Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/aQ4SpUzb5N7zW9vjIw5rAE2uwNs.roa
File: aQ4SpUzb5N7zW9vjIw5rAE2uwNs.roa (raw, json)
Hash identifier: Nt4p5KhqIcylW/sECoER+mZrXPxF4dv8aGeE+toCm1M=
Subject key identifier: 69:0E:12:A5:4C:DB:E4:DE:F3:5B:DB:E3:23:0E:6B:00:4D:AE:C0:DB
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0193FD6ADBF07A7681115986E1B2491257E9
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/aQ4SpUzb5N7zW9vjIw5rAE2uwNs.roa
Signing time: Wed 25 Dec 2024 10:44:18 +0000
ROA not before: Wed 25 Dec 2024 10:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.140.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:6a:db:f0:7a:76:81:11:59:86:e1:b2:49:12:57:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Dec 25 10:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=690e12a54cdbe4def35bdbe3230e6b004daec0db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cb:28:b1:c3:9d:77:7c:38:be:bb:20:9c:72:
19:44:bd:3d:19:19:53:3a:63:ab:b9:db:b8:32:ed:
a1:a2:e1:7a:24:e4:41:27:50:69:b5:45:7f:78:45:
c3:e1:4c:3d:26:f4:aa:2c:79:51:37:77:24:65:65:
85:4a:d5:21:77:3b:d5:75:c4:12:fb:5c:5c:93:91:
3c:01:58:bb:64:6c:9a:7d:0d:80:4f:99:c8:29:72:
45:1f:0a:74:e6:28:50:c6:6f:26:b6:95:37:70:f9:
93:f9:25:0f:55:7c:e1:4e:bd:a2:9b:7e:bf:7f:ec:
b6:10:85:5f:ae:ac:ed:ac:4e:45:65:fa:61:90:a6:
e4:12:95:33:89:57:d7:c4:90:ef:85:7a:38:91:0d:
34:5b:29:af:7e:9f:64:72:11:9c:c3:93:24:8a:ae:
6a:83:12:d9:68:ab:e9:bb:3e:70:ea:ed:85:62:72:
1a:e9:c8:87:aa:cd:39:ca:f6:ce:72:81:98:fe:35:
e8:7a:03:74:63:6a:4e:0f:e3:04:06:fb:2c:f3:d9:
24:3a:13:1b:ba:90:55:36:5e:88:8a:0a:a7:6e:7b:
af:88:d6:1d:37:80:76:22:2c:06:64:f5:55:06:fa:
8d:3f:fe:f3:f6:c2:a8:06:0e:9d:bd:a1:b9:82:90:
78:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0E:12:A5:4C:DB:E4:DE:F3:5B:DB:E3:23:0E:6B:00:4D:AE:C0:DB
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/aQ4SpUzb5N7zW9vjIw5rAE2uwNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.58.0/24
Signature Algorithm: sha256WithRSAEncryption
95:1c:a4:11:92:b2:51:3c:19:bc:d3:e6:65:1e:ee:34:ed:60:
55:ab:32:4d:ef:6e:33:06:01:32:1d:6b:f5:29:3e:0e:c6:90:
d4:2d:f8:9f:3c:6e:69:69:f5:c9:ba:2d:f6:6b:11:23:a1:19:
96:d6:37:b7:2d:68:f5:86:ac:31:02:70:12:1c:01:0a:d0:fb:
04:f9:fe:e6:45:1d:f9:54:bb:40:f6:10:7b:bc:42:1e:42:bb:
46:7f:44:b1:76:3f:72:72:a4:91:5d:82:1b:a9:1e:03:97:a6:
52:b5:c9:b5:54:df:7c:dc:11:a5:37:dc:12:ef:2b:ae:25:2b:
05:60:b7:e3:29:97:88:5e:38:36:23:e9:ca:b8:24:4e:73:21:
62:05:04:c7:b2:3f:ff:4f:c0:a1:23:d2:85:41:2a:59:b4:cc:
c7:b5:5d:ed:52:9f:d3:41:56:70:b0:ee:69:25:e1:3b:03:cd:
35:a9:23:b6:cd:46:89:89:40:f9:a5:73:7c:09:65:f9:ce:f4:
15:fd:c0:4f:58:33:60:c5:b7:de:1e:ae:43:81:6f:c9:2e:f1:
f7:67:bb:88:14:ca:35:6c:31:c4:da:02:27:e9:08:d0:f8:ba:
a6:4c:ca:ea:91:82:1b:f1:36:f9:ba:85:de:08:04:a5:a1:ed:
0b:58:66:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP9atvwenaBEVmG4bJJElfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQxMjI1MTA0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBlMTJhNTRjZGJlNGRlZjM1YmRiZTMyMzBlNmIwMDRkYWVjMGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMsoscOdd3w4vrsgnHIZRL09GRlT
OmOrudu4Mu2houF6JORBJ1BptUV/eEXD4Uw9JvSqLHlRN3ckZWWFStUhdzvVdcQS
+1xck5E8AVi7ZGyafQ2AT5nIKXJFHwp05ihQxm8mtpU3cPmT+SUPVXzhTr2im36/
f+y2EIVfrqztrE5FZfphkKbkEpUziVfXxJDvhXo4kQ00Wymvfp9kchGcw5Mkiq5q
gxLZaKvpuz5w6u2FYnIa6ciHqs05yvbOcoGY/jXoegN0Y2pOD+MEBvss89kkOhMb
upBVNl6IigqnbnuviNYdN4B2IiwGZPVVBvqNP/7z9sKoBg6dvaG5gpB4NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkOEqVM2+Te81vb4yMOawBNrsDbMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvYVE0U3BVemI1Tjd6Vzl2akl3NXJBRTJ1d05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYw6MA0G
CSqGSIb3DQEBCwUAA4IBAQCVHKQRkrJRPBm80+ZlHu407WBVqzJN724zBgEyHWv1
KT4OxpDULfifPG5pafXJui32axEjoRmW1je3LWj1hqwxAnASHAEK0PsE+f7mRR35
VLtA9hB7vEIeQrtGf0Sxdj9ycqSRXYIbqR4Dl6ZStcm1VN983BGlN9wS7yuuJSsF
YLfjKZeIXjg2I+nKuCROcyFiBQTHsj//T8ChI9KFQSpZtMzHtV3tUp/TQVZwsO5p
JeE7A801qSO2zUaJiUD5pXN8CWX5zvQV/cBPWDNgxbfeHq5DgW/JLvH3Z7uIFMo1
bDHE2gIn6QjQ+LqmTMrqkYIb8Tb5uoXeCASloe0LWGZm
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:49:09 2025 by rpki-client