Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/kGiv38ElYeoB9pummi90w-ep1_4.roa
File: kGiv38ElYeoB9pummi90w-ep1_4.roa (raw, json)
Hash identifier: e3B1CJF86qAyXCCvgTD/B9+85GSHWtfJC+b1W6ETt4Y=
Subject key identifier: 90:68:AF:DF:C1:25:61:EA:01:F6:9B:A6:9A:2F:74:C3:E7:A9:D7:FE
Certificate issuer: /CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Certificate serial: 0192D9C67E4F76F9AB1F5E00C7284BE28E87
Authority key identifier: 42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/kGiv38ElYeoB9pummi90w-ep1_4.roa
Signing time: Tue 29 Oct 2024 19:35:17 +0000
ROA not before: Tue 29 Oct 2024 19:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209380
IP address blocks: 45.67.152.0/24 maxlen: 24
45.67.153.0/24 maxlen: 24
45.67.154.0/24 maxlen: 24
45.67.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:c6:7e:4f:76:f9:ab:1f:5e:00:c7:28:4b:e2:8e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Validity
Not Before: Oct 29 19:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9068afdfc12561ea01f69ba69a2f74c3e7a9d7fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:df:57:70:b5:ee:e1:0f:44:03:fd:ed:bf:16:
a6:05:65:76:05:73:aa:44:82:37:09:08:78:c3:c0:
07:d2:f1:40:42:1b:78:e8:99:a4:32:9e:7b:be:41:
72:95:4d:1c:6d:aa:10:9d:0e:d6:bd:e8:8f:d7:c3:
2b:2d:f9:3d:08:35:d0:34:09:32:04:47:6f:e0:c0:
08:cb:76:cf:7a:b2:b2:dd:4a:b8:96:eb:d2:a0:d6:
66:eb:9c:a2:59:dd:08:c4:78:d1:2c:d9:6f:f7:e0:
45:6b:79:5b:3d:87:52:a2:75:74:de:0e:c9:68:24:
c9:32:50:af:4a:c9:60:c7:0e:29:b5:3a:61:65:43:
25:1a:55:70:1f:5b:40:03:b1:ca:65:0e:f2:14:78:
f5:d4:81:c1:3d:fe:3e:19:8b:d6:22:2f:e1:9f:55:
8f:9a:ad:9e:c8:02:ce:f5:9f:63:90:24:45:05:91:
a2:15:4c:25:64:b4:b5:76:f3:be:5d:20:e6:65:a4:
70:fe:fd:a8:82:78:3e:1b:63:d1:2b:18:f2:61:42:
32:56:8a:62:7b:fa:f2:7d:ea:e9:e8:3a:43:8a:7a:
c8:aa:9f:57:fd:e7:7d:d8:86:19:01:7d:9c:cf:b6:
18:aa:6d:05:57:ca:ea:45:43:3d:ae:28:ed:2d:f3:
98:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:68:AF:DF:C1:25:61:EA:01:F6:9B:A6:9A:2F:74:C3:E7:A9:D7:FE
X509v3 Authority Key Identifier:
keyid:42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/kGiv38ElYeoB9pummi90w-ep1_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/Qs9KEo0J38S4sDWhLNgx-fewFGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.152.0/22
Signature Algorithm: sha256WithRSAEncryption
46:64:5d:e3:8b:96:e1:b2:ac:7a:81:8b:5c:5d:37:25:c4:bb:
1b:9f:c1:20:fc:c2:59:49:f8:84:9e:c3:ab:bd:74:20:fd:6c:
10:ad:f9:a7:3e:36:c6:1f:6e:a2:3b:87:31:87:41:49:46:f2:
a1:4c:ae:7c:0f:84:a6:85:f2:7b:b5:d6:3b:3d:35:c0:c1:db:
05:6b:4d:0d:1b:be:a5:84:99:c1:98:23:68:bf:19:77:5a:2a:
54:8c:fc:5f:a8:7e:88:b7:5a:48:81:3e:44:f0:53:d2:8b:c1:
d8:85:86:2f:18:ce:67:97:18:01:40:b9:6b:6d:07:c6:31:97:
6b:42:ff:d0:55:d1:38:8d:df:40:44:44:e3:f0:d6:27:1e:c0:
2c:28:3f:bc:01:c1:2d:8a:7e:48:68:25:f6:61:bd:50:f8:71:
ac:2f:d4:71:46:15:3d:a6:6d:f4:41:65:68:10:81:d0:55:01:
2d:35:2d:bb:2d:62:df:81:2d:2c:47:46:d9:61:80:f6:ae:e2:
51:b2:18:84:54:1b:79:7c:72:6d:82:6d:02:46:0f:d6:3e:a6:
a2:a3:39:a8:45:b8:a1:c5:4c:13:80:01:e6:54:43:c5:7b:b6:
d5:8c:b8:de:5d:a5:ed:4b:49:48:a4:f7:e0:c1:c8:5d:a8:a7:
ba:5c:d6:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLZxn5PdvmrH14AxyhL4o6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2Y0YTEyOGQwOWRmYzRiOGIwMzVhMTJjZDgzMWY5Zjdi
MDE0NjkwHhcNMjQxMDI5MTkzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY4YWZkZmMxMjU2MWVhMDFmNjliYTY5YTJmNzRjM2U3YTlkN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d9XcLXu4Q9EA/3tvxamBWV2BXOq
RII3CQh4w8AH0vFAQht46JmkMp57vkFylU0cbaoQnQ7WveiP18MrLfk9CDXQNAky
BEdv4MAIy3bPerKy3Uq4luvSoNZm65yiWd0IxHjRLNlv9+BFa3lbPYdSonV03g7J
aCTJMlCvSslgxw4ptTphZUMlGlVwH1tAA7HKZQ7yFHj11IHBPf4+GYvWIi/hn1WP
mq2eyALO9Z9jkCRFBZGiFUwlZLS1dvO+XSDmZaRw/v2ogng+G2PRKxjyYUIyVopi
e/ryferp6DpDinrIqp9X/ed92IYZAX2cz7YYqm0FV8rqRUM9rijtLfOYaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBor9/BJWHqAfabppovdMPnqdf+MB8GA1UdIwQY
MBaAFELPShKNCd/EuLA1oSzYMfn3sBRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM5S0VvMEozOFM0c0RXaExOZ3gtZmV3RkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC81ZGE3MjktYmEyNi00ZmRhLTkwMTEt
MGIwNDM3NWY5YjM2LzEva0dpdjM4RWxZZW9COXB1bW1pOTB3LWVwMV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC81ZGE3MjktYmEyNi00ZmRhLTkwMTEtMGIwNDM3NWY5YjM2
LzEvUXM5S0VvMEozOFM0c0RXaExOZ3gtZmV3RkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBGZF3ji5bhsqx6gYtcXTclxLsbn8Eg/MJZSfiEnsOr
vXQg/WwQrfmnPjbGH26iO4cxh0FJRvKhTK58D4SmhfJ7tdY7PTXAwdsFa00NG76l
hJnBmCNovxl3WipUjPxfqH6It1pIgT5E8FPSi8HYhYYvGM5nlxgBQLlrbQfGMZdr
Qv/QVdE4jd9ARETj8NYnHsAsKD+8AcEtin5IaCX2Yb1Q+HGsL9RxRhU9pm30QWVo
EIHQVQEtNS27LWLfgS0sR0bZYYD2ruJRshiEVBt5fHJtgm0CRg/WPqaiozmoRbih
xUwTgAHmVEPFe7bVjLjeXaXtS0lIpPfgwchdqKe6XNa0
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:47:12 2025 by rpki-client