Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/xpMQk5xRsSIqmJG0GVqJicfjvMk.roa
File: xpMQk5xRsSIqmJG0GVqJicfjvMk.roa (raw, json)
Hash identifier: CWnXMsbY53ZPUdnmkfBJmkr/7aIJRsDKZklewIivFPc=
Subject key identifier: C6:93:10:93:9C:51:B1:22:2A:98:91:B4:19:5A:89:89:C7:E3:BC:C9
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 019297E09A4D668B27FA5C47193299520224
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/xpMQk5xRsSIqmJG0GVqJicfjvMk.roa
Signing time: Thu 17 Oct 2024 00:28:52 +0000
ROA not before: Thu 17 Oct 2024 00:28:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
45.129.224.0/23 maxlen: 23
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 48
2a0f:fd03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 01:43:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:e0:9a:4d:66:8b:27:fa:5c:47:19:32:99:52:02:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 17 00:28:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c69310939c51b1222a9891b4195a8989c7e3bcc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ac:4d:e1:27:d9:84:e5:97:4b:8e:6c:f7:fa:
65:e9:31:1c:c3:d7:f2:7b:7c:46:5a:70:62:09:d7:
c3:26:43:2f:00:f0:27:d8:0e:27:67:7e:c7:c1:c6:
cf:0b:53:ae:c1:2b:6a:a7:d4:83:61:a2:df:52:14:
56:e2:c8:e8:7b:42:39:97:0c:6f:f8:c7:5e:d0:9d:
bf:ee:4c:49:15:5f:3e:7b:36:b1:89:db:8b:e7:70:
28:c6:d1:9c:b7:4e:e4:63:22:bf:f4:5d:23:af:f2:
5c:ed:24:4e:87:d6:2e:f2:a3:4a:e9:39:41:01:76:
73:f8:35:31:28:c4:a9:65:ec:36:3a:65:58:21:a4:
2b:50:42:28:a0:14:59:c0:ad:96:3e:fe:fe:71:f7:
ac:4d:5c:3e:9d:44:83:9c:28:98:30:34:0e:83:d8:
6e:77:5e:05:d6:ab:a3:aa:8a:ee:9e:c2:05:60:23:
0a:c4:15:22:f9:10:dd:f1:d1:db:62:01:4b:f5:90:
13:84:21:a0:fa:d8:d9:d8:94:52:fa:99:d8:fa:73:
e6:98:d7:7d:3a:be:87:43:46:e3:b2:3f:6a:da:da:
d7:b2:3a:1e:16:cc:d8:00:ce:5d:43:3c:c7:f2:b7:
c9:cf:fb:0f:fe:7d:36:97:e8:3b:45:fc:ae:bd:a3:
ca:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:93:10:93:9C:51:B1:22:2A:98:91:B4:19:5A:89:89:C7:E3:BC:C9
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/xpMQk5xRsSIqmJG0GVqJicfjvMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:f9:49:9d:cb:e7:92:03:ed:ab:bc:87:c1:0b:5f:21:41:13:
7d:1b:b7:33:4d:07:34:0e:d2:da:53:8f:ee:44:56:77:a0:3b:
0f:5a:73:8b:64:f5:32:00:e8:57:ad:5d:4f:1a:85:a5:14:87:
91:21:31:53:ae:89:1c:d0:a3:82:f5:78:c9:9e:e5:d9:34:1c:
2e:f2:6a:40:a4:7d:a3:04:13:7e:18:4f:44:e0:ec:f7:ce:64:
80:f1:3a:64:11:ba:55:52:e8:1a:09:bc:46:3c:ff:04:b4:b3:
14:c0:92:02:d0:ac:7a:66:6c:70:ba:32:7e:22:56:b0:b5:11:
db:22:ab:76:9e:22:7c:5f:93:c0:d1:da:42:16:b5:16:2c:07:
18:10:9f:51:2f:e3:2c:b6:68:55:49:47:47:8a:a3:0f:ef:f1:
2b:a9:17:f5:f0:ce:6e:a2:6e:29:17:bf:86:c7:7e:ce:c8:21:
d7:12:3e:3e:aa:e5:20:bb:2c:a8:90:bb:ec:8f:95:31:30:8f:
be:fb:59:30:be:fb:f6:be:bf:56:ea:cb:da:63:aa:60:bd:d7:
e8:3c:bc:03:d2:13:88:19:17:f2:ea:dd:3f:12:9e:4a:8a:5e:
0f:7d:c5:c7:eb:02:32:37:b7:45:d1:75:8e:be:35:9f:dd:6d:
04:b3:ec:85
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKX4JpNZosn+lxHGTKZUgIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE3MDAyODUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjkzMTA5MzljNTFiMTIyMmE5ODkxYjQxOTVhODk4OWM3ZTNiY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56xN4SfZhOWXS45s9/pl6TEcw9fy
e3xGWnBiCdfDJkMvAPAn2A4nZ37HwcbPC1OuwStqp9SDYaLfUhRW4sjoe0I5lwxv
+Mde0J2/7kxJFV8+ezaxiduL53AoxtGct07kYyK/9F0jr/Jc7SROh9Yu8qNK6TlB
AXZz+DUxKMSpZew2OmVYIaQrUEIooBRZwK2WPv7+cfesTVw+nUSDnCiYMDQOg9hu
d14F1qujqorunsIFYCMKxBUi+RDd8dHbYgFL9ZAThCGg+tjZ2JRS+pnY+nPmmNd9
Or6HQ0bjsj9q2trXsjoeFszYAM5dQzzH8rfJz/sP/n02l+g7RfyuvaPK3wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMaTEJOcUbEiKpiRtBlaiYnH47zJMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEveHBNUWs1eFJzU0lxbUpHMEdWcUppY2Zqdk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAHPlJncvnkgPt
q7yHwQtfIUETfRu3M00HNA7S2lOP7kRWd6A7D1pzi2T1MgDoV61dTxqFpRSHkSEx
U66JHNCjgvV4yZ7l2TQcLvJqQKR9owQTfhhPRODs985kgPE6ZBG6VVLoGgm8Rjz/
BLSzFMCSAtCsemZscLoyfiJWsLUR2yKrdp4ifF+TwNHaQha1FiwHGBCfUS/jLLZo
VUlHR4qjD+/xK6kX9fDObqJuKRe/hsd+zsgh1xI+PqrlILssqJC77I+VMTCPvvtZ
ML779r6/VurL2mOqYL3X6Dy8A9ITiBkX8urdPxKeSopeD33Fx+sCMje3RdF1jr41
n91tBLPshQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:01 2025 by rpki-client