Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/2rHsedanPHpYOCfvwCacL6pn0eo.roa
File: 2rHsedanPHpYOCfvwCacL6pn0eo.roa (raw, json)
Hash identifier: POAHqPLQo+1GKwAfizA60PpEeh/2sgVLCecTLJq7OxU=
Subject key identifier: DA:B1:EC:79:D6:A7:3C:7A:58:38:27:EF:C0:26:9C:2F:AA:67:D1:EA
Certificate issuer: /CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Certificate serial: 019368AEDAC87D19F37E19CC98940284FFED
Authority key identifier: B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/2rHsedanPHpYOCfvwCacL6pn0eo.roa
Signing time: Tue 26 Nov 2024 13:35:09 +0000
ROA not before: Tue 26 Nov 2024 13:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 45.66.212.0/22 maxlen: 22
45.158.216.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:da:c8:7d:19:f3:7e:19:cc:98:94:02:84:ff:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Validity
Not Before: Nov 26 13:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dab1ec79d6a73c7a583827efc0269c2faa67d1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:0a:86:b9:22:c0:fb:46:c1:c4:4a:6c:30:
5e:b6:93:b5:12:f2:81:98:09:1f:69:73:21:96:89:
d6:31:57:a9:1e:71:95:30:eb:91:96:4e:7e:e8:a3:
d4:e2:b1:bc:90:cd:24:7e:dc:68:22:a6:ee:f0:9e:
ca:4c:73:d9:bc:25:0e:8d:f7:28:3a:f4:e6:f7:99:
56:18:09:a2:e7:91:e6:84:16:c1:85:a1:f0:ae:95:
1c:ca:1c:17:cf:d5:ab:2b:3f:70:ad:4c:c8:0e:3a:
b0:87:fb:52:5c:fc:4c:84:55:62:04:da:2f:99:c7:
15:7e:31:a6:02:9e:b2:21:70:77:6a:5a:3b:06:d3:
c3:03:c3:9d:ed:b6:71:8a:88:6a:1b:b0:1c:b5:fa:
e8:f6:6c:c1:82:02:e8:21:2c:4c:7a:32:29:44:68:
4b:7b:9a:71:7f:23:4a:b2:40:2f:8e:27:5e:cb:cb:
93:43:28:29:d9:3f:73:62:00:7c:5c:5d:a4:d5:f2:
ad:36:5a:18:58:af:d5:83:f2:50:9f:62:7e:77:c9:
6b:bc:c7:5c:24:28:70:62:16:11:07:d6:07:9a:df:
da:e8:00:bf:95:44:01:d1:79:d6:b3:66:ce:82:87:
5f:4e:cb:16:ef:ad:c0:52:1c:8b:c9:90:68:7b:62:
22:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B1:EC:79:D6:A7:3C:7A:58:38:27:EF:C0:26:9C:2F:AA:67:D1:EA
X509v3 Authority Key Identifier:
keyid:B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/2rHsedanPHpYOCfvwCacL6pn0eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.212.0/22
45.158.216.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:f7:ae:20:3c:77:d4:b2:82:e3:e6:6b:b1:1d:3b:4a:b9:47:
4c:73:b6:6f:a0:a0:b8:bb:bb:69:cc:c8:9b:9a:c6:81:2f:fb:
76:9e:0a:57:53:22:68:36:3b:2b:38:4c:92:ec:d0:65:aa:2a:
71:51:bd:03:94:34:cd:66:5c:a0:8d:d6:5a:23:95:c6:66:5d:
a6:fd:f3:ca:63:42:de:b5:27:29:78:ce:11:0d:66:f4:73:8f:
db:08:ed:f8:73:30:ca:b1:7c:92:fc:2b:bb:6f:4f:56:fc:b3:
d2:ee:33:af:91:c1:4b:e5:97:79:61:03:f5:c0:b6:5c:77:ea:
55:66:ef:fc:80:68:e7:c6:5e:8d:f2:e7:c5:c0:c2:04:bb:5d:
20:e5:f7:1c:ea:36:8a:d3:a6:e0:99:1b:06:0d:8b:db:cd:fa:
df:04:9c:99:42:32:29:6f:bb:de:c8:d7:5c:c1:8e:18:32:ed:
dd:c4:19:bb:0c:91:d9:5b:77:67:59:c7:1e:5c:97:bb:59:47:
11:23:e6:f5:1b:30:fe:79:81:91:73:a5:eb:58:60:e1:25:14:
a8:d2:3f:f5:76:9c:68:4a:72:88:bd:e9:37:ad:c4:ef:ef:0b:
eb:b0:4a:2f:ff:5d:7d:ed:58:22:b6:4f:33:db:56:80:69:f6:
cb:f9:22:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNortrIfRnzfhnMmJQChP/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDkzMDg1NDBjNGRmOWI5YmI3ZDYzMjdmYTdiNWQ0OTAw
ODA2OGMwHhcNMjQxMTI2MTMzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIxZWM3OWQ2YTczYzdhNTgzODI3ZWZjMDI2OWMyZmFhNjdkMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbYKhrkiwPtGwcRKbDBetpO1EvKB
mAkfaXMhlonWMVepHnGVMOuRlk5+6KPU4rG8kM0kftxoIqbu8J7KTHPZvCUOjfco
OvTm95lWGAmi55HmhBbBhaHwrpUcyhwXz9WrKz9wrUzIDjqwh/tSXPxMhFViBNov
mccVfjGmAp6yIXB3alo7BtPDA8Od7bZxiohqG7Actfro9mzBggLoISxMejIpRGhL
e5pxfyNKskAvjidey8uTQygp2T9zYgB8XF2k1fKtNloYWK/Vg/JQn2J+d8lrvMdc
JChwYhYRB9YHmt/a6AC/lUQB0XnWs2bOgodfTssW763AUhyLyZBoe2IiswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNqx7HnWpzx6WDgn78AmnC+qZ9HqMB8GA1UdIwQY
MBaAFLIJMIVAxN+bm7fWMn+ntdSQCAaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAt
NjQ4MGMzZDFmNGU0LzEvMnJIc2VkYW5QSHBZT0NmdndDYWNMNnBuMGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAtNjQ4MGMzZDFmNGU0
LzEvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLULUAwQC
LZ7YMA0GCSqGSIb3DQEBCwUAA4IBAQDW964gPHfUsoLj5muxHTtKuUdMc7ZvoKC4
u7tpzMibmsaBL/t2ngpXUyJoNjsrOEyS7NBlqipxUb0DlDTNZlygjdZaI5XGZl2m
/fPKY0LetScpeM4RDWb0c4/bCO34czDKsXyS/Cu7b09W/LPS7jOvkcFL5Zd5YQP1
wLZcd+pVZu/8gGjnxl6N8ufFwMIEu10g5fcc6jaK06bgmRsGDYvbzfrfBJyZQjIp
b7veyNdcwY4YMu3dxBm7DJHZW3dnWcceXJe7WUcRI+b1GzD+eYGRc6XrWGDhJRSo
0j/1dpxoSnKIvek3rcTv7wvrsEov/1197Vgitk8z21aAafbL+SJx
-----END CERTIFICATE-----
Generated at Sun May 11 16:11:15 2025 by rpki-client