Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/aVgPMvopw7jYci8j-6StZqkQ3SE.roa
File: aVgPMvopw7jYci8j-6StZqkQ3SE.roa (raw, json)
Hash identifier: /7tz9IeYohNwVRat89ocoq+UzFVeEsitBF42IHs27MQ=
Subject key identifier: 69:58:0F:32:FA:29:C3:B8:D8:72:2F:23:FB:A4:AD:66:A9:10:DD:21
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 018CCA2B61D35A293E79AA0808F47B26D455
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/aVgPMvopw7jYci8j-6StZqkQ3SE.roa
Signing time: Tue 02 Jan 2024 12:34:49 +0000
ROA not before: Tue 02 Jan 2024 12:34:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204457
IP address blocks: 45.156.31.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
45.156.30.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.94.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 12:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:61:d3:5a:29:3e:79:aa:08:08:f4:7b:26:d4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jan 2 12:34:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69580f32fa29c3b8d8722f23fba4ad66a910dd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:c4:40:79:9c:c7:9e:81:dc:5d:fc:c6:9d:
f8:a3:0d:56:75:d6:48:30:ad:79:c4:1d:cb:7d:99:
37:ed:7b:69:88:10:71:58:17:33:81:23:6d:0d:2f:
6f:02:cf:1b:38:92:af:a3:c7:6d:67:0d:6f:4e:c3:
ee:49:91:f5:2c:0d:12:2c:17:6d:73:3c:bc:03:fc:
d4:a3:d1:63:f4:b3:5a:04:9d:bb:b1:32:55:d5:77:
c6:7e:65:96:f5:25:48:c0:c1:04:1a:eb:48:aa:af:
c0:a0:51:49:53:7d:2e:ce:71:39:3e:3a:5e:4b:e0:
b3:29:c7:a0:a6:c2:17:6f:eb:71:78:e6:f5:7a:54:
4f:79:aa:7b:82:3f:a8:f7:f5:4f:f8:65:b7:8d:50:
e5:25:2c:db:b5:4f:38:e1:47:08:cb:e5:83:6c:f7:
ee:dc:9e:62:82:d3:1b:2e:c2:44:a2:8f:8e:d7:11:
18:41:e4:b5:bb:40:9c:1a:96:bb:6f:98:71:5e:11:
12:00:0d:ed:e8:78:98:cc:5a:d0:5d:8a:ea:02:49:
42:33:98:0b:8f:36:89:36:63:39:81:f0:1b:27:4d:
04:08:c0:54:eb:24:7c:9b:d3:99:41:33:a0:67:be:
7c:10:51:bd:43:50:3e:14:0e:ee:24:7e:4c:ef:88:
fa:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:58:0F:32:FA:29:C3:B8:D8:72:2F:23:FB:A4:AD:66:A9:10:DD:21
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/aVgPMvopw7jYci8j-6StZqkQ3SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.5.0/24
45.94.7.0/24
45.156.29.0-45.156.31.255
Signature Algorithm: sha256WithRSAEncryption
5b:61:89:a7:11:a7:32:4f:bf:67:b5:71:7e:30:d6:11:08:bf:
2e:48:40:9d:0d:95:74:24:db:55:01:99:39:80:0b:23:57:cb:
b9:c9:67:9c:f9:8f:9d:d0:40:02:33:c9:c1:7c:b9:a8:df:56:
1e:f0:78:10:f5:48:f5:7f:c0:71:f5:44:0b:1a:eb:b2:1e:d2:
b6:e2:2a:7f:69:fe:0f:9b:2b:3d:c4:82:76:0b:68:8c:e4:9d:
c2:1c:03:fa:e5:0a:c5:4e:62:2e:d9:4c:48:88:ca:a2:66:aa:
4e:df:a6:1b:0a:06:5c:9e:bc:c7:bc:ad:da:0c:00:27:d6:b4:
8c:a6:2f:a3:f2:c3:b3:07:56:12:06:0d:a3:02:8f:8a:db:37:
a9:cd:97:3d:10:d5:da:94:f3:e1:de:77:fd:b1:91:8f:01:c8:
57:91:49:29:84:ff:8c:19:45:ea:47:a2:bf:5b:40:63:36:c7:
6f:17:d0:97:ba:e2:4e:af:84:d3:49:bf:14:f2:96:81:93:22:
f8:a0:c8:a0:03:26:74:a8:d4:b8:7b:1d:52:b8:5b:12:bd:ab:
5b:20:2a:56:18:c3:cd:77:da:3c:20:62:18:06:2b:22:1b:7b:
c8:2f:14:4f:91:4f:d5:b6:df:bc:e5:c4:f6:67:01:e8:85:b1:
12:51:7a:df
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKK2HTWik+eaoICPR7JtRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjQwMTAyMTIzNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU4MGYzMmZhMjljM2I4ZDg3MjJmMjNmYmE0YWQ2NmE5MTBkZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq73EQHmcx56B3F38xp34ow1WddZI
MK15xB3LfZk37XtpiBBxWBczgSNtDS9vAs8bOJKvo8dtZw1vTsPuSZH1LA0SLBdt
czy8A/zUo9Fj9LNaBJ27sTJV1XfGfmWW9SVIwMEEGutIqq/AoFFJU30uznE5Pjpe
S+CzKcegpsIXb+txeOb1elRPeap7gj+o9/VP+GW3jVDlJSzbtU844UcIy+WDbPfu
3J5igtMbLsJEoo+O1xEYQeS1u0CcGpa7b5hxXhESAA3t6HiYzFrQXYrqAklCM5gL
jzaJNmM5gfAbJ00ECMBU6yR8m9OZQTOgZ758EFG9Q1A+FA7uJH5M74j6jwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGlYDzL6KcO42HIvI/ukrWapEN0hMB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvYVZnUE12b3B3N2pZY2k4ai02U3RacWtRM1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALV4FAwQA
LV4HMAwDBAAtnB0DBAUtnAAwDQYJKoZIhvcNAQELBQADggEBAFthiacRpzJPv2e1
cX4w1hEIvy5IQJ0NlXQk21UBmTmACyNXy7nJZ5z5j53QQAIzycF8uajfVh7weBD1
SPV/wHH1RAsa67Ie0rbiKn9p/g+bKz3EgnYLaIzkncIcA/rlCsVOYi7ZTEiIyqJm
qk7fphsKBlyevMe8rdoMACfWtIymL6Pyw7MHVhIGDaMCj4rbN6nNlz0Q1dqU8+He
d/2xkY8ByFeRSSmE/4wZRepHor9bQGM2x28X0Je64k6vhNNJvxTyloGTIvigyKAD
JnSo1Lh7HVK4WxK9q1sgKlYYw8132jwgYhgGKyIbe8gvFE+RT9W237zlxPZnAeiF
sRJRet8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:22:19 2025 by rpki-client