Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/qkuPwxS-_tJjV_yxezgf8-sgHmg.roa
File: qkuPwxS-_tJjV_yxezgf8-sgHmg.roa (raw, json)
Hash identifier: KKqGUpV6Y7+m2eHCoHM70wSdi6qhXzVBAgS4Jn0tW/A=
Subject key identifier: AA:4B:8F:C3:14:BE:FE:D2:63:57:FC:B1:7B:38:1F:F3:EB:20:1E:68
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0192916FE2001DFE5946BDC79EEBF9F792D1
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/qkuPwxS-_tJjV_yxezgf8-sgHmg.roa
Signing time: Tue 15 Oct 2024 18:28:01 +0000
ROA not before: Tue 15 Oct 2024 18:28:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:42:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:6f:e2:00:1d:fe:59:46:bd:c7:9e:eb:f9:f7:92:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 15 18:28:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa4b8fc314befed26357fcb17b381ff3eb201e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4e:29:9e:1a:e2:89:6d:94:e5:79:bc:1b:90:
7a:0f:9b:37:de:72:f9:5a:15:66:fb:2d:d9:b3:c1:
ef:7e:87:61:73:b0:ba:9d:8c:7d:69:05:fd:92:86:
76:6f:97:18:c1:8e:11:ca:f2:ee:0d:e8:39:33:33:
fa:2c:18:3d:27:c9:07:16:56:4b:ef:1a:9a:2a:08:
5a:ca:1c:a5:2c:a5:20:c9:8a:da:12:c2:77:d8:46:
11:01:7d:c5:14:1f:52:50:6a:79:f2:28:45:84:b8:
ac:20:86:19:60:00:7c:99:53:97:ae:ac:12:f6:77:
2b:a0:96:6a:c2:dd:d2:aa:1c:b8:e7:05:2a:59:a0:
26:21:63:d0:be:8e:48:13:18:f5:b6:e6:1e:4a:3c:
88:ef:17:20:bc:eb:87:f3:31:3e:c8:43:11:b9:33:
76:91:00:dc:42:62:9a:af:a9:fa:f0:4b:98:4d:c7:
40:cc:a7:d7:af:0e:36:a7:84:46:4b:37:ae:cc:a7:
71:71:84:85:43:3d:22:d3:cb:3c:7f:f4:a7:68:0b:
32:a4:b2:85:a4:4b:53:80:5b:46:92:55:62:51:ee:
c5:03:62:02:6e:0f:c4:92:5e:4f:5d:9e:a7:24:db:
cb:ec:f2:cb:e5:c7:2f:92:01:6f:f9:b1:8f:32:a1:
c3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4B:8F:C3:14:BE:FE:D2:63:57:FC:B1:7B:38:1F:F3:EB:20:1E:68
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/qkuPwxS-_tJjV_yxezgf8-sgHmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
44:8c:0e:fb:fe:16:71:cf:0d:2e:5a:bf:d4:2e:60:78:e5:df:
2a:e8:cb:da:fe:ff:75:78:95:51:8c:39:1c:28:6b:83:85:f0:
16:cd:50:e4:38:c9:d9:e8:52:64:59:d8:a8:a9:67:cb:f1:c3:
89:3a:47:94:50:da:07:b9:9d:07:57:55:d1:43:19:13:58:e9:
5a:df:ee:9c:77:5c:ee:82:61:81:bf:9b:fb:c5:6a:f5:2c:72:
f5:93:de:a3:cd:2f:c3:ef:23:bd:b2:df:db:00:10:ee:f7:ad:
19:f6:f7:34:b5:01:6c:64:f4:ed:59:d9:19:eb:e2:87:46:ac:
ac:63:d7:50:9e:2a:2d:db:ec:d1:59:3c:dc:c6:46:90:b4:83:
a1:45:ef:e8:51:bc:09:94:14:40:08:2a:0d:ea:d6:82:08:35:
99:45:d1:b4:97:67:04:da:d9:e1:36:55:e3:5d:33:11:af:8d:
e1:ba:aa:ea:fd:7b:b3:0e:d7:b1:fc:33:bd:c4:8f:2e:0d:2b:
00:b3:35:6b:a8:c7:69:38:c9:13:1c:f0:2b:d9:d2:fe:47:c2:
6d:89:0c:47:ab:df:9c:98:76:b5:88:77:ab:84:82:b7:54:d7:
9f:60:80:33:2d:77:3d:42:7b:47:ba:fb:92:30:5b:2d:59:e5:
9e:2d:88:84
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKRb+IAHf5ZRr3Hnuv595LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE1MTgyODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRiOGZjMzE0YmVmZWQyNjM1N2ZjYjE3YjM4MWZmM2ViMjAxZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E4pnhriiW2U5Xm8G5B6D5s33nL5
WhVm+y3Zs8Hvfodhc7C6nYx9aQX9koZ2b5cYwY4RyvLuDeg5MzP6LBg9J8kHFlZL
7xqaKghayhylLKUgyYraEsJ32EYRAX3FFB9SUGp58ihFhLisIIYZYAB8mVOXrqwS
9ncroJZqwt3Sqhy45wUqWaAmIWPQvo5IExj1tuYeSjyI7xcgvOuH8zE+yEMRuTN2
kQDcQmKar6n68EuYTcdAzKfXrw42p4RGSzeuzKdxcYSFQz0i08s8f/SnaAsypLKF
pEtTgFtGklViUe7FA2ICbg/Ekl5PXZ6nJNvL7PLL5ccvkgFv+bGPMqHDcQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKpLj8MUvv7SY1f8sXs4H/PrIB5oMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvcWt1UHd4Uy1fdEpqVl95eGV6Z2Y4LXNnSG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEARIwO+/4Wcc8N
Llq/1C5geOXfKujL2v7/dXiVUYw5HChrg4XwFs1Q5DjJ2ehSZFnYqKlny/HDiTpH
lFDaB7mdB1dV0UMZE1jpWt/unHdc7oJhgb+b+8Vq9Sxy9ZPeo80vw+8jvbLf2wAQ
7vetGfb3NLUBbGT07VnZGevih0asrGPXUJ4qLdvs0Vk83MZGkLSDoUXv6FG8CZQU
QAgqDerWggg1mUXRtJdnBNrZ4TZV410zEa+N4bqq6v17sw7XsfwzvcSPLg0rALM1
a6jHaTjJExzwK9nS/kfCbYkMR6vfnJh2tYh3q4SCt1TXn2CAMy13PUJ7R7r7kjBb
LVnlni2IhA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:06 2025 by rpki-client