Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dnSqc6LzLilG98krt3yJkLX1t0Q.roa
File: dnSqc6LzLilG98krt3yJkLX1t0Q.roa (raw, json)
Hash identifier: PM/oqi+EgrUDUPqyIpWMEeKFs4dgtmnergbX6N4L6GI=
Subject key identifier: 76:74:AA:73:A2:F3:2E:29:46:F7:C9:2B:B7:7C:89:90:B5:F5:B7:44
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018D56EAB81A4A5C0621EBF7581F72A03368
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dnSqc6LzLilG98krt3yJkLX1t0Q.roa
Signing time: Mon 29 Jan 2024 20:30:39 +0000
ROA not before: Mon 29 Jan 2024 20:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd00:cafe::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 10:15:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:ea:b8:1a:4a:5c:06:21:eb:f7:58:1f:72:a0:33:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 29 20:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7674aa73a2f32e2946f7c92bb77c8990b5f5b744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:c2:2e:9e:60:52:f4:ff:ee:31:e4:55:35:
31:58:9b:c6:a8:20:ae:92:dc:59:20:79:c0:45:91:
1d:34:35:fa:68:ee:e8:ec:a4:00:9c:bd:ad:48:88:
46:92:54:2c:88:a2:4f:f6:a4:f6:43:f7:aa:62:15:
45:a9:ad:97:fb:70:3b:9e:de:18:f5:84:0b:11:21:
d4:43:0e:0b:dc:88:60:0f:8a:a0:03:c3:7e:5e:d7:
64:3c:35:3c:c3:a7:92:6d:77:7f:d9:99:59:62:0a:
ec:d8:4b:9a:33:9f:38:c2:fd:59:46:6f:14:7a:12:
3b:4b:e4:35:22:dc:80:cd:cc:28:b9:27:6d:a2:fa:
f4:fd:f2:33:7a:d6:71:64:c3:ae:94:0a:ed:99:79:
0c:94:61:a0:12:7e:35:b6:80:43:0a:be:2c:86:b6:
90:21:4a:0e:86:c5:02:95:56:5e:7c:9a:53:eb:73:
f4:9a:d1:b1:88:2f:44:99:f3:e1:7f:81:b4:04:b9:
04:bf:dc:79:6e:e4:e4:1e:e4:46:45:c4:ca:2e:69:
96:12:1d:2b:cf:96:f4:f8:3a:f1:a4:c7:5e:b5:e4:
a1:09:a0:52:d3:bb:6e:34:d4:0a:63:b9:69:97:84:
05:d4:e2:36:10:f8:47:26:54:ae:43:05:8c:23:f4:
13:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:74:AA:73:A2:F3:2E:29:46:F7:C9:2B:B7:7C:89:90:B5:F5:B7:44
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/dnSqc6LzLilG98krt3yJkLX1t0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:e8:4a:40:1e:9a:04:d5:15:5d:b6:9b:8b:60:4c:ef:6f:ec:
c5:21:b2:4c:2a:65:28:ee:cb:66:24:3b:9e:dd:9e:c8:f1:0b:
03:7d:a1:71:d5:aa:56:f2:87:64:d3:ef:3f:21:d8:e9:9f:7b:
2b:a4:24:88:d5:44:39:18:c2:50:c8:d9:3e:69:e7:3c:3c:cb:
98:ba:09:3f:f9:8e:2b:ee:73:8f:cf:d8:d2:12:ff:a5:f8:0f:
87:04:76:0a:a6:7a:90:9f:c4:c8:cf:2a:67:4c:53:6b:02:b5:
28:d7:69:42:9c:09:fa:77:43:93:2e:ca:9e:17:cf:f6:e3:00:
97:34:57:d4:a2:de:10:cf:09:1b:62:40:a1:e2:0f:41:10:ec:
d9:a1:77:6a:a2:51:e2:57:4b:b6:20:8f:eb:b5:a3:dc:46:8a:
fd:28:c4:21:16:f6:e6:a1:ea:ba:60:5c:78:1e:cd:f0:77:bb:
74:5a:32:d0:dd:89:86:54:b1:ad:ea:b2:5e:2a:0b:f0:bf:09:
11:b8:f8:30:22:fb:68:4e:20:1f:08:52:47:1b:39:84:f2:3b:
a3:f9:ae:4f:e2:b2:41:ae:cd:30:11:8a:f8:49:7f:7d:6b:44:
26:36:c0:43:af:23:fb:3a:75:30:98:bd:8a:08:12:31:7c:a5:
7c:29:16:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY1W6rgaSlwGIev3WB9yoDNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwMTI5MjAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc0YWE3M2EyZjMyZTI5NDZmN2M5MmJiNzdjODk5MGI1ZjViNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCrCLp5gUvT/7jHkVTUxWJvGqCCu
ktxZIHnARZEdNDX6aO7o7KQAnL2tSIhGklQsiKJP9qT2Q/eqYhVFqa2X+3A7nt4Y
9YQLESHUQw4L3IhgD4qgA8N+XtdkPDU8w6eSbXd/2ZlZYgrs2EuaM584wv1ZRm8U
ehI7S+Q1ItyAzcwouSdtovr0/fIzetZxZMOulArtmXkMlGGgEn41toBDCr4shraQ
IUoOhsUClVZefJpT63P0mtGxiC9EmfPhf4G0BLkEv9x5buTkHuRGRcTKLmmWEh0r
z5b0+DrxpMdeteShCaBS07tuNNQKY7lpl4QF1OI2EPhHJlSuQwWMI/QTrQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHZ0qnOi8y4pRvfJK7d8iZC19bdEMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvZG5TcWM2THpMaWxHOThrcnQzeUprTFgxdDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEApOhKQB6aBNUV
Xbabi2BM72/sxSGyTCplKO7LZiQ7nt2eyPELA32hcdWqVvKHZNPvPyHY6Z97K6Qk
iNVEORjCUMjZPmnnPDzLmLoJP/mOK+5zj8/Y0hL/pfgPhwR2CqZ6kJ/EyM8qZ0xT
awK1KNdpQpwJ+ndDky7KnhfP9uMAlzRX1KLeEM8JG2JAoeIPQRDs2aF3aqJR4ldL
tiCP67Wj3EaK/SjEIRb25qHqumBceB7N8He7dFoy0N2JhlSxreqyXioL8L8JEbj4
MCL7aE4gHwhSRxs5hPI7o/muT+KyQa7NMBGK+El/fWtEJjbAQ68j+zp1MJi9iggS
MXylfCkWwA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:05:21 2025 by rpki-client