Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/h9k72ViUEUwZ71e97J6ttak0gQY.roa
File: h9k72ViUEUwZ71e97J6ttak0gQY.roa (raw, json)
Hash identifier: w8i9jfeVi48Tv+gkJvzQn6oIYtnKwvSKyNiDjies1XI=
Subject key identifier: 87:D9:3B:D9:58:94:11:4C:19:EF:57:BD:EC:9E:AD:B5:A9:34:81:06
Certificate issuer: /CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5
Certificate serial: 018CC5DCA7B8DE3AD8750E520F60468954C1
Authority key identifier: A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/h9k72ViUEUwZ71e97J6ttak0gQY.roa
Signing time: Mon 01 Jan 2024 16:30:21 +0000
ROA not before: Mon 01 Jan 2024 16:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50563
IP address blocks: 45.8.77.0/24 maxlen: 24
45.8.78.0/24 maxlen: 24
45.8.78.0/23 maxlen: 23
45.8.76.0/24 maxlen: 24
45.8.76.0/23 maxlen: 23
45.8.76.0/22 maxlen: 22
45.8.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a7:b8:de:3a:d8:75:0e:52:0f:60:46:89:54:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5
Validity
Not Before: Jan 1 16:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87d93bd95894114c19ef57bdec9eadb5a9348106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:26:7e:3d:87:48:b8:36:f9:b5:5b:dd:6b:08:
25:07:d9:45:58:22:7c:12:1a:d5:2c:f5:5c:1a:74:
fc:1f:55:d1:d8:76:d4:57:9d:30:d6:25:87:33:47:
39:2f:cb:21:8d:fd:39:67:f5:5b:c9:0d:3b:88:96:
e7:6c:d9:1f:ea:5e:f3:4a:57:d0:9f:7d:cb:14:f9:
bf:3f:5a:e4:d8:19:a8:a9:11:1b:d7:7f:e0:e5:ca:
52:32:90:65:9c:ad:01:ab:4b:16:46:14:1c:2d:44:
a4:0f:e2:b8:6c:85:3f:14:07:d7:7e:66:8b:9e:4f:
83:ce:8e:0f:83:4b:e4:38:03:10:b2:0e:8c:5e:5a:
f1:f7:4f:09:96:12:95:1c:43:af:18:33:31:54:ae:
53:ce:3f:46:80:ce:0b:e4:ce:2b:07:7e:52:c1:48:
e6:2b:86:46:6d:3a:83:ec:24:f1:8c:fd:23:5a:b1:
7c:49:82:ed:89:bf:5e:af:a5:2c:19:73:2d:20:d3:
a7:59:fc:92:b4:25:60:5e:bd:f7:9c:a6:5e:62:37:
fe:78:6c:ec:63:d0:60:dc:6d:ec:17:fc:4d:bd:c5:
14:bd:e0:b8:12:3d:a1:54:3a:07:65:9a:55:98:14:
89:66:a8:3e:01:1c:9e:28:36:ae:d5:5d:43:d9:4d:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D9:3B:D9:58:94:11:4C:19:EF:57:BD:EC:9E:AD:B5:A9:34:81:06
X509v3 Authority Key Identifier:
keyid:A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/h9k72ViUEUwZ71e97J6ttak0gQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/oJfWos9CiA2-v0KjJRkHohyRpKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.76.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:1e:aa:6d:af:10:a3:45:ce:d6:4b:70:0f:bf:c3:c3:e0:d1:
8d:61:ec:5f:5e:69:9e:89:4d:93:d4:72:d2:17:e9:b1:78:ea:
75:3b:b2:6d:ab:85:4c:e5:73:72:9e:1f:f1:1f:80:99:36:fc:
49:43:5b:7e:4e:c9:3c:e5:b4:3b:84:22:5b:af:9e:c5:a7:41:
91:cb:44:b2:cc:b9:51:69:3c:b3:4a:43:af:0c:22:29:17:1a:
c0:c4:30:33:a1:8b:e1:7f:a1:8c:d0:06:eb:f8:bf:f8:3e:6f:
86:6a:a5:85:e2:30:37:42:b5:8f:28:52:ab:6a:fd:0d:ca:5c:
3d:b9:7c:6b:d8:e8:a6:7a:4a:85:50:5a:6b:16:83:b7:09:54:
37:96:37:3d:f1:68:b1:df:1a:44:88:96:72:90:7a:7b:a1:dd:
75:86:6c:34:08:53:76:85:18:d5:74:5f:76:dc:7f:1f:a6:1d:
20:e2:f0:98:94:ab:98:cd:78:24:35:b6:39:50:b3:61:e6:15:
32:24:8d:08:f1:c6:c5:1d:e5:9c:3e:a4:d4:bf:c8:48:5b:c8:
c9:cf:1e:4e:69:de:0e:27:51:1c:a2:e5:ef:b3:eb:c5:04:9c:
b5:f7:c3:ca:de:05:42:ed:fc:46:93:7b:f2:36:0a:c0:49:a9:
b4:1d:cf:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Ke43jrYdQ5SD2BGiVTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTdkNmEyY2Y0Mjg4MGRiZWJmNDJhMzI1MTkwN2EyMWM5
MWE0YTUwHhcNMjQwMTAxMTYzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q5M2JkOTU4OTQxMTRjMTllZjU3YmRlYzllYWRiNWE5MzQ4MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviZ+PYdIuDb5tVvdawglB9lFWCJ8
EhrVLPVcGnT8H1XR2HbUV50w1iWHM0c5L8shjf05Z/VbyQ07iJbnbNkf6l7zSlfQ
n33LFPm/P1rk2BmoqREb13/g5cpSMpBlnK0Bq0sWRhQcLUSkD+K4bIU/FAfXfmaL
nk+Dzo4Pg0vkOAMQsg6MXlrx908JlhKVHEOvGDMxVK5Tzj9GgM4L5M4rB35SwUjm
K4ZGbTqD7CTxjP0jWrF8SYLtib9er6UsGXMtINOnWfyStCVgXr33nKZeYjf+eGzs
Y9Bg3G3sF/xNvcUUveC4Ej2hVDoHZZpVmBSJZqg+ARyeKDau1V1D2U3tIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfZO9lYlBFMGe9XveyerbWpNIEGMB8GA1UdIwQY
MBaAFKCX1qLPQogNvr9CoyUZB6IckaSlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYt
NmZjYWYyNzI5YmU1LzEvaDlrNzJWaVVFVXdaNzFlOTdKNnR0YWswZ1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYtNmZjYWYyNzI5YmU1
LzEvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQhMMA0G
CSqGSIb3DQEBCwUAA4IBAQBMHqptrxCjRc7WS3APv8PD4NGNYexfXmmeiU2T1HLS
F+mxeOp1O7Jtq4VM5XNynh/xH4CZNvxJQ1t+Tsk85bQ7hCJbr57Fp0GRy0SyzLlR
aTyzSkOvDCIpFxrAxDAzoYvhf6GM0Abr+L/4Pm+GaqWF4jA3QrWPKFKrav0Nylw9
uXxr2OimekqFUFprFoO3CVQ3ljc98Wix3xpEiJZykHp7od11hmw0CFN2hRjVdF92
3H8fph0g4vCYlKuYzXgkNbY5ULNh5hUyJI0I8cbFHeWcPqTUv8hIW8jJzx5Oad4O
J1EcouXvs+vFBJy198PK3gVC7fxGk3vyNgrASam0Hc/+
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:10:03 2025 by rpki-client