Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dN2YWg1IGf-eFt6xx6iR6n3Leq4.roa
File: dN2YWg1IGf-eFt6xx6iR6n3Leq4.roa (raw, json)
Hash identifier: +RQrvt1ylvKHtYgWiLQFzhWmvd8pDNMW3Ld+q2bkDNs=
Subject key identifier: 74:DD:98:5A:0D:48:19:FF:9E:16:DE:B1:C7:A8:91:EA:7D:CB:7A:AE
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0192979B047C4A9CAFD54471E336B6A5597A
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dN2YWg1IGf-eFt6xx6iR6n3Leq4.roa
Signing time: Wed 16 Oct 2024 23:12:51 +0000
ROA not before: Wed 16 Oct 2024 23:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 00:28:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:9b:04:7c:4a:9c:af:d5:44:71:e3:36:b6:a5:59:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 23:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74dd985a0d4819ff9e16deb1c7a891ea7dcb7aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:28:de:ed:7d:2b:d9:c8:11:db:72:1e:be:e6:
ca:f7:3f:ff:d2:c8:93:8b:93:25:6c:8d:33:a2:e1:
8d:34:1a:fe:a8:8b:f5:6d:49:b4:6e:e5:dd:02:53:
c4:9b:f4:be:50:ea:aa:c7:16:a7:d4:da:d2:08:90:
b1:4e:c4:ca:c1:ae:bb:ed:23:76:3e:15:90:99:53:
01:98:25:ea:57:89:c9:19:8d:45:b6:52:f2:ce:9b:
15:10:d3:6b:fd:aa:24:51:69:37:06:e9:4a:80:4b:
36:5c:73:bd:59:2d:0d:13:82:35:bb:3d:c8:85:3f:
c2:f3:bf:55:53:62:79:91:18:dd:7d:eb:3a:32:21:
af:b2:e3:f0:c7:a6:d6:16:0c:ff:0e:a2:59:92:b3:
86:30:f7:97:73:0c:6a:32:b0:af:7a:11:fb:b2:c5:
55:5d:a5:31:b1:f4:b4:ca:75:59:f4:6b:2f:22:67:
48:4f:0b:2d:91:ee:cd:75:83:de:98:44:fa:6f:26:
ec:e6:b7:22:4b:e1:f3:df:95:8e:00:17:54:b6:16:
9e:92:fd:9f:d2:a2:8b:d0:aa:81:d1:c0:3b:f5:ea:
c1:e9:1d:f9:e7:06:97:bc:0b:6b:ba:56:95:fc:95:
d7:f0:b2:92:7f:38:bb:d3:79:27:6d:32:0a:8e:af:
39:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:DD:98:5A:0D:48:19:FF:9E:16:DE:B1:C7:A8:91:EA:7D:CB:7A:AE
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dN2YWg1IGf-eFt6xx6iR6n3Leq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
46:26:a2:9b:b2:5e:b5:e1:a3:34:10:58:1e:96:24:1e:67:a0:
ae:55:c3:d4:3a:b6:db:66:8f:bc:e2:d4:21:6d:33:8b:6a:32:
40:d8:ab:df:4b:72:ae:7f:96:ed:7f:fd:01:79:9e:2b:76:15:
91:45:a9:79:16:fa:1e:19:b5:28:29:54:8d:a2:ae:36:0d:e8:
93:e7:15:99:da:37:8d:cd:98:32:0c:60:e0:bc:4a:57:2b:32:
3b:88:5d:47:06:32:e8:a8:3e:a8:ab:56:85:8d:9c:17:7a:ea:
21:4f:59:d2:de:b9:b1:0b:e2:98:c7:44:15:d5:8c:f4:90:06:
fd:8a:f5:67:44:0b:2f:ba:60:88:4f:5d:67:6f:2d:eb:1e:40:
65:59:55:cc:9f:02:1d:c2:80:3e:c0:9c:31:8e:12:7f:c5:1f:
3a:40:8c:fd:f6:71:36:03:46:9e:db:a2:41:2a:cd:cf:27:87:
1d:59:a7:85:b0:41:b0:9f:ff:8d:a4:6d:05:5b:9c:cf:c4:34:
dd:8f:43:76:4e:77:cd:75:70:ff:f1:a0:05:b5:3f:a1:cb:3e:
7f:07:ee:cf:4c:0f:e7:b4:cc:73:5d:90:52:28:3a:fa:7d:77:
d0:6f:0f:a2:46:0b:e7:75:b5:f0:7c:b6:02:27:82:d5:75:26:
25:12:1c:89
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKXmwR8Spyv1URx4za2pVl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MjMxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGRkOTg1YTBkNDgxOWZmOWUxNmRlYjFjN2E4OTFlYTdkY2I3YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Cje7X0r2cgR23IevubK9z//0siT
i5MlbI0zouGNNBr+qIv1bUm0buXdAlPEm/S+UOqqxxan1NrSCJCxTsTKwa677SN2
PhWQmVMBmCXqV4nJGY1FtlLyzpsVENNr/aokUWk3BulKgEs2XHO9WS0NE4I1uz3I
hT/C879VU2J5kRjdfes6MiGvsuPwx6bWFgz/DqJZkrOGMPeXcwxqMrCvehH7ssVV
XaUxsfS0ynVZ9GsvImdITwstke7NdYPemET6bybs5rciS+Hz35WOABdUthaekv2f
0qKL0KqB0cA79erB6R355waXvAtrulaV/JXX8LKSfzi703knbTIKjq85bwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHTdmFoNSBn/nhbesceokep9y3quMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvZE4yWVdnMUlHZi1lRnQ2eHg2aVI2bjNMZXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEARiaim7JeteGj
NBBYHpYkHmegrlXD1Dq222aPvOLUIW0zi2oyQNir30tyrn+W7X/9AXmeK3YVkUWp
eRb6Hhm1KClUjaKuNg3ok+cVmdo3jc2YMgxg4LxKVysyO4hdRwYy6Kg+qKtWhY2c
F3rqIU9Z0t65sQvimMdEFdWM9JAG/Yr1Z0QLL7pgiE9dZ28t6x5AZVlVzJ8CHcKA
PsCcMY4Sf8UfOkCM/fZxNgNGntuiQSrNzyeHHVmnhbBBsJ//jaRtBVucz8Q03Y9D
dk53zXVw//GgBbU/ocs+fwfuz0wP57TMc12QUig6+n130G8PokYL53W18Hy2AieC
1XUmJRIciQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:00:07 2025 by rpki-client