Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/FigY7gd6_RTp1q6UeeNqRXQ9TZE.roa
File: FigY7gd6_RTp1q6UeeNqRXQ9TZE.roa (raw, json)
Hash identifier: yNDbDal9Baf1OtW6+1k9c6V0pg1RBMqDD0X/bAko3qk=
Subject key identifier: 16:28:18:EE:07:7A:FD:14:E9:D6:AE:94:79:E3:6A:45:74:3D:4D:91
Certificate issuer: /CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
Certificate serial: 018CC5DBE1FE95DBAB50E304128F90798891
Authority key identifier: 49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/FigY7gd6_RTp1q6UeeNqRXQ9TZE.roa
Signing time: Mon 01 Jan 2024 16:29:30 +0000
ROA not before: Mon 01 Jan 2024 16:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208789
IP address blocks: 45.85.52.0/22 maxlen: 24
2a0e:b880::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e1:fe:95:db:ab:50:e3:04:12:8f:90:79:88:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
Validity
Not Before: Jan 1 16:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=162818ee077afd14e9d6ae9479e36a45743d4d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:0d:1e:30:08:87:17:53:26:08:34:0d:a3:
80:63:79:7e:4e:ef:5f:0a:f0:6a:46:bd:67:db:d9:
58:29:a2:3d:53:c8:d5:bc:ed:83:30:d6:8c:87:0e:
18:e6:03:33:9a:bd:da:18:c2:66:f1:7a:20:a6:45:
98:51:99:ec:88:33:61:7a:8d:1e:5e:4f:cd:e3:02:
a0:b7:86:17:95:50:44:b5:a6:6c:c6:56:f9:a7:42:
95:e4:82:40:56:63:d4:8b:00:d9:af:99:49:c4:39:
73:a3:5a:a1:47:7f:17:dc:17:08:b5:0e:d6:b1:e8:
27:f5:de:1e:0e:23:bf:0e:d6:03:f4:b4:ba:f7:ad:
ad:18:22:03:97:40:11:96:64:72:e9:dd:e9:c8:f3:
c3:0b:79:a8:fe:5b:05:a9:e8:5f:52:91:28:b1:18:
66:03:0f:fe:56:03:07:c7:35:09:49:d0:04:08:34:
dc:ff:89:e8:36:7c:3b:d3:21:fb:c6:66:c2:a9:fa:
9b:89:c9:05:c4:92:30:ce:0c:0e:dd:62:e4:4b:59:
26:b6:b1:b9:39:f3:9d:49:f1:11:19:33:1d:fb:98:
cf:dd:24:bf:58:91:7c:e0:3b:8a:3f:62:6e:ad:dc:
06:b7:7a:0e:0f:01:33:73:05:95:43:32:da:d6:8c:
6e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:28:18:EE:07:7A:FD:14:E9:D6:AE:94:79:E3:6A:45:74:3D:4D:91
X509v3 Authority Key Identifier:
keyid:49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/FigY7gd6_RTp1q6UeeNqRXQ9TZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.52.0/22
IPv6:
2a0e:b880::/29
Signature Algorithm: sha256WithRSAEncryption
14:98:73:b3:fb:3b:76:b6:46:3c:17:68:26:56:73:18:ba:7f:
ed:ad:a8:65:54:92:bb:dc:ec:d6:01:78:cc:8e:0f:c5:f5:f5:
cf:76:88:51:55:d5:81:90:de:b1:87:53:af:1b:0d:1a:9e:07:
5a:e7:0f:07:85:ba:04:a6:7c:cd:eb:a4:3f:06:c9:c1:6f:8e:
72:95:ad:96:34:8e:97:6c:34:e9:b7:af:a9:51:bd:8f:f8:65:
b8:ce:df:59:93:41:01:4c:93:70:18:09:79:e0:b7:67:8e:fd:
74:0a:8f:09:47:b9:75:b0:b6:17:16:04:76:d3:de:d7:6b:83:
57:f0:d6:5f:10:7a:7f:f9:6e:63:04:f5:7e:6c:93:fb:a5:3b:
10:80:32:cf:b3:a4:21:e7:39:93:5d:38:bf:1c:1d:42:27:26:
6e:37:1b:6e:8a:37:d3:16:68:61:59:27:e1:b7:c7:18:8e:e5:
93:ed:aa:55:04:40:a9:07:b2:8a:4c:31:0f:14:5c:b1:8b:6c:
ee:ca:a5:47:79:d3:4c:5c:5f:5f:43:a5:54:3a:55:b0:05:ca:
db:00:dd:7f:e0:87:ce:63:c6:31:63:ed:df:31:25:55:7f:05:
ec:5c:6e:2d:d2:ef:72:78:d0:6e:ee:ef:b6:95:b5:f9:6b:46:
b3:15:90:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF2+H+ldurUOMEEo+QeYiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjM5ZDZjOGIyM2ZjZGMyMGU1MzE3NGU5MmZiM2Y1NmNh
YThiNjEwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjI4MThlZTA3N2FmZDE0ZTlkNmFlOTQ3OWUzNmE0NTc0M2Q0ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMkNHjAIhxdTJgg0DaOAY3l+Tu9f
CvBqRr1n29lYKaI9U8jVvO2DMNaMhw4Y5gMzmr3aGMJm8XogpkWYUZnsiDNheo0e
Xk/N4wKgt4YXlVBEtaZsxlb5p0KV5IJAVmPUiwDZr5lJxDlzo1qhR38X3BcItQ7W
segn9d4eDiO/DtYD9LS6962tGCIDl0ARlmRy6d3pyPPDC3mo/lsFqehfUpEosRhm
Aw/+VgMHxzUJSdAECDTc/4noNnw70yH7xmbCqfqbickFxJIwzgwO3WLkS1kmtrG5
OfOdSfERGTMd+5jP3SS/WJF84DuKP2JurdwGt3oODwEzcwWVQzLa1oxuqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBYoGO4Hev0U6daulHnjakV0PU2RMB8GA1UdIwQY
MBaAFEnznWyLI/zcIOUxdOkvs/VsqothMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZPZGJJc2pfTndnNVRGMDZTLXo5V3lxaTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNjQ2MGYtZTQ5OC00ZjdiLTliOTAt
N2E1MDQzYzkxOGY5LzEvRmlnWTdnZDZfUlRwMXE2VWVlTnFSWFE5VFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNjQ2MGYtZTQ5OC00ZjdiLTliOTAtN2E1MDQzYzkxOGY5
LzEvU2ZPZGJJc2pfTndnNVRGMDZTLXo5V3lxaTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVU0MA0E
AgACMAcDBQMqDriAMA0GCSqGSIb3DQEBCwUAA4IBAQAUmHOz+zt2tkY8F2gmVnMY
un/trahlVJK73OzWAXjMjg/F9fXPdohRVdWBkN6xh1OvGw0angda5w8HhboEpnzN
66Q/BsnBb45yla2WNI6XbDTpt6+pUb2P+GW4zt9Zk0EBTJNwGAl54Ldnjv10Co8J
R7l1sLYXFgR2097Xa4NX8NZfEHp/+W5jBPV+bJP7pTsQgDLPs6Qh5zmTXTi/HB1C
JyZuNxtuijfTFmhhWSfht8cYjuWT7apVBECpB7KKTDEPFFyxi2zuyqVHedNMXF9f
Q6VUOlWwBcrbAN1/4IfOY8YxY+3fMSVVfwXsXG4t0u9yeNBu7u+2lbX5a0azFZAl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:57 2025 by rpki-client