Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/5c10ef-6d3c-45e4-8ef9-9d794ee14dd0/1/aCXh4WKIw-l_e2hVhnPvWHktJrY.roa
File: aCXh4WKIw-l_e2hVhnPvWHktJrY.roa (raw, json)
Hash identifier: mFfbHnuMAbd5HV6KPl6x5SlbLGvo9KGcYDBg4lX7/O8=
Subject key identifier: 68:25:E1:E1:62:88:C3:E9:7F:7B:68:55:86:73:EF:58:79:2D:26:B6
Certificate issuer: /CN=5264f2dd0b987ab75e379f8177a4176a30860068
Certificate serial: 0193FCB0173E915AB9C2225463D2FFD36AB2
Authority key identifier: 52:64:F2:DD:0B:98:7A:B7:5E:37:9F:81:77:A4:17:6A:30:86:00:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmTy3QuYerdeN5-Bd6QXajCGAGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/5c10ef-6d3c-45e4-8ef9-9d794ee14dd0/1/aCXh4WKIw-l_e2hVhnPvWHktJrY.roa
Signing time: Wed 25 Dec 2024 07:20:18 +0000
ROA not before: Wed 25 Dec 2024 07:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202658
IP address blocks: 45.14.248.0/22 maxlen: 22
185.157.184.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fc:b0:17:3e:91:5a:b9:c2:22:54:63:d2:ff:d3:6a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5264f2dd0b987ab75e379f8177a4176a30860068
Validity
Not Before: Dec 25 07:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6825e1e16288c3e97f7b68558673ef58792d26b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:62:aa:da:72:6f:4e:74:1c:49:48:58:f9:ab:
3a:c7:25:e1:48:03:1a:29:79:a5:e8:76:ec:ea:90:
5b:9f:73:07:c1:47:fc:2f:c9:70:ca:6a:33:d3:3c:
62:85:a3:3e:37:65:f6:ab:eb:b8:8f:6c:3d:b4:68:
cf:c4:21:ac:d7:88:76:f5:77:62:93:e3:a5:62:2b:
62:7f:1d:19:f9:f0:8a:b0:b7:c3:70:12:7e:34:12:
1b:68:41:87:db:91:a3:e4:66:57:4f:63:d4:ad:99:
46:86:87:72:7b:d4:42:f5:1c:20:a0:05:f6:35:b4:
f1:a5:ea:c6:46:e5:f0:70:55:4a:eb:0c:fb:c7:bd:
cb:58:30:1d:3f:b1:73:02:2e:f3:9a:75:16:8a:8e:
bc:46:30:6d:23:2f:c5:da:fd:82:3d:14:5d:9c:ce:
31:5e:25:37:30:9e:45:e7:93:89:8c:b5:2f:af:94:
5b:a6:f1:02:07:0e:98:fd:b5:c4:2d:20:65:2c:ab:
81:20:4b:bd:d3:46:7a:d3:09:4a:69:90:8d:a8:c6:
36:da:c5:b9:93:d1:29:68:bf:93:c5:6c:a7:bf:df:
05:07:bf:92:32:61:aa:c5:7a:34:55:86:09:5a:4d:
23:22:5e:4b:f8:a9:2f:a2:c9:24:e6:2e:4c:64:e7:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:25:E1:E1:62:88:C3:E9:7F:7B:68:55:86:73:EF:58:79:2D:26:B6
X509v3 Authority Key Identifier:
keyid:52:64:F2:DD:0B:98:7A:B7:5E:37:9F:81:77:A4:17:6A:30:86:00:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmTy3QuYerdeN5-Bd6QXajCGAGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5c10ef-6d3c-45e4-8ef9-9d794ee14dd0/1/aCXh4WKIw-l_e2hVhnPvWHktJrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5c10ef-6d3c-45e4-8ef9-9d794ee14dd0/1/UmTy3QuYerdeN5-Bd6QXajCGAGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.248.0/22
