Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/c_iyGXSPf8q2doyW4EbkqC9HyuA.roa
File: c_iyGXSPf8q2doyW4EbkqC9HyuA.roa (raw, json)
Hash identifier: t9/LEVx8ttglIJnKnjVN+ErF2zY8lqAQc1Nrf6zcnFA=
Subject key identifier: 73:F8:B2:19:74:8F:7F:CA:B6:76:8C:96:E0:46:E4:A8:2F:47:CA:E0
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 019247BAAB709848837F82D76091383BA651
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/c_iyGXSPf8q2doyW4EbkqC9HyuA.roa
Signing time: Tue 01 Oct 2024 10:57:48 +0000
ROA not before: Tue 01 Oct 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58612
IP address blocks: 45.142.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:ba:ab:70:98:48:83:7f:82:d7:60:91:38:3b:a6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Oct 1 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73f8b219748f7fcab6768c96e046e4a82f47cae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:27:c8:1f:9c:9a:6a:e6:b9:55:db:34:a7:73:
35:05:10:91:8f:5e:d4:37:61:ec:a3:a3:7a:20:6c:
de:a3:a9:7f:c9:11:18:d6:d0:f7:b5:3d:ec:21:5c:
a5:a0:e9:58:f2:b1:cb:dd:f1:21:82:63:1f:d0:ee:
18:1c:b5:28:c7:e0:55:0f:4a:50:1f:d9:ba:4b:2a:
c8:ab:16:53:8f:67:17:fa:df:e6:f5:b5:33:cb:21:
22:7d:84:9a:27:b8:0c:e2:e3:38:76:58:45:7e:6b:
f6:66:53:7a:42:53:94:02:c5:e2:9e:8b:b8:5a:a4:
55:1a:ff:6d:4b:54:c2:b3:06:aa:82:b5:ad:f5:b4:
a8:e7:1a:9c:9e:a5:c1:61:3f:38:84:87:ad:79:54:
82:77:cb:02:85:5d:1f:10:07:e8:11:86:44:b5:e0:
da:6a:01:ba:1c:bf:39:4f:6c:02:a1:b1:e1:da:70:
6f:3d:90:eb:d4:47:53:2c:ce:6f:2d:78:9d:f6:fe:
5a:5e:5f:86:9e:e8:56:1e:3b:e0:6d:95:a0:53:24:
a3:b0:b3:7c:c0:70:91:45:58:ad:35:02:e7:9d:6f:
72:73:bb:ac:32:70:02:f5:94:d3:91:e3:a1:6e:6b:
68:a5:8b:13:58:e0:a4:76:f2:f6:21:85:e2:1c:a0:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F8:B2:19:74:8F:7F:CA:B6:76:8C:96:E0:46:E4:A8:2F:47:CA:E0
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/c_iyGXSPf8q2doyW4EbkqC9HyuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:fa:62:07:84:bc:84:02:86:60:e9:0c:31:11:11:3f:92:38:
b3:5b:9a:77:9d:74:c9:28:fb:c6:ad:26:68:d8:cd:9b:97:bc:
87:49:fc:af:9d:58:d6:1b:a0:72:86:44:d2:25:69:65:ef:77:
7b:37:05:7b:72:3d:a8:ee:66:df:8d:c2:1d:75:59:af:cf:1f:
42:00:69:f8:a7:22:10:47:10:58:5c:dc:ad:9f:31:d5:d6:cd:
c9:2c:00:48:95:c3:75:f6:e5:45:77:f3:a4:d1:28:33:6a:fc:
87:ad:6c:d6:26:14:9e:0f:a1:76:72:2e:e3:6d:b9:1f:99:15:
0a:4c:41:db:4d:08:6c:38:10:6d:f6:5d:98:da:0e:43:47:3d:
f0:05:07:0f:6a:dc:f2:ef:6e:f0:bd:ab:24:71:da:89:f8:80:
fb:78:89:6d:36:63:02:b8:b0:61:4f:d9:cb:d2:5b:4e:31:2a:
0c:0a:15:13:0d:b9:d0:36:9b:0c:01:53:61:a7:fc:d2:a0:ff:
11:00:90:c8:b1:0f:8d:ff:07:e6:86:8e:97:7c:6c:b8:26:11:
06:be:31:d7:ab:28:fd:1d:fd:3c:67:16:83:d7:4a:97:fe:cb:
6a:59:8c:a7:c4:d1:0c:86:a7:ac:35:b1:1b:05:86:46:c7:6e:
e3:0b:ff:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJHuqtwmEiDf4LXYJE4O6ZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQxMDAxMTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y4YjIxOTc0OGY3ZmNhYjY3NjhjOTZlMDQ2ZTRhODJmNDdjYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSfIH5yaaua5Vds0p3M1BRCRj17U
N2Hso6N6IGzeo6l/yREY1tD3tT3sIVyloOlY8rHL3fEhgmMf0O4YHLUox+BVD0pQ
H9m6SyrIqxZTj2cX+t/m9bUzyyEifYSaJ7gM4uM4dlhFfmv2ZlN6QlOUAsXinou4
WqRVGv9tS1TCswaqgrWt9bSo5xqcnqXBYT84hIeteVSCd8sChV0fEAfoEYZEteDa
agG6HL85T2wCobHh2nBvPZDr1EdTLM5vLXid9v5aXl+GnuhWHjvgbZWgUySjsLN8
wHCRRVitNQLnnW9yc7usMnAC9ZTTkeOhbmtopYsTWOCkdvL2IYXiHKB/4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHP4shl0j3/KtnaMluBG5KgvR8rgMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvY19peUdYU1BmOHEyZG95VzRFYmtxQzlIeXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4BMA0G
CSqGSIb3DQEBCwUAA4IBAQCL+mIHhLyEAoZg6QwxERE/kjizW5p3nXTJKPvGrSZo
2M2bl7yHSfyvnVjWG6ByhkTSJWll73d7NwV7cj2o7mbfjcIddVmvzx9CAGn4pyIQ
RxBYXNytnzHV1s3JLABIlcN19uVFd/Ok0SgzavyHrWzWJhSeD6F2ci7jbbkfmRUK
TEHbTQhsOBBt9l2Y2g5DRz3wBQcPatzy727wvaskcdqJ+ID7eIltNmMCuLBhT9nL
0ltOMSoMChUTDbnQNpsMAVNhp/zSoP8RAJDIsQ+N/wfmho6XfGy4JhEGvjHXqyj9
Hf08ZxaD10qX/stqWYynxNEMhqesNbEbBYZGx27jC//0
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:27 2025 by rpki-client