Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/APDlbQm--Am7-aLdPzeZvg73EcA.roa
File: APDlbQm--Am7-aLdPzeZvg73EcA.roa (raw, json)
Hash identifier: u5yY0IhNywaT0EhNtuFfYNSVUC5Ke4tdJJdN52f2NoU=
Subject key identifier: 00:F0:E5:6D:09:BE:F8:09:BB:F9:A2:DD:3F:37:99:BE:0E:F7:11:C0
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 018E671444A6A606284671E5BABD25DBF168
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/APDlbQm--Am7-aLdPzeZvg73EcA.roa
Signing time: Fri 22 Mar 2024 16:52:45 +0000
ROA not before: Fri 22 Mar 2024 16:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 45.12.24.0/24 maxlen: 24
45.12.26.0/24 maxlen: 24
193.38.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:67:14:44:a6:a6:06:28:46:71:e5:ba:bd:25:db:f1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Mar 22 16:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00f0e56d09bef809bbf9a2dd3f3799be0ef711c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:72:20:bf:a6:43:b2:ef:6c:12:d2:d6:25:13:
ff:5d:99:14:5a:22:df:6a:95:41:f2:ab:bc:69:94:
e2:20:d4:27:91:80:59:0d:64:c2:88:c7:98:ae:ec:
c7:2f:14:98:3f:e3:34:2b:88:c4:05:c1:a8:5b:8c:
f0:9a:e3:c0:90:87:83:66:28:2c:5d:2a:c8:58:66:
68:d3:d3:16:f9:6c:f9:65:8b:2c:35:3b:83:cc:9d:
26:2e:58:25:25:76:d5:64:4b:7a:d9:f9:cd:57:90:
0a:31:f3:8e:50:d5:91:0b:44:c3:44:fa:50:cc:b1:
7a:6a:3b:9c:13:7c:f4:25:06:a4:85:84:d5:69:3a:
bf:fc:e8:69:41:cf:61:89:52:75:9a:6b:3b:12:03:
d1:03:2d:95:bf:6b:9e:82:f8:3d:ac:93:6e:26:d0:
bf:56:91:36:77:cf:82:b9:77:22:f5:09:a6:99:b4:
62:0e:18:ac:e6:97:dc:fd:d5:9e:40:5b:02:59:56:
04:4f:af:9d:85:4e:78:7c:3c:31:13:7e:eb:89:61:
2b:44:49:70:23:24:1b:14:11:5e:5f:36:c5:44:c8:
26:2c:88:de:76:1a:7c:12:c7:91:c9:95:0f:69:b6:
ae:81:e3:4a:d8:10:fe:48:f7:48:80:8a:70:17:95:
4c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F0:E5:6D:09:BE:F8:09:BB:F9:A2:DD:3F:37:99:BE:0E:F7:11:C0
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/APDlbQm--Am7-aLdPzeZvg73EcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.24.0/24
45.12.26.0/24
193.38.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b6:a4:fc:5c:7f:11:2d:7f:7d:15:82:2c:55:e4:42:2f:12:
42:a7:a2:f7:1b:d0:cf:81:53:b8:51:52:d4:86:89:45:fd:2c:
09:a4:aa:6e:0e:dd:23:1d:30:e1:73:7b:38:e1:05:ef:ca:71:
ce:dd:48:0d:a2:31:39:8b:a9:67:36:5b:6b:37:dd:46:07:bb:
43:93:15:bb:df:1a:4f:60:6d:9a:2d:29:5b:4b:90:1c:59:41:
fd:f9:88:f8:30:a4:ca:48:7c:cb:a5:3b:0a:01:d7:41:91:4d:
c0:4e:f4:4f:08:fc:ff:a0:41:de:ed:a3:18:bc:9b:87:7b:27:
85:6d:5f:2b:99:15:32:f0:1b:56:99:56:6d:c4:dc:80:f6:c5:
8b:ed:84:b9:67:93:a8:e8:87:81:1a:f4:11:19:38:2f:2c:5f:
cf:4c:ba:e1:38:70:92:30:3e:e5:e7:71:08:7e:12:4a:42:45:
92:ac:3c:55:f7:71:18:8d:f7:a1:90:e8:20:7a:23:ad:e0:4f:
f2:2c:ba:e9:7d:59:4e:4b:0f:8b:ca:76:3a:3e:d9:ac:0a:5a:
d1:13:3c:2d:7e:cf:28:0b:8c:4d:f5:81:8c:34:4a:79:05:f2:
ca:25:0e:2c:c4:e4:15:e6:5c:b7:8c:c8:9b:11:8e:7e:29:ed:
8f:0b:27:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5nFESmpgYoRnHlur0l2/FoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwMzIyMTY1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGYwZTU2ZDA5YmVmODA5YmJmOWEyZGQzZjM3OTliZTBlZjcxMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXIgv6ZDsu9sEtLWJRP/XZkUWiLf
apVB8qu8aZTiINQnkYBZDWTCiMeYruzHLxSYP+M0K4jEBcGoW4zwmuPAkIeDZigs
XSrIWGZo09MW+Wz5ZYssNTuDzJ0mLlglJXbVZEt62fnNV5AKMfOOUNWRC0TDRPpQ
zLF6ajucE3z0JQakhYTVaTq//OhpQc9hiVJ1mms7EgPRAy2Vv2uegvg9rJNuJtC/
VpE2d8+CuXci9QmmmbRiDhis5pfc/dWeQFsCWVYET6+dhU54fDwxE37riWErRElw
IyQbFBFeXzbFRMgmLIjedhp8EseRyZUPabaugeNK2BD+SPdIgIpwF5VMcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFADw5W0JvvgJu/mi3T83mb4O9xHAMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvQVBEbGJRbS0tQW03LWFMZFB6ZVp2ZzczRWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQwYAwQA
LQwaAwQAwSb/MA0GCSqGSIb3DQEBCwUAA4IBAQButqT8XH8RLX99FYIsVeRCLxJC
p6L3G9DPgVO4UVLUholF/SwJpKpuDt0jHTDhc3s44QXvynHO3UgNojE5i6lnNltr
N91GB7tDkxW73xpPYG2aLSlbS5AcWUH9+Yj4MKTKSHzLpTsKAddBkU3ATvRPCPz/
oEHe7aMYvJuHeyeFbV8rmRUy8BtWmVZtxNyA9sWL7YS5Z5Oo6IeBGvQRGTgvLF/P
TLrhOHCSMD7l53EIfhJKQkWSrDxV93EYjfehkOggeiOt4E/yLLrpfVlOSw+LynY6
PtmsClrREzwtfs8oC4xN9YGMNEp5BfLKJQ4sxOQV5ly3jMibEY5+Ke2PCycv
-----END CERTIFICATE-----
Generated at Wed May 7 07:44:19 2025 by rpki-client