Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/DQ19szoE9qoA_YXemfEVJb9M780.roa
File: DQ19szoE9qoA_YXemfEVJb9M780.roa (raw, json)
Hash identifier: F8Stvp5KT6PPd1cmhK9VwHqdUC28MCZBEggWM7khpJQ=
Subject key identifier: 0D:0D:7D:B3:3A:04:F6:AA:00:FD:85:DE:99:F1:15:25:BF:4C:EF:CD
Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Certificate serial: 018CC348A6477BD249926BECD14D86988110
Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/DQ19szoE9qoA_YXemfEVJb9M780.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207910
IP address blocks: 45.67.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a6:47:7b:d2:49:92:6b:ec:d1:4d:86:98:81:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d0d7db33a04f6aa00fd85de99f11525bf4cefcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:44:78:b6:ae:3c:15:bf:1e:4e:1b:32:47:
da:e9:cb:dc:d2:d5:71:c7:3b:79:db:d2:c9:8b:01:
ce:fb:a6:ea:a1:11:11:c7:90:f5:00:d8:90:64:b1:
d1:23:53:e4:f5:af:40:44:4a:17:14:23:c6:f8:fa:
65:09:82:22:8b:fd:8b:a7:2e:0f:63:de:67:b9:19:
8d:ca:90:1c:31:99:b2:20:a7:02:c1:0c:12:2d:9e:
20:97:9e:03:84:56:fb:07:8d:3d:ae:8a:4d:62:93:
24:f6:cd:aa:d7:fb:33:0b:9b:99:e0:7f:96:1e:a3:
b9:d8:d8:a8:1f:23:f9:57:d7:da:6e:a9:63:1f:17:
2b:79:13:2a:68:73:d8:24:cd:bc:08:c2:79:10:21:
74:9f:8a:90:6d:33:a2:f1:3a:e0:c0:48:b2:30:61:
54:44:93:fc:7b:7d:03:52:db:11:11:eb:47:8e:94:
47:56:db:8e:18:f5:31:10:54:5e:05:f0:90:e2:e4:
5a:2a:9d:a0:df:b7:9d:47:e9:66:03:e9:fb:ab:9d:
98:12:66:e3:c2:76:a2:45:6c:04:b1:23:83:60:ee:
2d:4a:6e:82:3f:1d:61:29:4b:3e:3e:e0:f8:e9:a0:
50:5d:90:d8:65:31:01:90:40:bc:51:a0:a3:6e:dc:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0D:7D:B3:3A:04:F6:AA:00:FD:85:DE:99:F1:15:25:BF:4C:EF:CD
X509v3 Authority Key Identifier:
keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/DQ19szoE9qoA_YXemfEVJb9M780.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.83.0/24
Signature Algorithm: sha256WithRSAEncryption
97:e3:29:d0:80:0f:b4:06:8e:d4:10:aa:05:da:db:70:25:f1:
59:9e:21:26:69:94:5c:6a:6e:1e:18:26:93:77:70:d1:eb:ee:
2b:6e:19:ff:c5:14:0e:da:63:1a:7c:7c:65:cb:1a:fe:5e:ac:
d1:f5:12:05:16:8b:74:06:c7:d2:1b:ad:9e:4d:ae:97:19:10:
fb:46:8d:34:80:ff:54:7a:7d:50:ed:9b:f3:b8:85:f9:63:4f:
4b:65:25:c6:1b:65:b5:7f:a4:5f:f2:05:72:3d:35:78:b6:9b:
3e:58:d2:28:dd:13:81:85:9c:f6:af:f6:64:e6:a1:e2:64:19:
ac:b8:b3:70:ef:7f:ba:79:0a:be:c8:60:bb:bd:0f:21:02:c5:
a9:bf:3e:13:1e:53:ab:05:d8:57:3d:5f:07:f2:a1:bf:44:15:
10:33:68:44:8d:95:b6:b2:d8:21:2c:01:58:bd:7d:55:71:05:
7b:6f:e8:3a:3d:3a:48:24:f3:22:75:c6:9e:ec:a8:b7:47:94:
30:2f:7b:04:a2:1f:bf:ec:28:62:cb:65:50:4e:a6:85:78:e3:
49:99:5f:b2:ca:75:5b:08:dc:dd:03:02:3a:42:e8:63:4f:2c:
dc:78:52:6a:a0:aa:d6:f3:8a:ab:29:f6:35:23:cd:4e:bf:1f:
2d:92:9f:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKZHe9JJkmvs0U2GmIEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmVjZmEwZTY2OTI1OTVjZmJlYTUyNjYwNzZlOGU1M2Vm
ZDk0NjEwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBkN2RiMzNhMDRmNmFhMDBmZDg1ZGU5OWYxMTUyNWJmNGNlZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSBEeLauPBW/Hk4bMkfa6cvc0tVx
xzt529LJiwHO+6bqoRERx5D1ANiQZLHRI1Pk9a9AREoXFCPG+PplCYIii/2Lpy4P
Y95nuRmNypAcMZmyIKcCwQwSLZ4gl54DhFb7B409ropNYpMk9s2q1/szC5uZ4H+W
HqO52NioHyP5V9fabqljHxcreRMqaHPYJM28CMJ5ECF0n4qQbTOi8TrgwEiyMGFU
RJP8e30DUtsREetHjpRHVtuOGPUxEFReBfCQ4uRaKp2g37edR+lmA+n7q52YEmbj
wnaiRWwEsSODYO4tSm6CPx1hKUs+PuD46aBQXZDYZTEBkEC8UaCjbtzrYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0NfbM6BPaqAP2F3pnxFSW/TO/NMB8GA1UdIwQY
MBaAFG3+z6DmaSWVz76lJmB26OU+/ZRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMt
Zjk4OGQ0OGU1MWU4LzEvRFExOXN6b0U5cW9BX1lYZW1mRVZKYjlNNzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4
LzEvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUNTMA0G
CSqGSIb3DQEBCwUAA4IBAQCX4ynQgA+0Bo7UEKoF2ttwJfFZniEmaZRcam4eGCaT
d3DR6+4rbhn/xRQO2mMafHxlyxr+XqzR9RIFFot0BsfSG62eTa6XGRD7Ro00gP9U
en1Q7ZvzuIX5Y09LZSXGG2W1f6Rf8gVyPTV4tps+WNIo3ROBhZz2r/Zk5qHiZBms
uLNw73+6eQq+yGC7vQ8hAsWpvz4THlOrBdhXPV8H8qG/RBUQM2hEjZW2stghLAFY
vX1VcQV7b+g6PTpIJPMidcae7Ki3R5QwL3sEoh+/7Chiy2VQTqaFeONJmV+yynVb
CNzdAwI6QuhjTyzceFJqoKrW84qrKfY1I81Ovx8tkp+0
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:46:46 2025 by rpki-client