Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Tou15RsswsqvPmkVgHNvkewNz4U.roa
File: Tou15RsswsqvPmkVgHNvkewNz4U.roa (raw, json)
Hash identifier: sRVbf2T9+ueKcSBA91VjJaXnax5nRytHwlDUn+VMY0A=
Subject key identifier: 4E:8B:B5:E5:1B:2C:C2:CA:AF:3E:69:15:80:73:6F:91:EC:0D:CF:85
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 018CC7956A9289C66757C17B5A14994D1AC2
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Tou15RsswsqvPmkVgHNvkewNz4U.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202564
IP address blocks: 45.66.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6a:92:89:c6:67:57:c1:7b:5a:14:99:4d:1a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e8bb5e51b2cc2caaf3e691580736f91ec0dcf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:8c:12:df:8f:d8:a0:94:ae:bb:35:90:90:
9c:16:e4:85:97:eb:11:16:53:1d:fd:c1:f7:77:67:
38:fa:0c:9a:fb:fa:8e:c4:82:16:7d:8e:c4:a9:45:
ee:5c:01:3c:83:f4:dc:aa:40:49:6c:d0:6e:a1:b3:
61:99:2d:23:c5:94:75:2f:5e:e8:e0:47:6d:38:90:
ea:2f:6d:0b:6a:d6:f2:6f:6e:1c:5a:9e:2f:96:46:
13:46:cf:34:3e:d8:c8:46:a9:66:67:39:0c:dd:b2:
5a:27:e7:1a:37:0e:69:28:1f:d1:86:1b:da:aa:36:
d5:fc:d9:66:cb:af:c5:93:6c:09:71:ea:22:0b:d7:
4c:39:81:eb:ac:ce:0b:47:7a:0e:6d:3b:80:ae:9a:
33:f6:c4:39:d9:44:cd:e3:15:2d:af:d8:ff:68:8d:
11:d2:ed:96:24:da:a6:0a:34:3b:14:64:a8:12:1a:
29:c0:27:8d:83:09:0f:a6:57:76:0f:16:be:88:1a:
48:e6:b5:7a:8f:e4:09:48:26:3a:2e:5a:bf:7e:e9:
9d:75:1f:a7:52:a4:b4:56:33:89:b4:0b:27:7f:ab:
2b:88:4f:aa:bc:aa:8c:45:f7:64:df:16:93:c2:22:
5f:98:1f:fe:c6:1c:42:d1:a6:bc:91:bf:be:44:48:
e1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8B:B5:E5:1B:2C:C2:CA:AF:3E:69:15:80:73:6F:91:EC:0D:CF:85
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Tou15RsswsqvPmkVgHNvkewNz4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.54.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b5:2d:03:21:d7:0e:aa:b3:52:49:b1:b8:ea:d3:bd:d0:97:
be:52:a3:e1:bc:7a:c2:d2:6b:3b:19:cf:c1:aa:bb:8b:09:ed:
51:84:97:c3:88:96:d3:fb:d8:56:d3:be:3c:a0:88:ca:b6:a5:
2f:a5:a1:8c:cf:10:9f:e5:2a:57:49:30:de:99:e5:7c:fd:9d:
5f:cf:2d:20:95:32:04:68:a3:fa:0d:cb:fc:aa:b7:23:26:66:
83:d0:5e:56:74:b9:eb:91:dd:df:61:aa:0e:d3:ec:d7:e9:3b:
14:7e:c0:37:a8:43:28:19:7e:17:98:fe:bd:bf:d6:a8:30:1d:
f6:92:74:9e:d1:19:6b:ea:5a:48:09:b6:2f:a5:d4:91:0e:8f:
ad:5b:b1:74:d4:7b:d3:2a:47:dd:ef:86:d8:10:2f:28:80:33:
87:2d:13:24:96:e0:a4:15:3b:44:7f:51:3e:4f:cc:1f:5a:d4:
cb:8a:62:58:d5:16:99:2b:4e:a9:12:d0:0f:e4:63:f8:6c:84:
75:29:b3:4e:7e:d4:1d:6e:9f:3c:96:81:d4:c2:9e:ec:8a:7f:
6a:4b:c3:64:42:3d:d0:02:66:82:a2:41:bd:3b:7a:ca:0a:8f:
48:c0:25:4c:a1:88:54:0f:34:29:23:9e:a8:bf:fc:c1:6d:a1:
f4:f1:b2:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlWqSicZnV8F7WhSZTRrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThiYjVlNTFiMmNjMmNhYWYzZTY5MTU4MDczNmY5MWVjMGRjZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjeMEt+P2KCUrrs1kJCcFuSFl+sR
FlMd/cH3d2c4+gya+/qOxIIWfY7EqUXuXAE8g/TcqkBJbNBuobNhmS0jxZR1L17o
4EdtOJDqL20Latbyb24cWp4vlkYTRs80PtjIRqlmZzkM3bJaJ+caNw5pKB/Rhhva
qjbV/Nlmy6/Fk2wJceoiC9dMOYHrrM4LR3oObTuArpoz9sQ52UTN4xUtr9j/aI0R
0u2WJNqmCjQ7FGSoEhopwCeNgwkPpld2Dxa+iBpI5rV6j+QJSCY6Llq/fumddR+n
UqS0VjOJtAsnf6sriE+qvKqMRfdk3xaTwiJfmB/+xhxC0aa8kb++REjhAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6LteUbLMLKrz5pFYBzb5HsDc+FMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvVG91MTVSc3N3c3F2UG1rVmdITnZrZXdOejRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUI2MA0G
CSqGSIb3DQEBCwUAA4IBAQAbtS0DIdcOqrNSSbG46tO90Je+UqPhvHrC0ms7Gc/B
qruLCe1RhJfDiJbT+9hW0748oIjKtqUvpaGMzxCf5SpXSTDemeV8/Z1fzy0glTIE
aKP6Dcv8qrcjJmaD0F5WdLnrkd3fYaoO0+zX6TsUfsA3qEMoGX4XmP69v9aoMB32
knSe0Rlr6lpICbYvpdSRDo+tW7F01HvTKkfd74bYEC8ogDOHLRMkluCkFTtEf1E+
T8wfWtTLimJY1RaZK06pEtAP5GP4bIR1KbNOftQdbp88loHUwp7sin9qS8NkQj3Q
AmaCokG9O3rKCo9IwCVMoYhUDzQpI56ov/zBbaH08bJU
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:03:16 2025 by rpki-client