Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/PDpOp3uBPkYw0vdUncXqkVpxmvQ.roa
File: PDpOp3uBPkYw0vdUncXqkVpxmvQ.roa (raw, json)
Hash identifier: HyO8OrGMiIwk5aklQW7ukpaL2D7DeAIsOansTVOt8mo=
Subject key identifier: 3C:3A:4E:A7:7B:81:3E:46:30:D2:F7:54:9D:C5:EA:91:5A:71:9A:F4
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 019397D9BF8CB970B47ECB93AA1D7434A2C7
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/PDpOp3uBPkYw0vdUncXqkVpxmvQ.roa
Signing time: Thu 05 Dec 2024 17:24:10 +0000
ROA not before: Thu 05 Dec 2024 17:24:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208976
IP address blocks: 45.130.46.0/24 maxlen: 24
194.147.211.0/24 maxlen: 24
2a12:66c0::/32 maxlen: 32
2a12:66c7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Dec 2024 22:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:d9:bf:8c:b9:70:b4:7e:cb:93:aa:1d:74:34:a2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Dec 5 17:24:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3a4ea77b813e4630d2f7549dc5ea915a719af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:ff:be:b0:16:3a:ed:a7:6a:23:56:4e:20:
eb:d2:46:9c:3f:c4:25:6f:2d:88:8b:fd:3d:d2:99:
dc:15:b2:4e:39:10:f7:18:7a:cb:b3:82:b3:5f:b0:
3f:d7:b7:9d:c7:44:5c:d4:af:3e:54:d3:df:8c:19:
31:c1:2f:f8:05:b7:88:46:fc:c5:66:2b:7d:f6:f7:
68:f8:58:1e:10:91:aa:52:22:e4:10:81:50:26:3b:
f4:20:50:7d:3a:29:6b:9d:69:2f:27:bb:17:8f:43:
54:3a:d9:a8:28:de:29:29:f7:51:5f:1a:95:ec:50:
7c:9f:c8:c6:83:22:95:82:87:5d:04:6b:a0:65:32:
23:55:66:99:2f:2f:97:6e:bb:8d:a1:84:36:d1:86:
09:90:3e:88:56:fe:59:b2:fb:c4:85:68:80:9d:d2:
fe:00:5a:0b:07:c0:a9:b7:0c:8e:ac:af:4e:58:ae:
36:d3:d6:df:94:d7:44:be:9f:57:96:c6:00:96:8c:
fc:5e:62:34:10:c0:06:d0:23:5d:e1:4c:5f:6e:e8:
34:41:05:bd:88:71:2e:86:b3:81:59:ed:be:e5:9a:
8f:88:86:90:47:25:59:12:05:fa:8d:74:f8:8a:7c:
28:36:a5:13:8c:65:4c:e7:2e:76:55:76:3a:08:56:
6a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3A:4E:A7:7B:81:3E:46:30:D2:F7:54:9D:C5:EA:91:5A:71:9A:F4
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/PDpOp3uBPkYw0vdUncXqkVpxmvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.46.0/24
194.147.211.0/24
IPv6:
2a12:66c0::/32
2a12:66c7::/48
Signature Algorithm: sha256WithRSAEncryption
03:5c:5c:ee:e9:dd:2f:f1:c1:f9:1d:75:a1:dd:ab:f9:e0:6d:
f1:e7:43:82:60:b2:b6:16:18:ee:97:ea:5c:8d:0a:a1:44:18:
8e:05:a1:21:68:3d:2d:cd:da:fe:ff:b2:78:3b:c2:c9:c9:c2:
0d:43:91:0c:62:06:2e:7e:45:26:b6:a0:6a:9c:af:6a:41:23:
35:d4:cd:85:86:1f:c9:df:ad:e2:89:c6:d4:82:b7:6f:88:8c:
04:06:f9:47:f5:d7:6b:1c:51:0e:b6:0e:20:c8:e9:5a:7a:66:
40:7d:f1:b3:5b:de:c0:a4:4e:f4:20:98:50:90:fd:51:86:ca:
25:d3:aa:c0:a2:a2:89:7e:20:e2:db:f4:2a:4b:98:73:0a:1d:
0a:f1:48:7a:c1:ed:de:7b:fe:0c:de:bd:13:8f:7e:96:d3:8b:
6b:f7:ae:12:b0:c7:b7:0f:e2:b7:88:a4:10:06:2c:fe:de:93:
5f:c7:28:46:0e:90:7b:07:36:91:d9:48:d5:2f:28:8d:a1:22:
27:93:0d:c5:a3:5d:ab:ee:bc:b1:99:2b:ba:de:77:4f:ad:c6:
f0:88:85:9d:5d:5c:43:5b:ae:11:34:9c:52:82:46:23:a5:6d:
91:f2:f1:42:df:48:76:36:ab:b0:6a:75:08:b0:bd:04:06:ad:
99:24:96:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZOX2b+MuXC0fsuTqh10NKLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjQxMjA1MTcyNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNhNGVhNzdiODEzZTQ2MzBkMmY3NTQ5ZGM1ZWE5MTVhNzE5YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnf/vrAWOu2naiNWTiDr0kacP8Ql
by2Ii/090pncFbJOORD3GHrLs4KzX7A/17edx0Rc1K8+VNPfjBkxwS/4BbeIRvzF
Zit99vdo+FgeEJGqUiLkEIFQJjv0IFB9OilrnWkvJ7sXj0NUOtmoKN4pKfdRXxqV
7FB8n8jGgyKVgoddBGugZTIjVWaZLy+XbruNoYQ20YYJkD6IVv5ZsvvEhWiAndL+
AFoLB8CptwyOrK9OWK4209bflNdEvp9XlsYAloz8XmI0EMAG0CNd4Uxfbug0QQW9
iHEuhrOBWe2+5ZqPiIaQRyVZEgX6jXT4inwoNqUTjGVM5y52VXY6CFZqdQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDw6Tqd7gT5GMNL3VJ3F6pFacZr0MB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvUERwT3AzdUJQa1l3MHZkVW5jWHFrVnB4bXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYIuAwQA
wpPTMBYEAgACMBADBQAqEmbAAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IBAQAD
XFzu6d0v8cH5HXWh3av54G3x50OCYLK2Fhjul+pcjQqhRBiOBaEhaD0tzdr+/7J4
O8LJycINQ5EMYgYufkUmtqBqnK9qQSM11M2Fhh/J363iicbUgrdviIwEBvlH9ddr
HFEOtg4gyOlaemZAffGzW97ApE70IJhQkP1Rhsol06rAoqKJfiDi2/QqS5hzCh0K
8Uh6we3ee/4M3r0Tj36W04tr964SsMe3D+K3iKQQBiz+3pNfxyhGDpB7BzaR2UjV
LyiNoSInkw3Fo12r7ryxmSu63ndPrcbwiIWdXVxDW64RNJxSgkYjpW2R8vFC30h2
NquwanUIsL0EBq2ZJJZE
-----END CERTIFICATE-----
Generated at Mon May 12 04:32:59 2025 by rpki-client