Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/PDtscWydLM5iARrrU1naiHWKwfo.roa
File: PDtscWydLM5iARrrU1naiHWKwfo.roa (raw, json)
Hash identifier: XT2yp0WhXnMSbBZCPkdojCVgTFbye+KQBCn1Ex2Yi24=
Subject key identifier: 3C:3B:6C:71:6C:9D:2C:CE:62:01:1A:EB:53:59:DA:88:75:8A:C1:FA
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019566F2D09D16546734FEAF83256D2AD418
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/PDtscWydLM5iARrrU1naiHWKwfo.roa
Signing time: Wed 05 Mar 2025 15:35:43 +0000
ROA not before: Wed 05 Mar 2025 15:35:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.135.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 19:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:f2:d0:9d:16:54:67:34:fe:af:83:25:6d:2a:d4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Mar 5 15:35:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c3b6c716c9d2cce62011aeb5359da88758ac1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:24:4b:35:46:03:b1:68:76:aa:4b:a0:af:
95:7b:04:7f:ed:f8:84:bd:62:f1:6b:b4:26:82:fd:
3c:20:0c:2c:e2:86:ca:26:31:f0:53:64:f2:b4:6d:
2c:44:9b:6e:a4:c5:f4:e6:7b:59:f7:20:af:9e:78:
ea:56:66:80:b4:28:29:f8:54:93:39:52:0a:7a:fd:
ee:cc:3a:dc:20:b3:29:04:c5:dc:40:1f:a2:61:be:
69:c0:f9:27:76:d4:56:77:ce:55:45:26:77:00:4e:
31:73:ce:ee:89:dc:6d:62:59:03:40:df:09:76:b6:
05:00:fe:49:e9:d6:9c:f9:5e:df:5e:1b:9b:73:ec:
ad:80:85:14:6c:f3:79:82:7e:52:b4:39:f6:04:2f:
28:10:93:44:48:2b:26:ca:9a:f6:37:ca:5f:b1:14:
72:2c:db:38:24:b9:f6:ac:72:ce:9a:3b:b0:09:f4:
d0:7c:27:82:82:9f:69:62:c5:3e:30:de:f3:bc:b4:
b7:61:ec:04:76:40:4c:cb:e8:71:6d:7f:c0:e5:3d:
68:77:69:ff:0d:e9:be:4a:36:02:0f:40:19:54:47:
cd:9c:41:f1:4f:3c:21:0a:31:24:5d:17:9e:11:4a:
55:b9:03:7c:d5:c2:dd:3c:ef:13:da:f1:c6:73:89:
c2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3B:6C:71:6C:9D:2C:CE:62:01:1A:EB:53:59:DA:88:75:8A:C1:FA
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/PDtscWydLM5iARrrU1naiHWKwfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.128.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a7:a8:a2:5d:b0:52:b5:9b:7a:c5:5b:fb:32:28:bd:d2:d0:
70:5a:8c:54:64:ce:2e:d3:55:dd:11:e2:a4:2f:b7:22:a6:eb:
dd:50:51:f4:d3:29:a6:71:57:09:4a:61:7d:ee:37:f7:93:a8:
7a:db:c5:35:e4:a2:c3:b1:53:21:c4:8e:34:99:ed:7e:e6:60:
d6:42:33:2e:d6:3f:e9:04:46:b0:5b:c4:34:8b:88:9e:6b:e8:
35:f6:3c:53:9a:f0:40:31:b9:59:07:77:69:ff:44:00:ca:84:
8c:f6:53:02:ce:01:db:c9:7e:c3:97:9f:85:d6:a0:01:66:04:
d6:ea:b0:b8:0a:5f:61:b1:80:a8:9f:bb:b7:fb:f2:8f:1a:71:
5b:7c:eb:27:2d:79:65:95:20:98:86:03:de:f7:d1:60:d7:10:
b1:30:4e:fa:e9:ee:16:87:8f:cb:cc:25:7b:89:3b:26:c2:f5:
8e:6d:d3:cf:ed:82:b9:d8:90:b6:ab:aa:eb:ba:15:3f:92:fc:
e6:7e:17:dc:6f:ef:08:91:18:6c:e7:05:a8:76:98:a0:0b:c1:
c5:f7:42:15:2c:8c:e1:d9:2c:64:6b:8b:4b:77:54:7f:ff:2e:
df:6f:92:1b:ae:dc:a5:69:0a:f5:59:8b:07:f1:75:aa:a2:1f:
9f:3d:37:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVm8tCdFlRnNP6vgyVtKtQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMzA1MTUzNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNiNmM3MTZjOWQyY2NlNjIwMTFhZWI1MzU5ZGE4ODc1OGFjMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBskSzVGA7FodqpLoK+VewR/7fiE
vWLxa7Qmgv08IAws4obKJjHwU2TytG0sRJtupMX05ntZ9yCvnnjqVmaAtCgp+FST
OVIKev3uzDrcILMpBMXcQB+iYb5pwPkndtRWd85VRSZ3AE4xc87uidxtYlkDQN8J
drYFAP5J6dac+V7fXhubc+ytgIUUbPN5gn5StDn2BC8oEJNESCsmypr2N8pfsRRy
LNs4JLn2rHLOmjuwCfTQfCeCgp9pYsU+MN7zvLS3YewEdkBMy+hxbX/A5T1od2n/
Dem+SjYCD0AZVEfNnEHxTzwhCjEkXReeEUpVuQN81cLdPO8T2vHGc4nCCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDw7bHFsnSzOYgEa61NZ2oh1isH6MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvUER0c2NXeWRMTTVpQVJyclUxbmFpSFdLd2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAMp6iiXbBStZt6xVv7Mii90tBwWoxUZM4u01XdEeKk
L7cipuvdUFH00ymmcVcJSmF97jf3k6h628U15KLDsVMhxI40me1+5mDWQjMu1j/p
BEawW8Q0i4iea+g19jxTmvBAMblZB3dp/0QAyoSM9lMCzgHbyX7Dl5+F1qABZgTW
6rC4Cl9hsYCon7u3+/KPGnFbfOsnLXlllSCYhgPe99Fg1xCxME766e4Wh4/LzCV7
iTsmwvWObdPP7YK52JC2q6rruhU/kvzmfhfcb+8IkRhs5wWodpigC8HF90IVLIzh
2Sxka4tLd1R//y7fb5IbrtylaQr1WYsH8XWqoh+fPTfB
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:51 2025 by rpki-client