Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vYNJ2BkmOFNhOXN9fJmLu59xn1E.roa
File: vYNJ2BkmOFNhOXN9fJmLu59xn1E.roa (raw, json)
Hash identifier: ZZyoA0PlndXw3A3F2oe4jsXXdco/YFLv+5jrn+/7O1o=
Subject key identifier: BD:83:49:D8:19:26:38:53:61:39:73:7D:7C:99:8B:BB:9F:71:9F:51
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01929575B420C3706056EA7461A0118C358F
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vYNJ2BkmOFNhOXN9fJmLu59xn1E.roa
Signing time: Wed 16 Oct 2024 13:12:51 +0000
ROA not before: Wed 16 Oct 2024 13:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 14:27:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:75:b4:20:c3:70:60:56:ea:74:61:a0:11:8c:35:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 16 13:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd8349d8192638536139737d7c998bbb9f719f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:2c:41:19:73:dd:47:cf:cd:e2:ba:72:6b:
c3:80:16:6c:c6:2d:1e:f6:30:9b:a5:5f:a2:ab:eb:
34:d8:db:65:09:2f:2f:98:9b:ec:ff:7d:e5:05:45:
6e:28:a3:74:2d:34:67:11:42:20:f3:a0:89:60:65:
42:34:d2:ac:23:4d:04:5b:d2:17:4a:64:be:34:0b:
f9:cc:1d:88:bd:30:70:bb:a3:e2:94:8e:33:8e:0f:
37:85:d8:6c:6b:69:38:13:c8:6c:71:2b:06:52:d9:
c6:eb:ed:73:cd:86:97:8c:f7:70:67:b8:4b:30:d3:
af:df:3b:cf:45:c3:75:ed:c0:d2:53:00:09:ab:4f:
58:0d:eb:46:a9:84:b5:43:86:84:d7:6c:5c:ff:74:
5b:d4:53:5c:38:8b:40:99:8d:6b:d3:6a:47:e6:aa:
89:52:ee:71:15:64:bb:2d:63:e3:58:a5:d6:13:00:
30:6e:1e:d9:10:53:32:88:7e:29:9c:e7:da:2e:4e:
69:66:55:82:67:11:f7:62:fa:d3:82:3a:19:30:fb:
e5:2f:44:51:5f:e3:35:2b:ad:cb:92:22:7e:52:a7:
be:c9:c3:1c:af:25:60:ea:1c:fc:87:b0:2e:ad:5d:
12:ef:8d:37:70:53:06:04:05:8c:95:11:d6:b5:58:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:83:49:D8:19:26:38:53:61:39:73:7D:7C:99:8B:BB:9F:71:9F:51
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/vYNJ2BkmOFNhOXN9fJmLu59xn1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd03::/32
Signature Algorithm: sha256WithRSAEncryption
b1:c3:70:19:d7:43:40:cb:0b:34:64:5a:92:40:6d:bd:8c:bd:
db:4e:e9:70:be:5b:94:b7:25:98:97:1c:f6:35:2d:49:52:f8:
01:d3:39:35:37:83:5c:88:b1:74:1f:a6:2b:1e:32:03:01:21:
47:f5:ae:a7:49:63:8f:77:cd:f0:8d:2b:2e:95:93:44:19:b2:
28:0d:c2:d6:e7:0c:19:7d:fd:b0:75:63:e5:d0:c2:ef:d4:ae:
86:eb:f3:5a:6b:e2:9d:ae:9f:1b:55:c5:84:3f:49:d6:55:98:
3e:11:ab:a6:49:df:d5:e2:4e:41:27:ea:10:04:3c:73:cf:1b:
f5:ab:82:1a:29:d4:78:75:1c:09:8a:c2:ad:cd:c6:4b:95:e8:
4c:88:79:81:0f:0b:ba:ee:76:e6:3e:6b:a8:0f:39:c0:a6:9f:
2e:53:05:c1:c0:b9:0f:09:25:32:83:d3:43:80:71:f9:03:63:
c3:71:2d:0a:26:22:9a:7d:2e:37:52:b0:40:d8:28:4f:5e:17:
58:05:11:05:da:da:07:f8:b1:9e:5c:fa:70:32:c1:21:a0:0e:
bb:e1:77:f4:3a:c1:eb:f0:14:1c:64:55:82:a9:04:b4:dd:31:
a6:b7:7e:98:11:bd:1b:a5:e5:23:b6:a0:21:34:93:0d:9e:33:
3d:d9:07:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKVdbQgw3BgVup0YaARjDWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MTMxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDgzNDlkODE5MjYzODUzNjEzOTczN2Q3Yzk5OGJiYjlmNzE5ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PosQRlz3UfPzeK6cmvDgBZsxi0e
9jCbpV+iq+s02NtlCS8vmJvs/33lBUVuKKN0LTRnEUIg86CJYGVCNNKsI00EW9IX
SmS+NAv5zB2IvTBwu6PilI4zjg83hdhsa2k4E8hscSsGUtnG6+1zzYaXjPdwZ7hL
MNOv3zvPRcN17cDSUwAJq09YDetGqYS1Q4aE12xc/3Rb1FNcOItAmY1r02pH5qqJ
Uu5xFWS7LWPjWKXWEwAwbh7ZEFMyiH4pnOfaLk5pZlWCZxH3YvrTgjoZMPvlL0RR
X+M1K63LkiJ+Uqe+ycMcryVg6hz8h7AurV0S7403cFMGBAWMlRHWtVgSEwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFL2DSdgZJjhTYTlzfXyZi7ufcZ9RMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvdllOSjJCa21PRk5oT1hOOWZKbUx1NTl4bjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9AzANBgkqhkiG9w0BAQsFAAOCAQEAscNwGddDQMsL
NGRakkBtvYy9207pcL5blLclmJcc9jUtSVL4AdM5NTeDXIixdB+mKx4yAwEhR/Wu
p0ljj3fN8I0rLpWTRBmyKA3C1ucMGX39sHVj5dDC79SuhuvzWmvina6fG1XFhD9J
1lWYPhGrpknf1eJOQSfqEAQ8c88b9auCGinUeHUcCYrCrc3GS5XoTIh5gQ8Luu52
5j5rqA85wKafLlMFwcC5DwklMoPTQ4Bx+QNjw3EtCiYimn0uN1KwQNgoT14XWAUR
BdraB/ixnlz6cDLBIaAOu+F39DrB6/AUHGRVgqkEtN0xprd+mBG9G6XlI7agITST
DZ4zPdkHeA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:58:58 2025 by rpki-client