Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/knkNSokqUjF5b1AKTH5SX5R_cYg.roa
File: knkNSokqUjF5b1AKTH5SX5R_cYg.roa (raw, json)
Hash identifier: wHpoSQbFmpufEaCHgob5c97MLD5sadeLG/14w4LqlWI=
Subject key identifier: 92:79:0D:4A:89:2A:52:31:79:6F:50:0A:4C:7E:52:5F:94:7F:71:88
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D703C711792F10C1273D0C3C5D638D
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/knkNSokqUjF5b1AKTH5SX5R_cYg.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 812
IP address blocks: 45.43.87.0/24 maxlen: 24
107.181.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 17:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:03:c7:11:79:2f:10:c1:27:3d:0c:3c:5d:63:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92790d4a892a5231796f500a4c7e525f947f7188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:53:08:36:8d:64:5b:75:a6:cd:1d:05:53:cd:
64:4a:cf:2c:72:e5:11:e3:64:10:1f:ed:8a:82:b2:
56:35:c4:55:d4:2e:f1:cf:57:e1:c1:3c:b9:56:7c:
14:a5:63:f0:97:37:68:5d:6f:96:06:4c:c1:60:25:
61:83:17:0e:a4:0f:09:70:8d:e0:b7:d0:0d:f5:6d:
d0:0b:e9:e3:e6:f9:55:90:bd:f7:79:4c:0e:17:9a:
d1:8a:e2:84:bc:54:9c:fb:de:1d:b9:c1:49:1a:7f:
98:77:e8:96:8f:8e:15:4e:79:b1:14:26:91:f9:19:
34:75:9f:cf:b8:7f:c4:e1:2d:39:ec:e0:a1:8a:bd:
70:3f:9c:69:5f:a0:03:2f:49:81:76:e5:f1:87:a5:
45:6d:e5:46:4b:1e:e6:db:a6:ba:22:b9:0a:33:38:
bf:89:0a:52:50:28:0a:2e:6e:ab:1e:b0:ed:cb:d3:
98:c9:06:00:11:08:a3:06:18:39:5a:1f:03:0b:62:
c4:b0:14:f0:5a:91:8c:0a:41:06:6e:65:6c:b5:33:
0c:e6:41:20:49:e6:b2:2a:a6:8c:3e:6c:84:3a:26:
3a:5c:2d:57:2b:a0:ad:dc:7a:63:58:6a:10:a3:08:
b8:2b:33:d6:3a:59:0c:b1:d1:54:7b:05:9c:b8:1c:
05:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:79:0D:4A:89:2A:52:31:79:6F:50:0A:4C:7E:52:5F:94:7F:71:88
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/knkNSokqUjF5b1AKTH5SX5R_cYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.87.0/24
107.181.150.0/24
Signature Algorithm: sha256WithRSAEncryption
35:2f:9c:f8:ac:ac:39:30:c7:e4:20:95:3f:e2:91:2f:62:d7:
77:c3:19:ae:62:cd:8a:29:1c:b1:e3:c4:c7:23:f2:87:6b:50:
be:ab:7c:d7:7a:8f:3b:e3:1d:b2:d9:08:61:37:11:9e:ac:1e:
cf:31:6a:b7:bb:39:a1:a8:55:6f:02:bf:fb:79:16:74:12:97:
e8:19:0b:38:31:96:2a:d4:9d:5b:01:e5:8e:c1:9e:4c:29:55:
f5:1a:20:38:64:52:36:f2:95:f4:ca:5d:3e:90:7d:8c:24:5e:
9b:56:c4:40:da:45:f1:d5:f9:01:d5:b1:4c:66:8e:fb:34:af:
e4:91:ab:b0:33:06:ed:c6:d0:a1:c4:5d:a4:bd:39:fd:55:3c:
ba:97:f0:46:c8:5c:2b:09:2c:90:dc:e1:08:f9:8d:7b:c7:7f:
be:5f:2c:44:5c:1d:3e:ea:b1:9c:63:e5:d7:df:83:2a:de:5c:
d8:e2:21:08:aa:02:cb:1e:95:68:10:da:16:1f:7c:da:0f:4a:
e6:d4:9d:76:52:24:9c:21:53:57:c8:ab:b6:84:6b:3c:98:6d:
a3:2f:ee:13:77:fd:b2:ae:eb:59:f7:7f:ff:8e:39:28:c3:8b:
ce:1d:68:0e:3e:66:3e:c5:5e:d7:4c:72:be:db:1f:fb:a3:10:
43:be:8c:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1wPHEXkvEMEnPQw8XWONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc5MGQ0YTg5MmE1MjMxNzk2ZjUwMGE0YzdlNTI1Zjk0N2Y3MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lMINo1kW3WmzR0FU81kSs8scuUR
42QQH+2KgrJWNcRV1C7xz1fhwTy5VnwUpWPwlzdoXW+WBkzBYCVhgxcOpA8JcI3g
t9AN9W3QC+nj5vlVkL33eUwOF5rRiuKEvFSc+94ducFJGn+Yd+iWj44VTnmxFCaR
+Rk0dZ/PuH/E4S057OChir1wP5xpX6ADL0mBduXxh6VFbeVGSx7m26a6IrkKMzi/
iQpSUCgKLm6rHrDty9OYyQYAEQijBhg5Wh8DC2LEsBTwWpGMCkEGbmVstTMM5kEg
SeayKqaMPmyEOiY6XC1XK6Ct3HpjWGoQowi4KzPWOlkMsdFUewWcuBwFXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJ5DUqJKlIxeW9QCkx+Ul+Uf3GIMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEva25rTlNva3FVakY1YjFBS1RINVNYNVJfY1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALStXAwQA
a7WWMA0GCSqGSIb3DQEBCwUAA4IBAQA1L5z4rKw5MMfkIJU/4pEvYtd3wxmuYs2K
KRyx48THI/KHa1C+q3zXeo874x2y2QhhNxGerB7PMWq3uzmhqFVvAr/7eRZ0Epfo
GQs4MZYq1J1bAeWOwZ5MKVX1GiA4ZFI28pX0yl0+kH2MJF6bVsRA2kXx1fkB1bFM
Zo77NK/kkauwMwbtxtChxF2kvTn9VTy6l/BGyFwrCSyQ3OEI+Y17x3++XyxEXB0+
6rGcY+XX34Mq3lzY4iEIqgLLHpVoENoWH3zaD0rm1J12UiScIVNXyKu2hGs8mG2j
L+4Td/2yrutZ93//jjkow4vOHWgOPmY+xV7XTHK+2x/7oxBDvozC
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:35:11 2025 by rpki-client