Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1wzy9qAB5fal40dAJXgEwyWVPNI.roa
File: 1wzy9qAB5fal40dAJXgEwyWVPNI.roa (raw, json)
Hash identifier: fvJujvrBCuIr7HQZpAm11lXQhWERQ1jcgDd8BI/pHGI=
Subject key identifier: D7:0C:F2:F6:A0:01:E5:F6:A5:E3:47:40:25:78:04:C3:25:95:3C:D2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FF1E463CF77D25EB01E314B20D013C9FB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1wzy9qAB5fal40dAJXgEwyWVPNI.roa
Signing time: Fri 07 Jun 2024 08:50:27 +0000
ROA not before: Fri 07 Jun 2024 08:50:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a0f:7d01::/32 maxlen: 32
2a0f:7d04:aa12::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 08:54:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:e4:63:cf:77:d2:5e:b0:1e:31:4b:20:d0:13:c9:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 7 08:50:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d70cf2f6a001e5f6a5e34740257804c325953cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:58:cc:51:e2:48:6b:f2:db:28:ad:9f:b2:09:
85:31:ba:31:0a:89:b7:d3:ee:47:24:ba:e6:1d:08:
52:bd:32:76:29:07:7e:03:25:00:94:7e:1b:44:c9:
33:ec:77:fe:d3:44:ae:83:be:04:6d:4f:a2:92:1b:
20:0b:fe:27:96:f5:68:fb:cb:a5:7b:7a:c4:ec:15:
0b:eb:82:67:be:df:d7:43:de:b5:e0:6b:83:f9:d1:
f1:d8:2c:e8:5e:05:b8:76:1a:f4:8d:a5:1d:d9:d3:
fb:75:62:5c:5c:32:04:ab:e5:b8:ab:49:d2:0b:5d:
e7:56:88:7e:0c:39:14:8d:1d:8f:28:e8:65:4b:00:
3e:eb:b5:a5:73:ef:2a:18:99:1a:99:6c:25:c2:32:
e9:a6:e0:e2:49:e4:a5:b1:e9:ae:84:a6:4f:d5:58:
05:02:76:2b:29:65:ba:a1:ea:74:ff:9e:e7:20:be:
73:71:13:e2:18:0e:ec:a3:91:75:33:e6:75:3e:79:
ff:cb:c5:f1:08:27:f3:2b:3e:20:b8:b0:33:24:41:
3b:95:78:65:bf:ab:48:17:9c:4a:c1:83:b6:d6:f7:
0c:86:0a:21:be:76:4b:2d:ae:be:85:3c:71:e4:3a:
f5:eb:55:3f:8a:ef:30:6d:54:46:a2:91:a6:cc:28:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0C:F2:F6:A0:01:E5:F6:A5:E3:47:40:25:78:04:C3:25:95:3C:D2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1wzy9qAB5fal40dAJXgEwyWVPNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:7d01::/32
2a0f:7d04:aa12::/48
Signature Algorithm: sha256WithRSAEncryption
7d:76:60:93:9a:37:3f:ed:ff:fc:b4:b6:61:49:08:29:07:6b:
b4:db:9d:51:ce:3d:04:a6:88:83:49:ec:4d:9d:32:28:77:2e:
2e:80:6e:55:5a:bb:10:92:06:c8:95:72:42:db:42:f4:45:06:
d1:0a:d2:f6:29:68:c4:74:e7:8e:80:0b:f1:59:c7:7e:dc:20:
b9:01:04:d4:a9:7e:0e:78:b1:e1:9c:a5:83:7b:81:f5:62:a6:
5f:0d:3f:3a:65:e3:aa:08:4d:9a:b3:be:73:a3:f9:42:af:85:
bf:b4:dc:eb:dd:2c:af:26:32:49:72:2b:35:b6:4c:82:dc:47:
b9:55:10:f4:6f:59:4d:cc:be:34:40:0f:8f:92:e7:fb:74:08:
81:91:40:b5:d7:8d:0c:32:3f:cf:59:1c:09:b0:93:cc:a3:e4:
37:25:d3:25:08:32:09:3f:88:00:bf:a9:76:b6:26:65:ec:89:
cd:08:8d:fb:85:37:cb:7e:e3:67:12:a4:30:63:b5:5d:a4:0a:
e6:a5:fe:6e:8b:73:77:dd:01:15:84:f5:39:2d:f1:83:25:23:
8a:03:b8:5c:e6:fb:b4:dd:12:c6:e1:14:c8:54:83:b8:7a:d8:
9a:19:38:16:98:49:bd:42:ff:0a:4e:5d:e1:84:2a:e8:26:78:
b4:fa:c3:9f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/x5GPPd9JesB4xSyDQE8n7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjA3MDg1MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBjZjJmNmEwMDFlNWY2YTVlMzQ3NDAyNTc4MDRjMzI1OTUzY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VjMUeJIa/LbKK2fsgmFMboxCom3
0+5HJLrmHQhSvTJ2KQd+AyUAlH4bRMkz7Hf+00Sug74EbU+ikhsgC/4nlvVo+8ul
e3rE7BUL64Jnvt/XQ9614GuD+dHx2CzoXgW4dhr0jaUd2dP7dWJcXDIEq+W4q0nS
C13nVoh+DDkUjR2PKOhlSwA+67Wlc+8qGJkamWwlwjLppuDiSeSlsemuhKZP1VgF
AnYrKWW6oep0/57nIL5zcRPiGA7so5F1M+Z1Pnn/y8XxCCfzKz4guLAzJEE7lXhl
v6tIF5xKwYO21vcMhgohvnZLLa6+hTxx5Dr161U/iu8wbVRGopGmzChlyQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNcM8vagAeX2peNHQCV4BMMllTzSMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMXd6eTlxQUI1ZmFsNDBkQUpYZ0V3eVdWUE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBYEAgACMBADBQAqD30BAwcAKg99BKoSMA0GCSqGSIb3DQEBCwUA
A4IBAQB9dmCTmjc/7f/8tLZhSQgpB2u0251Rzj0EpoiDSexNnTIody4ugG5VWrsQ
kgbIlXJC20L0RQbRCtL2KWjEdOeOgAvxWcd+3CC5AQTUqX4OeLHhnKWDe4H1YqZf
DT86ZeOqCE2as75zo/lCr4W/tNzr3SyvJjJJcis1tkyC3Ee5VRD0b1lNzL40QA+P
kuf7dAiBkUC1140MMj/PWRwJsJPMo+Q3JdMlCDIJP4gAv6l2tiZl7InNCI37hTfL
fuNnEqQwY7VdpArmpf5ui3N33QEVhPU5LfGDJSOKA7hc5vu03RLG4RTIVIO4etia
GTgWmEm9Qv8KTl3hhCroJni0+sOf
-----END CERTIFICATE-----
Generated at Sun May 11 13:48:51 2025 by rpki-client