:
fc:b4:68:fd:90:ed:91:63:ac:42:40:ba:76:bf:47:f9:31:59:
0b:f5:b1:b0:c7:64:b0:74:ca:57:13:2c:15:a0:90:25:6f:08:
ad:5f:80:fe:3f:fa:97:f2:f6:c7:de:21:ad:24:74:b5:bc:35:
f6:a3:b5:56:9a:99:6c:2a:d7:e5:6d:05:dc:71:b3:ac:52:11:
9f:0a:af:86:e4:d6:54:fc:49:94:82:09:14:9a:da:69:0f:ee:
0e:64:b6:74:ed:44:0d:ad:37:52:d2:0c:3b:58:db:27:bb:4b:
19:11:8a:84:cf:51:74:e6:8c:90:4a:a0:79:0b:de:3e:39:e2:
6a:e7:98:a3:03:2c:a5:f6:67:ea:b2:c7:7e:07:5c:da:ba:5d:
a8:ba:bf:d2:a5:5a:d4:60:9f:9e:8e:84:8d:fe:02:cb:b2:ed:
c9:2a:88:a0:32:40:25:21:47:ab:e0:47:4b:2b:0d:b2:cb:b9:
61:f7:1f:88:c3:b4:67:72:10:a2:9d:61:f3:93:e8:fb:74:c5:
3e:5b:ee:f7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKSPbpW0sil2A4vU5inE7IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE1MjIxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI5Y2E0ZDRmZWI4M2VhNDg3YTY4YjZlZTQxZjEwYmMzZjkxZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gsS6Phu/YsoHLlFtYhXrqbKtOVA
4TPPusB4oj0gCn3CT8VLPiN7iu4pm4F+D6uo4VN8/XKtF/WTPBOTPJ97XaPcIrH8
+HH6aql2M4dh3opWAty6cWZt+pJkRPkscaewTX72pSXqrIf5TADmoahj7eqniXGS
4P7dZIvXE70LIPFkwQ31+S1futpGxtJhgxbhFv8kM2OKYvdDkhI9Hh95LZ3tc0Jo
hDR2ye4sN5WhmixnirDRbouU/Rb+LOgoV26uNAkY/Ie0uZYEEXvstFfwa+H3I57S
VSeyUupCUj9hn/UMs0RSobujcd1bPLGIoKIxZgPwncdaTv3BoGBtE8flqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB25yk1P64PqSHpotu5B8QvD+R3mMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvSGJuS1RVX3JnLXBJZW1pMjdrSHhDOFA1SGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEAXfHZUagBVBOf
r/n1SW19iU3NpN0/6Ybd7CjjOJ6mrySVm4P9xuFaAoo9VXRj7SpO7N/QkAR0/LRo
/ZDtkWOsQkC6dr9H+TFZC/WxsMdksHTKVxMsFaCQJW8IrV+A/j/6l/L2x94hrSR0
tbw19qO1VpqZbCrX5W0F3HGzrFIRnwqvhuTWVPxJlIIJFJraaQ/uDmS2dO1EDa03
UtIMO1jbJ7tLGRGKhM9RdOaMkEqgeQvePjniaueYowMspfZn6rLHfgdc2rpdqLq/
0qVa1GCfno6Ejf4Cy7LtySqIoDJAJSFHq+BHSysNssu5YfcfiMO0Z3IQop1h85Po
+3TFPlvu9w==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:58:49 2025 by rpki-client