Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/caFQaQFQGanT2nXq3QNpQ-OZa7I.roa
File: caFQaQFQGanT2nXq3QNpQ-OZa7I.roa (raw, json)
Hash identifier: dkK48x+WRdXKxHhXLBpFHPXzSp434M1KAqcEF6VOPec=
Subject key identifier: 71:A1:50:69:01:50:19:A9:D3:DA:75:EA:DD:03:69:43:E3:99:6B:B2
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01910CDB4EA370B76C78CBC8D4228431F7FD
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/caFQaQFQGanT2nXq3QNpQ-OZa7I.roa
Signing time: Thu 01 Aug 2024 07:33:04 +0000
ROA not before: Thu 01 Aug 2024 07:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 45.136.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0c:db:4e:a3:70:b7:6c:78:cb:c8:d4:22:84:31:f7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Aug 1 07:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a15069015019a9d3da75eadd036943e3996bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:40:94:6f:14:f1:ee:85:9a:d6:ea:c6:4f:
fd:e9:82:6e:b9:17:24:64:e2:bf:5b:8f:75:89:7c:
48:00:f3:a3:c6:53:69:a3:9f:a7:1a:13:50:ad:d5:
c7:ea:8a:f6:d5:ae:b0:35:1c:ed:ea:ba:ca:ca:0f:
02:fd:01:20:02:94:98:d2:b0:34:4b:1c:74:8a:51:
6c:e5:d0:38:8b:e8:6b:ac:de:42:ca:75:2e:40:58:
40:3a:34:bf:cb:8b:e3:8d:b0:af:ba:4d:8a:94:40:
52:05:16:dc:b0:3b:d5:64:fd:7e:ca:48:6e:2b:3d:
d4:4a:31:73:05:ed:af:82:24:1c:28:19:c8:1b:c9:
b2:f3:44:d9:21:e4:35:f8:a5:ab:79:a6:7c:b5:59:
95:6e:e0:cd:ff:b3:8d:a3:3c:df:e3:02:b0:59:1a:
5f:68:b7:59:8f:45:34:cf:bd:01:71:88:43:9c:36:
3f:d6:cb:e7:8e:12:85:2f:ec:b9:3b:0c:19:e6:19:
19:ce:34:ed:6a:c1:84:9d:d2:4c:20:00:26:c1:02:
57:68:38:9d:cd:e6:f7:82:41:5a:28:89:7e:40:20:
3b:5d:5b:59:cf:40:8d:6f:5d:46:3f:47:8f:af:de:
d6:25:3c:b9:94:2a:83:f1:d5:ac:e2:10:15:39:00:
09:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A1:50:69:01:50:19:A9:D3:DA:75:EA:DD:03:69:43:E3:99:6B:B2
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/caFQaQFQGanT2nXq3QNpQ-OZa7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.7.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:7f:dc:b7:ed:e6:9f:48:1e:fb:19:1f:09:67:48:10:01:69:
9e:cc:c4:59:ed:86:de:24:fc:95:83:ca:3b:4f:5f:cd:af:e8:
d6:48:70:d3:25:b7:31:14:d2:b0:35:7e:d4:52:8e:23:21:bd:
02:d5:8e:0e:d7:14:1e:df:92:ec:cc:78:3d:6b:87:30:16:14:
27:05:87:2d:52:e3:94:9e:b5:43:d7:67:82:ff:13:dd:51:d2:
99:f4:3c:fe:dc:2a:0a:b2:4c:22:aa:44:e1:fe:af:8b:f1:ab:
07:4e:2c:79:77:d1:69:ee:4e:84:61:d7:cc:c6:43:5d:9b:6e:
c3:71:9f:4d:d6:cb:40:06:3d:3f:13:ed:ed:35:19:52:87:0b:
49:2e:e0:83:af:51:80:c0:d2:43:92:b5:db:5d:f6:0c:1e:a6:
32:99:db:cb:22:c2:62:c9:19:05:19:dc:82:85:ac:b5:7a:b2:
e6:2e:23:14:cf:3d:8d:30:f5:2b:32:ea:53:ee:6f:72:bf:17:
73:6a:47:dc:74:93:9a:9a:47:e2:ed:b8:35:88:87:a4:57:5a:
6e:be:20:23:fc:98:65:91:02:da:86:7d:d8:29:a9:96:43:f8:
a9:be:49:7f:29:5b:de:51:3f:92:68:64:57:c4:32:43:61:ac:
db:93:9a:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEM206jcLdseMvI1CKEMff9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwODAxMDczMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWExNTA2OTAxNTAxOWE5ZDNkYTc1ZWFkZDAzNjk0M2UzOTk2YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIVAlG8U8e6Fmtbqxk/96YJuuRck
ZOK/W491iXxIAPOjxlNpo5+nGhNQrdXH6or21a6wNRzt6rrKyg8C/QEgApSY0rA0
Sxx0ilFs5dA4i+hrrN5CynUuQFhAOjS/y4vjjbCvuk2KlEBSBRbcsDvVZP1+ykhu
Kz3USjFzBe2vgiQcKBnIG8my80TZIeQ1+KWreaZ8tVmVbuDN/7ONozzf4wKwWRpf
aLdZj0U0z70BcYhDnDY/1svnjhKFL+y5OwwZ5hkZzjTtasGEndJMIAAmwQJXaDid
zeb3gkFaKIl+QCA7XVtZz0CNb11GP0ePr97WJTy5lCqD8dWs4hAVOQAJdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGhUGkBUBmp09p16t0DaUPjmWuyMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvY2FGUWFRRlFHYW5UMm5YcTNRTnBRLU9aYTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYgHMA0G
CSqGSIb3DQEBCwUAA4IBAQAPf9y37eafSB77GR8JZ0gQAWmezMRZ7YbeJPyVg8o7
T1/Nr+jWSHDTJbcxFNKwNX7UUo4jIb0C1Y4O1xQe35LszHg9a4cwFhQnBYctUuOU
nrVD12eC/xPdUdKZ9Dz+3CoKskwiqkTh/q+L8asHTix5d9Fp7k6EYdfMxkNdm27D
cZ9N1stABj0/E+3tNRlShwtJLuCDr1GAwNJDkrXbXfYMHqYymdvLIsJiyRkFGdyC
hay1erLmLiMUzz2NMPUrMupT7m9yvxdzakfcdJOamkfi7bg1iIekV1puviAj/Jhl
kQLahn3YKamWQ/ipvkl/KVveUT+SaGRXxDJDYazbk5qy
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:25 2025 by rpki-client