Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/vKIQrg3gZxiIbH5ru79cianiZ5E.roa
File: vKIQrg3gZxiIbH5ru79cianiZ5E.roa (raw, json)
Hash identifier: WB06JmVfX/k0QP5kcMCajW9KDMDOEhZGTUSlvNGk89I=
Subject key identifier: BC:A2:10:AE:0D:E0:67:18:88:6C:7E:6B:BB:BF:5C:89:A9:E2:67:91
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F615642A55110278DA73EEA3FF73
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/vKIQrg3gZxiIbH5ru79cianiZ5E.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210122
IP address blocks: 45.8.176.0/24 maxlen: 24
45.142.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f6:15:64:2a:55:11:02:78:da:73:ee:a3:ff:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca210ae0de06718886c7e6bbbbf5c89a9e26791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:ec:63:e6:fd:c2:4d:23:9e:b9:d1:0e:14:
b3:6d:9a:b6:7d:ca:bf:a5:2c:c8:32:5c:4b:b6:68:
6f:df:04:9c:0b:c8:a1:16:f8:0a:3c:6f:8e:46:0d:
23:7a:91:da:dc:1a:30:ca:7a:53:82:a8:8f:0e:2d:
36:c0:cb:cd:39:f3:bb:44:20:11:ca:0e:38:30:36:
70:39:2b:f0:b8:f6:15:e0:55:53:e6:7c:3b:91:ad:
7b:b5:87:a9:9f:3f:b9:0e:c1:a3:f6:be:cf:a9:d0:
ef:a0:c4:6f:4d:08:2d:cd:1d:b6:d9:a9:8c:9c:75:
fb:45:f8:86:89:1f:bf:ad:36:40:97:f8:91:76:0f:
ca:d1:f3:c2:92:26:b9:32:52:b5:e7:9c:43:db:d2:
e0:33:c8:22:f9:58:91:d6:5c:8e:81:4b:b8:44:76:
44:30:9e:d0:b9:30:d3:34:fd:41:f1:bd:8d:c5:c7:
5b:9d:48:0e:4a:52:c5:28:f4:9c:3e:d8:ff:1b:01:
6d:e3:fd:89:f1:ea:69:a4:ae:b8:f2:83:1b:f4:14:
e6:88:30:78:26:4c:39:5b:8e:d2:95:ad:27:08:e2:
8b:cd:f5:8f:d3:8d:e1:44:dd:ef:27:56:f2:93:4b:
d6:66:eb:45:38:f0:0f:0c:81:f1:08:94:ca:3c:fe:
f8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A2:10:AE:0D:E0:67:18:88:6C:7E:6B:BB:BF:5C:89:A9:E2:67:91
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/vKIQrg3gZxiIbH5ru79cianiZ5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.176.0/24
45.142.0.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d6:79:4e:8e:6e:94:af:df:5c:52:00:ae:e8:13:78:d1:26:
c1:42:98:54:41:aa:52:77:37:6d:bf:c1:12:cb:2a:d4:f1:0e:
0b:37:de:e7:ec:a0:45:9b:74:c1:98:94:8c:0b:9d:8b:e0:4f:
14:09:c7:5b:2c:1b:b9:8e:88:29:06:47:46:44:59:2e:a6:d1:
a7:cc:e8:d6:18:f1:42:94:20:dd:97:27:63:52:b3:75:41:c8:
1c:24:47:6a:69:d8:9f:0d:9f:bf:b5:3b:72:cb:3c:e2:ef:a1:
2b:99:70:a6:9b:44:cd:38:ca:96:25:20:7c:1a:c1:88:8b:68:
f8:84:d3:48:9d:41:79:70:6d:09:49:7d:8f:4f:06:b7:1a:54:
e4:fe:e3:43:c7:e1:1c:c0:a6:b6:09:ec:e2:ad:03:ae:8c:6a:
02:18:e7:8f:29:2e:91:7e:56:e3:5b:05:78:fe:17:03:3d:97:
b2:33:db:73:20:ba:b8:69:ed:a7:02:b0:99:db:9b:f9:e5:43:
8d:92:1b:02:c9:5c:35:79:49:a9:fe:29:f5:5a:86:34:1e:51:
4c:ac:e0:74:08:c5:52:fb:67:45:8d:72:36:49:a1:b1:4a:34:
63:50:62:b2:12:ce:e3:d5:56:19:d7:40:4b:99:d5:68:a7:a9:
46:30:26:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtvYVZCpVEQJ42nPuo/9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EyMTBhZTBkZTA2NzE4ODg2YzdlNmJiYmJmNWM4OWE5ZTI2NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLLsY+b9wk0jnrnRDhSzbZq2fcq/
pSzIMlxLtmhv3wScC8ihFvgKPG+ORg0jepHa3BowynpTgqiPDi02wMvNOfO7RCAR
yg44MDZwOSvwuPYV4FVT5nw7ka17tYepnz+5DsGj9r7PqdDvoMRvTQgtzR222amM
nHX7RfiGiR+/rTZAl/iRdg/K0fPCkia5MlK155xD29LgM8gi+ViR1lyOgUu4RHZE
MJ7QuTDTNP1B8b2NxcdbnUgOSlLFKPScPtj/GwFt4/2J8epppK648oMb9BTmiDB4
Jkw5W47Sla0nCOKLzfWP043hRN3vJ1byk0vWZutFOPAPDIHxCJTKPP74UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLyiEK4N4GcYiGx+a7u/XImp4meRMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvdktJUXJnM2daeGlJYkg1cnU3OWNpYW5pWjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQiwAwQA
LY4AMA0GCSqGSIb3DQEBCwUAA4IBAQAX1nlOjm6Ur99cUgCu6BN40SbBQphUQapS
dzdtv8ESyyrU8Q4LN97n7KBFm3TBmJSMC52L4E8UCcdbLBu5jogpBkdGRFkuptGn
zOjWGPFClCDdlydjUrN1QcgcJEdqadifDZ+/tTtyyzzi76ErmXCmm0TNOMqWJSB8
GsGIi2j4hNNInUF5cG0JSX2PTwa3GlTk/uNDx+EcwKa2CezirQOujGoCGOePKS6R
flbjWwV4/hcDPZeyM9tzILq4ae2nArCZ25v55UONkhsCyVw1eUmp/in1WoY0HlFM
rOB0CMVS+2dFjXI2SaGxSjRjUGKyEs7j1VYZ10BLmdVop6lGMCau
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:06 2025 by rpki-client