Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/7mg1evXv6OZzxgW2ENds6IKO35g.roa
File: 7mg1evXv6OZzxgW2ENds6IKO35g.roa (raw, json)
Hash identifier: 6RXRo9M6fvD9l8Y4YF0jwnbnMXEe3i4hdAOqcoqUKh8=
Subject key identifier: EE:68:35:7A:F5:EF:E8:E6:73:C6:05:B6:10:D7:6C:E8:82:8E:DF:98
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 0193D601CC8F6B9B3ADB5ACEF9E9CA4877C5
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/7mg1evXv6OZzxgW2ENds6IKO35g.roa
Signing time: Tue 17 Dec 2024 19:04:22 +0000
ROA not before: Tue 17 Dec 2024 19:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7979
IP address blocks: 45.14.83.0/24 maxlen: 24
45.85.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:01:cc:8f:6b:9b:3a:db:5a:ce:f9:e9:ca:48:77:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Dec 17 19:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee68357af5efe8e673c605b610d76ce8828edf98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:63:35:2e:c4:40:ac:61:37:b5:8e:af:95:
24:b4:c1:34:f8:7f:fe:ef:38:5e:37:db:7b:30:f6:
6c:9b:2c:cd:2e:eb:0e:24:3f:28:38:34:29:c4:8b:
e7:12:3c:02:6f:13:fb:6d:8b:9e:81:06:68:12:3f:
e3:67:6a:8a:41:f8:f4:57:7a:b0:c1:60:85:0c:8d:
46:98:19:43:77:e6:1a:cc:47:0b:6f:05:aa:44:22:
da:15:39:54:51:08:b7:48:0e:27:11:f3:6e:87:62:
65:b5:1b:54:a3:fb:b4:98:ec:58:70:4a:7f:36:d3:
ce:6d:70:1b:bf:b6:4a:da:95:38:06:04:bd:5d:ce:
3f:bc:ee:d9:56:08:80:c0:fe:31:55:f2:c6:db:f8:
c8:67:3e:3d:0d:2d:1e:e8:db:69:a7:f1:a1:81:87:
04:68:8b:8f:4f:9b:06:70:a3:64:a8:a6:2b:37:de:
36:e9:b2:27:aa:ca:58:eb:38:51:66:78:b6:01:84:
ce:60:1c:bb:ee:67:c1:35:7a:0d:b4:41:af:34:77:
8d:ce:85:c8:87:05:4d:68:af:d1:d1:92:63:2d:dc:
bb:9b:91:86:40:80:c1:7e:6a:35:fe:1e:b1:c2:53:
02:70:cc:a3:46:da:fe:63:9b:72:60:b4:9c:58:6b:
4d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:68:35:7A:F5:EF:E8:E6:73:C6:05:B6:10:D7:6C:E8:82:8E:DF:98
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/7mg1evXv6OZzxgW2ENds6IKO35g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.83.0/24
45.85.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:ab:be:ea:d0:1a:2f:c7:32:d1:a3:b6:5b:9f:b4:16:73:53:
2d:c1:6c:f9:39:2f:0e:26:90:d4:a1:1d:31:f9:90:93:0c:05:
21:84:36:86:72:7d:f1:6f:38:4a:31:d0:79:1d:cc:ee:e4:56:
b9:b2:e7:b5:6b:50:7c:09:01:6b:80:4f:24:fe:c6:1a:bd:ff:
54:8a:30:3e:b8:10:5c:53:f6:35:32:64:24:67:d0:ee:c8:cf:
3f:0d:8a:f0:87:e6:87:bc:07:8a:24:e5:d7:6c:74:bb:ad:6d:
98:2a:95:34:df:a0:71:50:24:55:15:bb:25:7c:65:df:64:00:
70:3d:2e:1c:d1:27:9a:90:eb:34:46:1f:8f:45:c3:34:93:c7:
f2:b9:3c:62:a8:a2:23:6e:a7:b1:5d:ad:cf:d1:0a:be:d4:06:
ac:56:d9:c0:b4:77:b4:3b:e3:36:c5:44:9b:51:cb:01:19:6b:
9b:ce:d3:5a:35:09:3c:75:22:63:1a:58:d9:0f:64:8e:6c:98:
3b:48:b4:19:7d:b4:9d:34:a0:e6:eb:37:94:9f:d1:20:94:2c:
96:2a:11:fe:a8:91:13:d1:6b:2d:b3:d1:2b:16:cd:c4:18:4c:
fa:30:66:cc:0b:d9:c8:a1:14:e2:0d:6f:b7:8c:a0:d1:bb:1c:
af:b7:e6:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPWAcyPa5s621rO+enKSHfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQxMjE3MTkwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTY4MzU3YWY1ZWZlOGU2NzNjNjA1YjYxMGQ3NmNlODgyOGVkZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9NjNS7EQKxhN7WOr5UktME0+H/+
7zheN9t7MPZsmyzNLusOJD8oODQpxIvnEjwCbxP7bYuegQZoEj/jZ2qKQfj0V3qw
wWCFDI1GmBlDd+YazEcLbwWqRCLaFTlUUQi3SA4nEfNuh2JltRtUo/u0mOxYcEp/
NtPObXAbv7ZK2pU4BgS9Xc4/vO7ZVgiAwP4xVfLG2/jIZz49DS0e6Ntpp/GhgYcE
aIuPT5sGcKNkqKYrN9426bInqspY6zhRZni2AYTOYBy77mfBNXoNtEGvNHeNzoXI
hwVNaK/R0ZJjLdy7m5GGQIDBfmo1/h6xwlMCcMyjRtr+Y5tyYLScWGtNgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO5oNXr17+jmc8YFthDXbOiCjt+YMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvN21nMWV2WHY2T1p6eGdXMkVOZHM2SUtPMzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ5TAwQA
LVWBMA0GCSqGSIb3DQEBCwUAA4IBAQCPq77q0BovxzLRo7Zbn7QWc1MtwWz5OS8O
JpDUoR0x+ZCTDAUhhDaGcn3xbzhKMdB5Hczu5Fa5sue1a1B8CQFrgE8k/sYavf9U
ijA+uBBcU/Y1MmQkZ9DuyM8/DYrwh+aHvAeKJOXXbHS7rW2YKpU036BxUCRVFbsl
fGXfZABwPS4c0SeakOs0Rh+PRcM0k8fyuTxiqKIjbqexXa3P0Qq+1AasVtnAtHe0
O+M2xUSbUcsBGWubztNaNQk8dSJjGljZD2SObJg7SLQZfbSdNKDm6zeUn9EglCyW
KhH+qJET0Wsts9ErFs3EGEz6MGbMC9nIoRTiDW+3jKDRuxyvt+Z6
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:22:26 2025 by rpki-client