185.157.184.0/22
Signature Algorithm: sha256WithRSAEncryption
04:75:09:08:e4:8e:f5:4d:f3:43:d7:d2:68:4f:0a:46:98:49:
8d:fe:3f:5b:79:11:dc:27:06:be:75:3b:d5:8e:6a:d4:91:de:
6d:65:43:9e:98:32:da:32:61:0d:22:f0:09:24:bb:ca:a2:cb:
7e:46:43:d1:7d:b5:7a:9d:13:ea:66:f1:97:c0:23:de:19:5d:
6d:fd:fd:c7:8a:c4:7c:ee:ee:69:ca:59:78:5d:97:90:96:20:
50:20:c6:3a:41:ba:41:d1:f3:35:d1:7a:e2:5e:ac:27:3f:ac:
52:a1:3d:27:86:d9:d7:02:2a:da:6c:e2:6a:73:1a:c1:5f:bd:
8e:59:7a:77:fe:31:63:68:bc:7b:f5:a4:c8:55:98:03:74:c4:
36:8d:f4:b5:b2:ea:7b:5e:d3:2a:3c:00:14:7e:d6:fd:f1:79:
87:8f:54:61:a0:d3:5c:d4:92:a3:fc:44:7e:3b:00:39:98:16:
98:ae:93:89:b3:76:3e:d2:a1:46:aa:31:c8:f7:04:39:01:ab:
ee:df:2c:bb:11:eb:6c:12:d5:65:14:d2:55:71:3b:6e:ce:61:
5b:e5:c7:04:fd:62:93:69:91:56:88:c2:89:81:a5:bf:1b:ba:
15:62:6d:43:d9:cf:7d:a4:d4:96:13:b8:f2:c5:13:59:0b:80:
ed:11:b4:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZP8sBc+kVq5wiJUY9L/02qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjRmMmRkMGI5ODdhYjc1ZTM3OWY4MTc3YTQxNzZhMzA4
NjAwNjgwHhcNMjQxMjI1MDcyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI1ZTFlMTYyODhjM2U5N2Y3YjY4NTU4NjczZWY1ODc5MmQyNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGKq2nJvTnQcSUhY+as6xyXhSAMa
KXml6Hbs6pBbn3MHwUf8L8lwymoz0zxihaM+N2X2q+u4j2w9tGjPxCGs14h29Xdi
k+OlYitifx0Z+fCKsLfDcBJ+NBIbaEGH25Gj5GZXT2PUrZlGhodye9RC9RwgoAX2
NbTxperGRuXwcFVK6wz7x73LWDAdP7FzAi7zmnUWio68RjBtIy/F2v2CPRRdnM4x
XiU3MJ5F55OJjLUvr5RbpvECBw6Y/bXELSBlLKuBIEu900Z60wlKaZCNqMY22sW5
k9EpaL+TxWynv98FB7+SMmGqxXo0VYYJWk0jIl5L+Kkvoskk5i5MZOcOFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGgl4eFiiMPpf3toVYZz71h5LSa2MB8GA1UdIwQY
MBaAFFJk8t0LmHq3XjefgXekF2owhgBoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1UeTNRdVllcmRlTjUtQmQ2UVhhakNHQUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81YzEwZWYtNmQzYy00NWU0LThlZjkt
OWQ3OTRlZTE0ZGQwLzEvYUNYaDRXS0l3LWxfZTJoVmhuUHZXSGt0SnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81YzEwZWYtNmQzYy00NWU0LThlZjktOWQ3OTRlZTE0ZGQw
LzEvVW1UeTNRdVllcmRlTjUtQmQ2UVhhakNHQUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ74AwQC
uZ24MA0GCSqGSIb3DQEBCwUAA4IBAQAEdQkI5I71TfND19JoTwpGmEmN/j9beRHc
Jwa+dTvVjmrUkd5tZUOemDLaMmENIvAJJLvKost+RkPRfbV6nRPqZvGXwCPeGV1t
/f3HisR87u5pyll4XZeQliBQIMY6QbpB0fM10XriXqwnP6xSoT0nhtnXAirabOJq
cxrBX72OWXp3/jFjaLx79aTIVZgDdMQ2jfS1sup7XtMqPAAUftb98XmHj1RhoNNc
1JKj/ER+OwA5mBaYrpOJs3Y+0qFGqjHI9wQ5Aavu3yy7EetsEtVlFNJVcTtuzmFb
5ccE/WKTaZFWiMKJgaW/G7oVYm1D2c99pNSWE7jyxRNZC4DtEbRn
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:29:37 2025 by rpki-client