Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ry-dhs8lX7a426HhbstAcXV9KtE.roa
File: ry-dhs8lX7a426HhbstAcXV9KtE.roa (raw, json)
Hash identifier: pKdKfkr+r9AqmPvyGbpwWWdklzdFzFwT+cYELQblIvc=
Subject key identifier: AF:2F:9D:86:CF:25:5F:B6:B8:DB:A1:E1:6E:CB:40:71:75:7D:2A:D1
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018D5A0AE52C65F53752AC03D3D6414A34DB
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ry-dhs8lX7a426HhbstAcXV9KtE.roa
Signing time: Tue 30 Jan 2024 11:04:39 +0000
ROA not before: Tue 30 Jan 2024 11:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
2a0f:fd00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 May 2024 12:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:0a:e5:2c:65:f5:37:52:ac:03:d3:d6:41:4a:34:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 30 11:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af2f9d86cf255fb6b8dba1e16ecb4071757d2ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c9:34:de:cf:49:fd:0a:02:5b:51:30:19:c9:
cd:f2:d0:47:8f:dd:92:19:00:5b:8e:29:af:f6:b7:
cb:c9:fe:f9:f2:ce:33:48:55:e8:48:47:bd:3e:2d:
ea:35:b7:2b:de:3d:5a:11:b5:68:c6:2d:7e:a3:86:
70:bf:f5:8d:b4:58:96:41:9e:ad:b9:c4:07:20:d9:
8c:77:78:a7:32:e8:12:3c:16:fc:0b:ce:7a:3f:77:
c5:49:4e:ab:57:fc:e5:97:33:a3:3e:95:32:2c:b8:
3f:06:3d:2a:f6:e3:b1:69:69:77:f7:56:4d:b6:d5:
4b:ff:52:e0:88:9c:35:ae:8e:2e:44:bf:32:e2:bb:
8a:f5:f5:3b:32:8c:3b:2f:1f:7b:a5:b4:1f:03:59:
f7:ee:ca:46:b0:80:0b:d3:f1:33:96:df:76:f8:e8:
4f:0b:fd:af:6c:12:13:9e:2b:f6:dc:c3:86:d0:69:
71:7d:aa:c6:af:72:dd:6a:30:d1:33:d5:ce:9b:f1:
3f:2e:2c:d1:7b:57:2a:38:85:a1:dd:39:fc:74:ae:
7f:95:c5:ea:84:4e:05:51:2a:3a:e2:ad:86:7c:fa:
30:9c:e7:2b:3e:7c:6a:00:64:7e:31:14:b9:09:fb:
1d:83:3c:62:8e:3c:53:b4:f9:d2:d5:d1:d3:1e:77:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2F:9D:86:CF:25:5F:B6:B8:DB:A1:E1:6E:CB:40:71:75:7D:2A:D1
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ry-dhs8lX7a426HhbstAcXV9KtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
5c:58:30:e6:58:3f:e4:8a:96:46:20:61:98:84:9c:46:25:2c:
22:2e:c2:7e:d3:c1:49:57:13:ca:9d:f4:75:dd:81:a4:c2:83:
07:55:03:23:76:9f:57:4d:36:c7:38:99:4b:bb:c7:ab:14:b5:
50:cc:68:0d:c0:bf:54:f1:db:2b:d7:dc:8e:3b:99:0b:ec:9b:
eb:4a:6b:cf:bd:a9:71:cc:34:dc:0a:ff:b3:97:b2:3e:cc:35:
b3:e7:42:b6:a6:b6:a1:1d:ae:da:6d:50:0e:00:c5:28:6c:b5:
a5:13:91:30:ea:4d:3c:9e:2f:6d:13:59:81:58:83:24:04:c2:
07:60:fb:62:64:e1:85:43:d5:68:e8:5b:9b:39:df:54:5a:05:
0b:f9:8f:f5:d3:f2:36:3d:8e:63:e8:6e:d8:75:bf:59:c9:cf:
3c:a7:2d:48:98:94:5c:18:2a:4c:9c:bc:c7:ac:2a:7a:e4:72:
ca:31:a9:aa:ba:3a:4a:fd:1e:57:0e:57:51:91:ec:32:f1:04:
53:f5:35:a0:20:1a:8e:22:a5:1b:cc:6f:e5:2b:18:ed:0c:b4:
18:15:0f:b8:95:3b:80:20:09:f6:f7:40:ec:6f:25:cb:94:30:
fd:f9:f7:99:aa:2f:d7:6a:a4:11:01:73:91:c8:43:54:de:22:
95:76:b5:b7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY1aCuUsZfU3UqwD09ZBSjTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQwMTMwMTEwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJmOWQ4NmNmMjU1ZmI2YjhkYmExZTE2ZWNiNDA3MTc1N2QyYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMk03s9J/QoCW1EwGcnN8tBHj92S
GQBbjimv9rfLyf758s4zSFXoSEe9Pi3qNbcr3j1aEbVoxi1+o4Zwv/WNtFiWQZ6t
ucQHINmMd3inMugSPBb8C856P3fFSU6rV/zllzOjPpUyLLg/Bj0q9uOxaWl391ZN
ttVL/1LgiJw1ro4uRL8y4ruK9fU7Mow7Lx97pbQfA1n37spGsIAL0/Ezlt92+OhP
C/2vbBITniv23MOG0GlxfarGr3LdajDRM9XOm/E/LizRe1cqOIWh3Tn8dK5/lcXq
hE4FUSo64q2GfPownOcrPnxqAGR+MRS5CfsdgzxijjxTtPnS1dHTHnedFQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFK8vnYbPJV+2uNuh4W7LQHF1fSrRMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvcnktZGhzOGxYN2E0MjZIaGJzdEFjWFY5S3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAXFgw5lg/5IqW
RiBhmIScRiUsIi7CftPBSVcTyp30dd2BpMKDB1UDI3afV002xziZS7vHqxS1UMxo
DcC/VPHbK9fcjjuZC+yb60prz72pccw03Ar/s5eyPsw1s+dCtqa2oR2u2m1QDgDF
KGy1pRORMOpNPJ4vbRNZgViDJATCB2D7YmThhUPVaOhbmznfVFoFC/mP9dPyNj2O
Y+hu2HW/WcnPPKctSJiUXBgqTJy8x6wqeuRyyjGpqro6Sv0eVw5XUZHsMvEEU/U1
oCAajiKlG8xv5SsY7Qy0GBUPuJU7gCAJ9vdA7G8ly5Qw/fn3maov12qkEQFzkchD
VN4ilXa1tw==
-----END CERTIFICATE-----
Generated at Thu May 16 18:59:50 2024 by rpki-client on console.sobornost.net