Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/uG9hb9mAAqqZXLGh-6w9X2Bflt8.roa
File: uG9hb9mAAqqZXLGh-6w9X2Bflt8.roa (raw, json)
Hash identifier: aaaAyI3EHAlYW4q4JYz8Z1lPxAgL9ogA3QNMnOie9Lw=
Subject key identifier: B8:6F:61:6F:D9:80:02:AA:99:5C:B1:A1:FB:AC:3D:5F:60:5F:96:DF
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01927B23E30DF77EF8BC29E52E2543BD1E73
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/uG9hb9mAAqqZXLGh-6w9X2Bflt8.roa
Signing time: Fri 11 Oct 2024 10:33:22 +0000
ROA not before: Fri 11 Oct 2024 10:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Oct 2024 16:35:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:23:e3:0d:f7:7e:f8:bc:29:e5:2e:25:43:bd:1e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 11 10:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b86f616fd98002aa995cb1a1fbac3d5f605f96df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0e:f7:d9:11:0c:ed:59:36:3c:92:d4:80:8c:
88:21:69:fd:af:04:a2:a5:58:d2:06:44:91:66:59:
45:e6:c3:ff:81:b5:2d:4f:6d:45:75:bd:bf:f9:9d:
68:d3:57:46:f0:f6:7a:87:34:3f:1b:b4:15:a0:4f:
08:17:79:ee:c0:03:41:41:0b:80:c2:6a:96:26:97:
11:bc:3a:78:bc:72:8b:cf:69:16:a7:90:cf:ef:e2:
42:9e:ea:40:fb:07:67:9c:4d:e5:66:22:bf:32:35:
ab:2d:be:49:2f:70:a1:bd:69:aa:7b:9e:58:39:e3:
09:7d:a6:5c:38:e4:60:71:59:ab:dc:3b:16:19:d5:
ea:36:39:17:cf:1a:94:58:f5:10:2e:3a:a2:df:e3:
dc:41:58:77:22:78:74:25:52:70:5b:c5:ef:cb:d1:
f6:81:2c:5a:06:e3:71:7c:ef:6d:c6:ed:27:a1:a7:
a3:9a:3e:d0:de:6b:8a:d8:39:6c:a5:9e:44:70:b6:
fe:a2:25:79:2c:3b:ee:24:01:fb:8b:8b:bf:6f:1c:
a5:d1:3c:d5:1d:6a:55:7b:5e:1c:ad:cc:16:64:66:
58:41:dd:c1:a4:af:53:7c:a6:09:80:b6:23:18:0d:
45:df:8a:62:3f:e0:83:96:9d:b4:eb:ab:0d:f9:d3:
06:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6F:61:6F:D9:80:02:AA:99:5C:B1:A1:FB:AC:3D:5F:60:5F:96:DF
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/uG9hb9mAAqqZXLGh-6w9X2Bflt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
9b:c0:44:9b:a4:b6:29:84:32:37:fb:05:aa:62:61:9a:4b:e7:
c9:c3:fe:94:89:7c:89:10:42:25:95:20:07:42:21:8c:3f:39:
b3:3d:6b:99:c4:d2:9b:8f:fd:35:a9:bc:32:16:e6:6a:b6:62:
5e:63:f7:a3:76:67:4d:ea:ed:09:2d:66:52:c9:41:91:b4:a6:
f9:7b:52:71:2b:69:97:32:c4:ab:94:c3:08:e9:b4:02:82:96:
80:3f:a9:bc:ed:b2:59:7b:6e:be:30:a7:19:d2:41:2a:85:42:
02:f1:53:75:8c:cd:d6:d8:77:7d:e8:84:5e:db:bf:33:e7:4c:
1b:6a:2e:75:9a:4e:52:36:1d:92:dd:39:23:d7:89:72:82:b6:
c7:d0:39:20:0a:bf:c5:42:13:fe:09:29:af:76:2b:f6:37:c3:
63:2d:2c:16:14:03:64:85:bd:71:1c:4a:bc:64:05:2b:18:bd:
2d:27:fc:0f:bf:c0:a2:85:eb:a0:41:ba:98:40:61:ac:68:87:
93:94:15:8f:68:47:a2:57:0c:95:69:bb:c8:1b:b0:9c:37:8e:
af:d3:b0:ef:26:49:8a:75:63:6f:33:01:45:10:06:6a:b6:e1:
7c:ea:a9:73:2e:d6:f0:48:40:e0:cb:5f:06:ef:f5:ab:66:38:
af:e4:78:60
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJ7I+MN9374vCnlLiVDvR5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDExMTAzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZmNjE2ZmQ5ODAwMmFhOTk1Y2IxYTFmYmFjM2Q1ZjYwNWY5NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA732REM7Vk2PJLUgIyIIWn9rwSi
pVjSBkSRZllF5sP/gbUtT21Fdb2/+Z1o01dG8PZ6hzQ/G7QVoE8IF3nuwANBQQuA
wmqWJpcRvDp4vHKLz2kWp5DP7+JCnupA+wdnnE3lZiK/MjWrLb5JL3ChvWmqe55Y
OeMJfaZcOORgcVmr3DsWGdXqNjkXzxqUWPUQLjqi3+PcQVh3Inh0JVJwW8Xvy9H2
gSxaBuNxfO9txu0noaejmj7Q3muK2DlspZ5EcLb+oiV5LDvuJAH7i4u/bxyl0TzV
HWpVe14crcwWZGZYQd3BpK9TfKYJgLYjGA1F34piP+CDlp2066sN+dMGIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLhvYW/ZgAKqmVyxofusPV9gX5bfMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvdUc5aGI5bUFBcXFaWExHaC02dzlYMkJmbHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAm8BEm6S2KYQy
N/sFqmJhmkvnycP+lIl8iRBCJZUgB0IhjD85sz1rmcTSm4/9Nam8MhbmarZiXmP3
o3ZnTertCS1mUslBkbSm+XtScStplzLEq5TDCOm0AoKWgD+pvO2yWXtuvjCnGdJB
KoVCAvFTdYzN1th3feiEXtu/M+dMG2oudZpOUjYdkt05I9eJcoK2x9A5IAq/xUIT
/gkpr3Yr9jfDYy0sFhQDZIW9cRxKvGQFKxi9LSf8D7/AooXroEG6mEBhrGiHk5QV
j2hHolcMlWm7yBuwnDeOr9Ow7yZJinVjbzMBRRAGarbhfOqpcy7W8EhA4MtfBu/1
q2Y4r+R4YA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:57:54 2025 by rpki-client