Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/L9mIWnSYE2EI-r9OemuMgthAWtk.roa
File: L9mIWnSYE2EI-r9OemuMgthAWtk.roa (raw, json)
Hash identifier: occ0N9m2SLpa76u1joVDPIPvtWZdOt0lR3h/+Sc/NGY=
Subject key identifier: 2F:D9:88:5A:74:98:13:61:08:FA:BF:4E:7A:6B:8C:82:D8:40:5A:D9
Certificate issuer: /CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Certificate serial: 018CC86EFC43E244D36DEF7A99CE71055C8C
Authority key identifier: FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/L9mIWnSYE2EI-r9OemuMgthAWtk.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208662
IP address blocks: 45.86.105.0/24 maxlen: 24
45.86.107.0/24 maxlen: 24
45.86.106.0/24 maxlen: 24
2a0f:95c0:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fc:43:e2:44:d3:6d:ef:7a:99:ce:71:05:5c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fd9885a7498136108fabf4e7a6b8c82d8405ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:e4:11:c8:56:73:9d:1b:87:60:51:d6:35:
a1:16:d7:78:66:01:e2:85:a9:fd:e0:15:56:df:f1:
6c:8b:3f:1a:c3:0d:b0:93:56:31:49:c2:2c:b3:72:
02:c2:ce:2c:ce:fd:9a:11:ce:6f:49:d5:51:63:9d:
c9:33:f9:9d:87:fe:db:00:1e:c8:17:58:dc:ea:72:
f5:13:72:86:12:fb:67:cc:fa:01:10:d3:dd:9c:38:
fe:f1:27:8f:8a:89:a3:a8:2b:89:59:32:24:b2:6f:
c5:29:db:ea:86:8b:b7:59:ab:4e:d0:cf:e5:12:2a:
88:e9:10:03:f6:0f:bf:d5:0c:03:d9:01:60:c8:c8:
4f:19:68:19:f8:3f:f5:2e:c1:cf:b1:84:fc:24:ca:
29:96:06:77:eb:80:86:2a:e7:ac:a5:2b:1c:c3:22:
ed:34:56:81:e0:16:fe:9b:47:7a:ba:60:d4:e1:5b:
f2:19:be:ab:37:f0:18:d5:b0:4b:8d:a4:66:4f:43:
26:0d:b6:23:72:14:af:93:df:14:3f:50:1c:92:14:
f2:7e:ae:36:ea:de:70:7c:be:a7:a8:b0:3b:53:11:
bc:1a:e2:8f:2f:e1:2e:01:dd:68:b2:3e:9b:33:78:
e5:89:e6:9e:fc:99:55:f1:00:c0:18:44:d9:8b:7b:
ed:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D9:88:5A:74:98:13:61:08:FA:BF:4E:7A:6B:8C:82:D8:40:5A:D9
X509v3 Authority Key Identifier:
keyid:FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/L9mIWnSYE2EI-r9OemuMgthAWtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.105.0-45.86.107.255
IPv6:
2a0f:95c0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
46:61:6b:df:b0:63:02:10:ba:21:4d:69:aa:56:c8:bd:a7:2b:
fb:ff:50:8c:74:25:df:3b:2a:fa:8e:75:13:eb:d9:1c:dd:1f:
dc:97:76:0c:52:d7:73:53:bb:78:b3:09:82:5b:1f:af:ab:ec:
9d:53:28:16:e1:9a:fa:ea:51:bb:1a:30:b3:cf:d3:ed:7e:7a:
4c:60:02:34:27:bb:1c:52:f1:8f:e3:65:45:cc:1d:be:dd:87:
d7:b8:2a:e8:79:99:98:52:18:cf:d5:57:94:12:93:3d:25:5a:
55:70:c0:80:29:a9:d3:a6:8f:7e:de:66:74:bf:da:28:59:25:
0c:0f:39:37:a5:62:0e:33:a7:f0:60:6c:c7:23:44:09:9c:47:
a1:4d:1d:4f:2c:03:4b:51:9b:92:00:f0:55:71:ce:53:ad:f6:
3a:0d:85:b8:05:52:98:9c:b5:ec:3f:ab:f3:a7:11:af:77:92:
3b:cf:41:51:83:a6:99:5b:7e:80:2f:a6:9c:15:f5:31:02:24:
47:a5:02:c2:a8:e9:05:4c:e3:e5:ec:57:ca:98:9e:95:de:23:
f4:1c:31:7e:28:65:0a:c1:d7:ec:bd:ff:43:fe:ce:c1:39:aa:
41:d1:3e:ab:bb:91:1d:75:32:c9:ac:b4:62:55:78:81:6e:09:
e7:33:a1:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIbvxD4kTTbe96mc5xBVyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZWEwOGU4NDIxZGYyZjI0NWM3Y2IzMzNlZTc2YTE0YTg4
ODJkNGEwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ5ODg1YTc0OTgxMzYxMDhmYWJmNGU3YTZiOGM4MmQ4NDA1YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ7kEchWc50bh2BR1jWhFtd4ZgHi
han94BVW3/Fsiz8aww2wk1YxScIss3ICws4szv2aEc5vSdVRY53JM/mdh/7bAB7I
F1jc6nL1E3KGEvtnzPoBENPdnDj+8SePiomjqCuJWTIksm/FKdvqhou3WatO0M/l
EiqI6RAD9g+/1QwD2QFgyMhPGWgZ+D/1LsHPsYT8JMoplgZ364CGKuespSscwyLt
NFaB4Bb+m0d6umDU4VvyGb6rN/AY1bBLjaRmT0MmDbYjchSvk98UP1AckhTyfq42
6t5wfL6nqLA7UxG8GuKPL+EuAd1osj6bM3jlieae/JlV8QDAGETZi3vtdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC/ZiFp0mBNhCPq/TnprjILYQFrZMB8GA1UdIwQY
MBaAFPzqCOhCHfLyRcfLMz7nahSoiC1KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2Ut
YzA3N2UxNzAyYmM3LzEvTDltSVduU1lFMkVJLXI5T2VtdU1ndGhBV3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2UtYzA3N2UxNzAyYmM3
LzEvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAAtVmkD
BAItVmgwDgQCAAIwCAMGBioPlcBAMA0GCSqGSIb3DQEBCwUAA4IBAQBGYWvfsGMC
ELohTWmqVsi9pyv7/1CMdCXfOyr6jnUT69kc3R/cl3YMUtdzU7t4swmCWx+vq+yd
UygW4Zr66lG7GjCzz9PtfnpMYAI0J7scUvGP42VFzB2+3YfXuCroeZmYUhjP1VeU
EpM9JVpVcMCAKanTpo9+3mZ0v9ooWSUMDzk3pWIOM6fwYGzHI0QJnEehTR1PLANL
UZuSAPBVcc5TrfY6DYW4BVKYnLXsP6vzpxGvd5I7z0FRg6aZW36AL6acFfUxAiRH
pQLCqOkFTOPl7FfKmJ6V3iP0HDF+KGUKwdfsvf9D/s7BOapB0T6ru5EddTLJrLRi
VXiBbgnnM6ER
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:25 2025 by rpki-client