Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/_4YWGMsRs38J3wjf__grZzvB5a4.roa
File: _4YWGMsRs38J3wjf__grZzvB5a4.roa (raw, json)
Hash identifier: HxaRxqntEdiYs3WGFPBltlZFtkthei46y+jIedt5Fwk=
Subject key identifier: FF:86:16:18:CB:11:B3:7F:09:DF:08:DF:FF:F8:2B:67:3B:C1:E5:AE
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019291F9103C5D59F66A43DE56CD4F32ECAC
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/_4YWGMsRs38J3wjf__grZzvB5a4.roa
Signing time: Tue 15 Oct 2024 20:57:51 +0000
ROA not before: Tue 15 Oct 2024 20:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Oct 2024 22:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:f9:10:3c:5d:59:f6:6a:43:de:56:cd:4f:32:ec:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 15 20:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff861618cb11b37f09df08dffff82b673bc1e5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:e9:ab:79:b8:96:d8:e5:8a:fa:e3:65:67:73:
eb:be:00:fe:a6:97:0d:3d:3b:c4:30:66:7b:8d:fb:
1e:a7:e8:3c:c2:40:f8:2e:40:73:28:ac:af:c2:1a:
4d:df:61:ba:48:a5:35:4a:5c:8a:92:1c:44:eb:fe:
00:d7:d7:4e:f0:12:05:3a:a5:76:cd:b0:61:39:8c:
e2:cd:12:fd:90:09:f6:99:6b:ef:21:36:dd:cb:de:
5e:f0:44:16:31:46:75:42:d9:4c:06:0f:28:89:d9:
cb:05:73:68:8b:7e:3b:5a:39:e6:e6:42:9d:e1:94:
6f:2f:24:88:63:20:04:e3:90:fa:91:68:f6:11:fe:
e2:ed:00:f6:75:fa:8c:c8:1d:e5:31:44:fb:fa:3b:
47:a6:8e:a4:81:4b:bb:bd:52:f8:90:cf:80:72:90:
9e:d3:55:56:01:5b:e5:a0:85:4a:10:63:03:29:b3:
5f:5d:bf:49:c2:52:a6:4d:5e:22:31:ba:6c:a8:68:
ba:6d:d5:01:78:6c:b5:d3:7e:8e:d3:ad:0c:32:72:
be:2d:53:3d:ca:c0:e0:ec:64:13:ae:ab:4d:f7:52:
ba:d4:73:64:d5:ee:f2:e6:d3:2a:97:05:44:98:a1:
5b:ef:a5:4b:8b:da:f4:ef:c8:2c:58:e1:e5:80:9a:
9e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:86:16:18:CB:11:B3:7F:09:DF:08:DF:FF:F8:2B:67:3B:C1:E5:AE
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/_4YWGMsRs38J3wjf__grZzvB5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
0f:97:e7:49:5e:d5:b8:f6:ae:72:6a:73:52:cc:b8:a7:0f:d7:
f8:22:14:e6:5c:7b:de:d7:ac:0d:9e:cf:25:7f:38:7d:ce:8d:
c6:ae:e4:28:1f:cf:0c:d0:95:d7:6e:ca:e6:1e:63:b5:e8:2f:
ad:38:c4:8b:8b:52:e7:d5:33:99:a6:fe:37:2f:04:88:d1:a2:
88:a5:c6:63:a0:be:7d:04:98:61:df:24:76:14:c8:08:1b:03:
11:0a:38:c5:66:61:20:e9:4e:e3:06:e7:48:a3:60:4a:7e:04:
b4:b9:b3:24:89:9c:d0:b6:ec:35:0e:da:35:28:21:a6:10:e5:
f0:11:13:24:58:15:bd:97:f2:32:56:fa:64:d7:e9:16:76:c8:
8f:a5:c5:49:dc:b1:85:a2:72:b0:42:1d:a7:d6:1d:48:ab:5f:
6e:8f:ac:27:e6:31:37:8f:0d:b9:04:86:37:93:d0:c2:e7:23:
e6:ca:7e:11:a1:e3:a1:a0:15:6e:f9:7c:87:df:2e:5a:fb:94:
9f:a0:0f:1a:f7:fb:00:e2:e8:8f:b2:fb:3e:33:06:41:0c:79:
80:94:f7:4f:24:8e:8b:6d:8f:af:df:33:18:0b:47:62:ca:d9:
b8:d0:ff:06:68:9f:fe:d8:7b:8e:74:93:c4:67:21:8e:4f:8e:
22:38:ca:ca
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKR+RA8XVn2akPeVs1PMuysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE1MjA1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg2MTYxOGNiMTFiMzdmMDlkZjA4ZGZmZmY4MmI2NzNiYzFlNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OmrebiW2OWK+uNlZ3PrvgD+ppcN
PTvEMGZ7jfsep+g8wkD4LkBzKKyvwhpN32G6SKU1SlyKkhxE6/4A19dO8BIFOqV2
zbBhOYzizRL9kAn2mWvvITbdy95e8EQWMUZ1QtlMBg8oidnLBXNoi347Wjnm5kKd
4ZRvLySIYyAE45D6kWj2Ef7i7QD2dfqMyB3lMUT7+jtHpo6kgUu7vVL4kM+AcpCe
01VWAVvloIVKEGMDKbNfXb9JwlKmTV4iMbpsqGi6bdUBeGy1036O060MMnK+LVM9
ysDg7GQTrqtN91K61HNk1e7y5tMqlwVEmKFb76VLi9r078gsWOHlgJqeywIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP+GFhjLEbN/Cd8I3//4K2c7weWuMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvXzRZV0dNc1JzMzhKM3dqZl9fZ3JaenZCNWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAD5fnSV7VuPau
cmpzUsy4pw/X+CIU5lx73tesDZ7PJX84fc6Nxq7kKB/PDNCV127K5h5jtegvrTjE
i4tS59Uzmab+Ny8EiNGiiKXGY6C+fQSYYd8kdhTICBsDEQo4xWZhIOlO4wbnSKNg
Sn4EtLmzJImc0LbsNQ7aNSghphDl8BETJFgVvZfyMlb6ZNfpFnbIj6XFSdyxhaJy
sEIdp9YdSKtfbo+sJ+YxN48NuQSGN5PQwucj5sp+EaHjoaAVbvl8h98uWvuUn6AP
Gvf7AOLoj7L7PjMGQQx5gJT3TySOi22Pr98zGAtHYsrZuND/Bmif/th7jnSTxGch
jk+OIjjKyg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:54:39 2025 by rpki-client