Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vTkg5v0JmbJdVn0OVrpZ2PCHg3Q.roa
File: vTkg5v0JmbJdVn0OVrpZ2PCHg3Q.roa (raw, json)
Hash identifier: yeAp5KvREx/U7TYGwiV/YnmEuIQ9guIgfn5+UFjumVU=
Subject key identifier: BD:39:20:E6:FD:09:99:B2:5D:56:7D:0E:56:BA:59:D8:F0:87:83:74
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018CC6B88EE62EBB3C01FE3669A219732D6C
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vTkg5v0JmbJdVn0OVrpZ2PCHg3Q.roa
Signing time: Mon 01 Jan 2024 20:30:33 +0000
ROA not before: Mon 01 Jan 2024 20:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 32
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 28 Jan 2024 17:28:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:8e:e6:2e:bb:3c:01:fe:36:69:a2:19:73:2d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 1 20:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd3920e6fd0999b25d567d0e56ba59d8f0878374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:99:25:94:d9:45:23:86:d7:38:d6:a7:80:fd:
16:2f:78:8a:e5:9b:1e:77:39:66:c2:c8:de:c3:13:
19:c7:a8:ab:b2:ee:43:d3:28:2c:ad:65:44:5c:48:
bb:fb:2f:b1:58:b1:17:ea:32:26:03:36:9e:33:f5:
2f:a7:3d:ba:92:15:c9:3f:86:fd:f4:08:9a:79:b8:
b5:71:44:b7:a5:c8:40:e3:fe:be:b4:e6:c5:00:b0:
e8:19:9e:18:16:39:25:39:45:3e:90:3f:3d:54:51:
0e:7e:d3:87:0d:3f:bf:63:97:04:f7:31:08:6e:f9:
ca:b0:46:e3:07:64:d8:26:98:ac:7c:63:01:f6:48:
c9:09:ce:ed:28:52:71:39:90:53:67:3a:ce:86:16:
7d:b9:d5:58:8d:d3:c2:6c:e4:9f:bc:b2:73:8c:2f:
a0:15:e0:ae:f9:ab:32:e5:b8:25:00:f1:23:d0:1d:
00:35:ed:ba:0c:a0:db:a9:c7:a4:f4:c8:91:6c:41:
16:86:18:b6:47:58:18:80:a3:31:e6:0d:c6:08:0f:
16:f5:e4:e1:fe:de:ce:42:78:32:43:6d:42:b6:53:
0b:02:c7:8e:29:e5:98:9d:09:36:e7:db:8f:7f:18:
f4:1f:5d:4c:71:f2:69:8d:3d:1e:20:bd:1e:0f:bb:
31:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:39:20:E6:FD:09:99:B2:5D:56:7D:0E:56:BA:59:D8:F0:87:83:74
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vTkg5v0JmbJdVn0OVrpZ2PCHg3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
0b:ba:c8:a4:c9:d4:21:ac:b5:95:ba:d0:40:a4:8a:1c:a8:2d:
c1:2f:ca:a6:e1:ae:ed:a2:ff:5b:96:c8:4f:8d:84:e4:cb:6f:
fa:7e:aa:b1:7a:e7:53:cf:31:d4:30:2a:77:04:58:86:5f:63:
93:5c:1c:21:fc:df:a1:8c:16:c4:91:0d:1c:5c:27:d8:46:c4:
5a:ca:45:9f:24:d4:fc:91:5c:9f:42:8b:fb:37:2b:c5:b8:49:
01:38:72:3f:e9:b1:0a:7c:88:20:5f:f6:36:3d:b7:3c:3e:73:
d8:c2:52:ea:d4:c1:8e:af:85:7c:c5:25:53:46:3b:44:e8:04:
64:f1:46:e9:87:01:0a:a0:35:6a:7d:dc:93:67:08:cf:a2:12:
33:33:16:88:e6:cc:36:91:47:81:7b:fa:1a:20:2f:73:ad:2b:
e0:3c:e2:f1:6f:24:06:d4:b7:ed:ef:59:89:49:77:ff:d2:55:
78:97:e8:84:1e:b8:5b:19:db:15:e2:29:f6:e0:46:05:4d:4c:
c9:ce:35:51:c8:92:7f:44:87:00:e2:b5:d5:49:d9:a3:aa:33:
48:92:08:96:5f:18:f3:0b:db:3c:84:05:7c:69:39:ea:0a:a3:
dd:4b:74:3c:cb:a5:af:a8:5c:bd:db:d6:5b:20:95:ce:b8:13:
4f:c2:cd:32
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGuI7mLrs8Af42aaIZcy1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwMTAxMjAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM5MjBlNmZkMDk5OWIyNWQ1NjdkMGU1NmJhNTlkOGYwODc4Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypkllNlFI4bXONangP0WL3iK5Zse
dzlmwsjewxMZx6irsu5D0ygsrWVEXEi7+y+xWLEX6jImAzaeM/Uvpz26khXJP4b9
9Aiaebi1cUS3pchA4/6+tObFALDoGZ4YFjklOUU+kD89VFEOftOHDT+/Y5cE9zEI
bvnKsEbjB2TYJpisfGMB9kjJCc7tKFJxOZBTZzrOhhZ9udVYjdPCbOSfvLJzjC+g
FeCu+asy5bglAPEj0B0ANe26DKDbqcek9MiRbEEWhhi2R1gYgKMx5g3GCA8W9eTh
/t7OQngyQ21CtlMLAseOKeWYnQk259uPfxj0H11McfJpjT0eIL0eD7sxlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFL05IOb9CZmyXVZ9Dla6Wdjwh4N0MB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvdlRrZzV2MEptYkpkVm4wT1ZycFoyUENIZzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAC7rIpMnUIay1
lbrQQKSKHKgtwS/KpuGu7aL/W5bIT42E5Mtv+n6qsXrnU88x1DAqdwRYhl9jk1wc
IfzfoYwWxJENHFwn2EbEWspFnyTU/JFcn0KL+zcrxbhJAThyP+mxCnyIIF/2Nj23
PD5z2MJS6tTBjq+FfMUlU0Y7ROgEZPFG6YcBCqA1an3ck2cIz6ISMzMWiObMNpFH
gXv6GiAvc60r4Dzi8W8kBtS37e9ZiUl3/9JVeJfohB64WxnbFeIp9uBGBU1Myc41
UciSf0SHAOK11UnZo6ozSJIIll8Y8wvbPIQFfGk56gqj3Ut0PMulr6hcvdvWWyCV
zrgTT8LNMg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:09 2025 by rpki-client