Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/A4uMY7U3FIuBkaF6TLOF9_Ukx78.roa
File: A4uMY7U3FIuBkaF6TLOF9_Ukx78.roa (raw, json)
Hash identifier: IUO0w9GNcn4T6GkFCpPN811vtl74x5K7cAgz+Q57Ufg=
Subject key identifier: 03:8B:8C:63:B5:37:14:8B:81:91:A1:7A:4C:B3:85:F7:F5:24:C7:BF
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 018E5AD66A2DDC0AFFC4AF1ACB3D36409F7D
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/A4uMY7U3FIuBkaF6TLOF9_Ukx78.roa
Signing time: Wed 20 Mar 2024 07:49:45 +0000
ROA not before: Wed 20 Mar 2024 07:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/40 maxlen: 40
2a0b:a200:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 25 Mar 2024 13:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:d6:6a:2d:dc:0a:ff:c4:af:1a:cb:3d:36:40:9f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Mar 20 07:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=038b8c63b537148b8191a17a4cb385f7f524c7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:77:ea:1d:b6:62:60:ce:51:74:71:58:6b:db:
55:e8:a8:8a:12:a2:f4:95:16:8d:42:47:05:f4:0c:
ed:18:fe:de:e5:d4:d5:9c:fa:d7:2e:32:04:1c:21:
1d:84:8e:4a:7d:ff:ce:a9:97:69:89:56:ea:26:f6:
4c:59:20:ae:57:72:36:f2:c6:20:de:98:50:22:88:
b8:9e:c0:ed:94:25:ac:ff:52:d8:22:91:5e:e1:37:
f0:2b:cf:39:52:e6:c5:1b:a5:f6:72:c8:d1:79:8e:
0b:3e:28:16:8a:e8:67:09:fb:f5:8a:f0:b5:34:84:
5a:3e:9c:02:de:7f:46:8b:60:ac:2c:4f:3b:97:13:
c1:75:81:74:c1:28:ca:3d:fe:9b:9c:1d:9e:e3:9a:
d1:b0:15:00:55:10:89:79:ae:bb:c1:fa:c0:48:49:
45:51:ca:e0:fa:bf:4d:75:df:11:5c:34:bc:de:cb:
40:26:1e:ce:d3:90:24:50:25:11:93:60:69:fe:cf:
23:de:0f:b4:76:fd:1c:79:77:cb:24:98:6f:09:64:
9f:79:42:ef:f7:24:f5:4b:7d:4a:4f:55:81:f1:5e:
09:fb:d4:42:98:56:c9:72:b6:f5:b0:df:ab:b7:ec:
79:83:ed:46:e7:4d:10:5f:79:f1:47:a0:38:be:28:
cd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8B:8C:63:B5:37:14:8B:81:91:A1:7A:4C:B3:85:F7:F5:24:C7:BF
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/A4uMY7U3FIuBkaF6TLOF9_Ukx78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::/39
Signature Algorithm: sha256WithRSAEncryption
84:af:42:cc:ce:29:e8:7c:a2:56:5e:2f:a6:0c:1e:b6:ed:f8:
af:1f:48:17:a8:f2:73:4a:5f:6a:ce:fa:c2:d3:1b:d6:95:64:
50:a3:a7:63:81:f9:ce:0c:8e:46:23:8b:1e:ad:06:51:43:31:
cc:2f:d9:fb:0a:9f:aa:fe:08:2e:47:95:69:3f:f7:a0:d5:6e:
41:c4:60:7e:23:31:4f:76:68:84:bf:8c:c4:02:ce:8a:ef:54:
08:90:85:6e:c0:3b:5b:77:40:fc:76:21:71:52:93:0d:b0:35:
b1:31:06:61:d3:71:ec:a4:75:9f:29:e6:9d:8a:02:61:5b:b8:
71:04:fb:60:69:24:21:bf:77:05:35:c0:fd:93:f4:56:60:52:
9b:96:15:48:b1:cb:66:76:88:0b:22:d2:43:1c:11:fd:6b:59:
7a:dc:bb:4e:64:8d:be:86:74:73:a0:62:0e:bf:79:ef:75:a5:
26:39:de:b5:a0:02:54:5f:88:80:f2:1d:c4:07:9f:10:35:09:
3b:6c:c2:cf:4e:01:af:b5:49:ee:9f:b0:dd:3f:bc:e0:fd:da:
a7:a8:43:a3:c1:3b:65:bf:b2:e0:88:75:9a:53:3f:e7:36:19:
dd:b2:69:10:cc:ed:69:61:85:a9:da:b4:5c:52:d6:e6:34:db:
e6:b0:5b:b3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY5a1mot3Ar/xK8ayz02QJ99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjQwMzIwMDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhiOGM2M2I1MzcxNDhiODE5MWExN2E0Y2IzODVmN2Y1MjRjN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHfqHbZiYM5RdHFYa9tV6KiKEqL0
lRaNQkcF9AztGP7e5dTVnPrXLjIEHCEdhI5Kff/OqZdpiVbqJvZMWSCuV3I28sYg
3phQIoi4nsDtlCWs/1LYIpFe4TfwK885UubFG6X2csjReY4LPigWiuhnCfv1ivC1
NIRaPpwC3n9Gi2CsLE87lxPBdYF0wSjKPf6bnB2e45rRsBUAVRCJea67wfrASElF
Ucrg+r9Ndd8RXDS83stAJh7O05AkUCURk2Bp/s8j3g+0dv0ceXfLJJhvCWSfeULv
9yT1S31KT1WB8V4J+9RCmFbJcrb1sN+rt+x5g+1G500QX3nxR6A4vijN8wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAOLjGO1NxSLgZGhekyzhff1JMe/MB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvQTR1TVk3VTNGSXVCa2FGNlRMT0Y5X1VreDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLVmAMA4E
AgACMAgDBgEqC6IAADANBgkqhkiG9w0BAQsFAAOCAQEAhK9CzM4p6HyiVl4vpgwe
tu34rx9IF6jyc0pfas76wtMb1pVkUKOnY4H5zgyORiOLHq0GUUMxzC/Z+wqfqv4I
LkeVaT/3oNVuQcRgfiMxT3ZohL+MxALOiu9UCJCFbsA7W3dA/HYhcVKTDbA1sTEG
YdNx7KR1nynmnYoCYVu4cQT7YGkkIb93BTXA/ZP0VmBSm5YVSLHLZnaICyLSQxwR
/WtZety7TmSNvoZ0c6BiDr9573WlJjnetaACVF+IgPIdxAefEDUJO2zCz04Br7VJ
7p+w3T+84P3ap6hDo8E7Zb+y4Ih1mlM/5zYZ3bJpEMztaWGFqdq0XFLW5jTb5rBb
sw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:52:10 2025 by rpki-client