Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4pZ-FyiZU3HIOmTIGkKmsQUWuNQ.roa
File: 4pZ-FyiZU3HIOmTIGkKmsQUWuNQ.roa (raw, json)
Hash identifier: nz87KzpHDggo8bc5lWUQsSJlqPFBl9MkC/l1H43j5pk=
Subject key identifier: E2:96:7E:17:28:99:53:71:C8:3A:64:C8:1A:42:A6:B1:05:16:B8:D4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019112800299B0666093ED5D369342B530A2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4pZ-FyiZU3HIOmTIGkKmsQUWuNQ.roa
Signing time: Fri 02 Aug 2024 09:51:04 +0000
ROA not before: Fri 02 Aug 2024 09:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.9.117.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 20:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:80:02:99:b0:66:60:93:ed:5d:36:93:42:b5:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 2 09:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2967e1728995371c83a64c81a42a6b10516b8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:9d:0c:31:d8:44:a3:87:cf:9a:6f:28:37:
e0:1d:21:ed:fc:88:20:a8:ec:45:70:e6:2e:8a:29:
04:86:d7:66:6c:b8:d3:1d:92:73:c8:bc:64:81:8a:
b3:4f:33:8b:30:ca:32:96:1f:56:2b:a6:bb:b7:8f:
7a:c3:e0:83:d9:da:6d:1c:c6:d9:98:ae:6c:ad:84:
22:03:9a:c7:05:ef:35:ca:55:9e:70:b6:0a:20:1f:
64:d5:e6:79:ec:bd:45:55:75:f6:2d:17:67:53:8b:
25:0d:e4:b2:1d:7b:21:ea:44:d5:c9:d5:a8:10:61:
b6:e7:a7:37:e1:6b:08:59:a1:24:d8:1c:34:43:be:
00:59:b4:3a:26:99:dd:0b:5d:2e:0b:68:93:a1:24:
c6:18:37:71:18:47:ab:a7:ba:96:ad:68:58:58:66:
56:c8:39:5e:d1:76:c2:da:95:20:c8:c5:4f:98:65:
f6:6d:e3:4e:83:22:0f:f4:5a:d4:15:29:1b:57:fa:
47:88:da:44:2c:dc:18:9d:40:70:8f:7c:13:3c:b5:
33:b9:7a:cc:d7:20:6e:e0:09:92:45:c0:86:68:92:
5f:65:dc:80:6d:96:04:3e:76:13:46:89:71:30:2d:
92:b1:c0:92:58:f5:cf:c5:33:ad:f3:d5:74:19:56:
25:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:96:7E:17:28:99:53:71:C8:3A:64:C8:1A:42:A6:B1:05:16:B8:D4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4pZ-FyiZU3HIOmTIGkKmsQUWuNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.131.215.0/24
185.155.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:3b:ca:9e:08:76:1b:24:a6:b4:7a:83:13:3c:19:06:2c:58:
cc:6f:02:11:46:ff:cd:ad:21:e7:86:21:e6:04:e4:b9:83:8b:
0e:75:fb:e6:db:e2:66:c1:40:5c:cf:6c:f3:0f:cc:db:3a:d1:
56:1d:45:1c:5f:76:a7:a4:1a:09:90:31:25:e4:45:8d:f9:17:
3c:10:10:65:45:ac:7b:ce:1c:16:cd:90:13:2c:66:34:a0:51:
50:0b:03:03:92:2e:0b:e8:78:5d:2f:19:5f:fd:46:e1:c8:36:
8b:32:21:39:94:fa:8a:fb:04:fe:14:f7:b9:91:50:c8:df:07:
e7:23:fd:49:23:34:80:57:0a:a6:43:50:75:b0:ce:1b:bf:79:
f4:07:a9:ce:85:1c:1b:9a:1e:f4:e5:fa:96:63:d3:c0:86:40:
30:5a:62:ef:d1:70:45:d5:85:f2:5f:be:32:19:72:92:e6:0d:
83:28:86:f5:84:2f:94:ab:9d:c6:c3:3c:ff:18:47:6c:ec:7a:
b1:30:e2:70:f0:6c:f1:13:bc:d2:cc:a9:48:1f:79:cf:c3:74:
1a:5e:8f:35:69:40:9d:58:4b:ce:df:96:bc:86:b1:a2:06:ef:
6b:49:07:84:4d:87:19:ce:e7:67:51:e3:3e:4a:b2:e2:61:84:
8e:d3:8c:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZESgAKZsGZgk+1dNpNCtTCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODAyMDk1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk2N2UxNzI4OTk1MzcxYzgzYTY0YzgxYTQyYTZiMTA1MTZiOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkSdDDHYRKOHz5pvKDfgHSHt/Igg
qOxFcOYuiikEhtdmbLjTHZJzyLxkgYqzTzOLMMoylh9WK6a7t496w+CD2dptHMbZ
mK5srYQiA5rHBe81ylWecLYKIB9k1eZ57L1FVXX2LRdnU4slDeSyHXsh6kTVydWo
EGG256c34WsIWaEk2Bw0Q74AWbQ6JpndC10uC2iToSTGGDdxGEerp7qWrWhYWGZW
yDle0XbC2pUgyMVPmGX2beNOgyIP9FrUFSkbV/pHiNpELNwYnUBwj3wTPLUzuXrM
1yBu4AmSRcCGaJJfZdyAbZYEPnYTRolxMC2SscCSWPXPxTOt89V0GVYluwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKWfhcomVNxyDpkyBpCprEFFrjUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNHBaLUZ5aVpVM0hJT21USUdrS21zUVVXdU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQl1AwQA
LYPXAwQAuZvIMA0GCSqGSIb3DQEBCwUAA4IBAQA8O8qeCHYbJKa0eoMTPBkGLFjM
bwIRRv/NrSHnhiHmBOS5g4sOdfvm2+JmwUBcz2zzD8zbOtFWHUUcX3anpBoJkDEl
5EWN+Rc8EBBlRax7zhwWzZATLGY0oFFQCwMDki4L6HhdLxlf/UbhyDaLMiE5lPqK
+wT+FPe5kVDI3wfnI/1JIzSAVwqmQ1B1sM4bv3n0B6nOhRwbmh705fqWY9PAhkAw
WmLv0XBF1YXyX74yGXKS5g2DKIb1hC+Uq53Gwzz/GEds7HqxMOJw8GzxE7zSzKlI
H3nPw3QaXo81aUCdWEvO35a8hrGiBu9rSQeETYcZzudnUeM+SrLiYYSO04zF
-----END CERTIFICATE-----
Generated at Fri May 9 07:48:20 2025 by rpki-client