Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rDKXFa1Srj1zPzMUdsR6idu61Ok.roa
File: rDKXFa1Srj1zPzMUdsR6idu61Ok.roa (raw, json)
Hash identifier: k246zF4N9ibn50pMZkySCPSmj8BhASOR3qpbPnFmwnE=
Subject key identifier: AC:32:97:15:AD:52:AE:3D:73:3F:33:14:76:C4:7A:89:DB:BA:D4:E9
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01938C94EAFEE2C562A3D530942C8E218BB0
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rDKXFa1Srj1zPzMUdsR6idu61Ok.roa
Signing time: Tue 03 Dec 2024 12:53:09 +0000
ROA not before: Tue 03 Dec 2024 12:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:94:ea:fe:e2:c5:62:a3:d5:30:94:2c:8e:21:8b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Dec 3 12:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac329715ad52ae3d733f331476c47a89dbbad4e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f1:ba:f8:c7:7c:6c:75:e3:34:fc:8d:2b:3a:
f7:6b:dd:87:73:73:86:22:a3:ae:2e:7e:43:8d:b4:
f1:d7:a6:7c:33:a0:92:37:95:6f:84:c1:b2:25:64:
b0:c6:bc:b8:49:51:05:01:f7:da:46:2f:cd:11:05:
7a:29:7a:29:92:6b:84:73:e3:5e:df:8d:d0:de:9d:
d0:e5:29:55:73:fd:c9:42:02:6f:e4:d5:c1:4a:9b:
2a:1e:d4:23:e5:31:1c:67:b4:54:ae:33:fb:b7:9e:
bd:f6:6a:ba:3b:c9:92:bc:b7:e3:40:a9:84:5b:bb:
5f:e1:f8:ff:85:94:3b:bf:94:fc:4b:1c:3f:64:1e:
2a:49:d1:95:0c:c8:f3:29:bb:e1:7d:0e:9f:28:d7:
83:31:f4:ef:39:86:56:76:c2:fe:47:11:f4:94:82:
05:6f:9c:13:26:5a:72:9f:11:9c:a3:68:9e:f6:00:
26:50:8b:f1:64:04:be:bf:36:b2:41:b7:ec:00:db:
61:08:1b:2e:98:3a:08:e7:a5:a7:00:3c:82:09:96:
b7:4c:18:ef:72:48:63:b2:a7:5e:b8:eb:55:ab:6e:
99:27:03:ff:73:14:9d:d2:dd:af:7a:b9:0b:92:c3:
94:7b:f8:dc:a5:2a:5f:a9:5a:5b:d1:84:8c:1c:66:
ba:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:32:97:15:AD:52:AE:3D:73:3F:33:14:76:C4:7A:89:DB:BA:D4:E9
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rDKXFa1Srj1zPzMUdsR6idu61Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
44:f0:4c:4a:77:35:e3:b4:67:de:78:62:39:cb:72:f8:d1:65:
38:77:f6:19:8a:9c:00:af:d6:7e:54:de:99:97:a9:48:97:e2:
fc:62:e1:f3:2a:de:0b:e5:b0:d1:bd:c5:af:77:d6:b0:53:fa:
80:e9:22:80:8e:26:33:ee:cd:5f:e7:62:fa:1e:52:14:08:d1:
7f:d3:eb:81:12:a5:dd:59:49:a9:b8:1e:38:56:89:44:47:36:
0d:20:30:db:03:2f:13:2f:8e:a9:a8:a5:81:c1:b8:ff:55:b7:
1d:87:0a:dc:94:4c:95:3e:06:9d:29:9c:95:43:8b:9e:6f:27:
a4:56:09:ab:d5:2a:33:1f:54:e2:97:3a:45:24:6d:2d:07:cd:
a8:7e:66:6a:79:7f:7a:62:1e:75:41:78:53:e5:d8:84:65:09:
9f:a0:4d:b7:92:5a:5c:da:2f:63:24:e1:6c:2a:2e:6a:90:a5:
e5:71:3a:09:87:ad:be:c3:94:14:d8:6f:68:c8:70:7c:a9:e7:
b5:8d:c8:fd:85:3e:9f:a4:68:60:88:d3:79:d5:81:1c:7d:82:
e4:66:89:49:0f:e3:36:c2:d0:f7:3a:91:b0:38:31:96:e1:98:
a4:69:44:4e:8e:73:bc:19:45:a9:25:62:7c:1f:9f:5e:5d:6e:
4d:b9:41:fe
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZOMlOr+4sVio9UwlCyOIYuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMjAzMTI1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzMyOTcxNWFkNTJhZTNkNzMzZjMzMTQ3NmM0N2E4OWRiYmFkNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vG6+Md8bHXjNPyNKzr3a92Hc3OG
IqOuLn5DjbTx16Z8M6CSN5VvhMGyJWSwxry4SVEFAffaRi/NEQV6KXopkmuEc+Ne
343Q3p3Q5SlVc/3JQgJv5NXBSpsqHtQj5TEcZ7RUrjP7t5699mq6O8mSvLfjQKmE
W7tf4fj/hZQ7v5T8Sxw/ZB4qSdGVDMjzKbvhfQ6fKNeDMfTvOYZWdsL+RxH0lIIF
b5wTJlpynxGco2ie9gAmUIvxZAS+vzayQbfsANthCBsumDoI56WnADyCCZa3TBjv
ckhjsqdeuOtVq26ZJwP/cxSd0t2verkLksOUe/jcpSpfqVpb0YSMHGa68wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKwylxWtUq49cz8zFHbEeonbutTpMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvckRLWEZhMVNyajF6UHpNVWRzUjZpZHU2MU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEARPBMSnc147Rn
3nhiOcty+NFlOHf2GYqcAK/WflTemZepSJfi/GLh8yreC+Ww0b3Fr3fWsFP6gOki
gI4mM+7NX+di+h5SFAjRf9PrgRKl3VlJqbgeOFaJREc2DSAw2wMvEy+OqailgcG4
/1W3HYcK3JRMlT4GnSmclUOLnm8npFYJq9UqMx9U4pc6RSRtLQfNqH5manl/emIe
dUF4U+XYhGUJn6BNt5JaXNovYyThbCouapCl5XE6CYetvsOUFNhvaMhwfKnntY3I
/YU+n6RoYIjTedWBHH2C5GaJSQ/jNsLQ9zqRsDgxluGYpGlETo5zvBlFqSVifB+f
Xl1uTblB/g==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:00 2025 by rpki-client