Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Etosmvk5KGtbL-t0j1106LMKuKk.roa
File: Etosmvk5KGtbL-t0j1106LMKuKk.roa (raw, json)
Hash identifier: 7jlcFJvBe6+YwKQ3LtjezYx2qlBvClTLeUDdk08RdPw=
Subject key identifier: 12:DA:2C:9A:F9:39:28:6B:5B:2F:EB:74:8F:5D:74:E8:B3:0A:B8:A9
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019420681150CC6E15214D23AB04CC3F9178
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Etosmvk5KGtbL-t0j1106LMKuKk.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213745
IP address blocks: 45.154.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:20:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:11:50:cc:6e:15:21:4d:23:ab:04:cc:3f:91:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12da2c9af939286b5b2feb748f5d74e8b30ab8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:4e:a1:d1:9a:12:42:23:96:75:79:e4:33:
af:9e:9d:ac:91:2c:b1:cf:99:13:ef:cd:3f:ef:37:
b8:e2:1b:79:56:60:f4:3f:58:a9:af:64:16:41:c6:
21:98:f4:2a:27:13:27:c6:2b:cd:69:61:2d:bd:dd:
7e:d5:02:6a:46:17:32:15:e1:f0:27:66:93:40:ac:
39:75:7a:da:0f:b2:c5:38:f1:f9:12:1b:3e:e8:35:
28:64:6c:61:fe:9b:0d:e8:6e:2b:b9:2e:08:9a:24:
5f:a7:6f:09:92:5f:e0:c0:59:24:5d:24:bf:0d:24:
e3:c7:da:a4:f9:b8:50:76:98:24:79:7c:cd:91:d6:
d7:97:96:ac:e4:1c:b8:11:53:93:6b:3d:e2:ba:5b:
10:39:8a:fd:a1:a5:5e:74:59:fc:f0:64:fb:24:a7:
4a:f3:30:30:8e:31:e8:1d:15:7b:90:5c:9e:0c:c6:
a9:f8:60:65:14:28:6d:58:ba:c1:a9:d9:b5:7e:de:
7a:bc:c0:b7:d2:77:c0:f0:f8:95:d0:ac:2e:6c:b1:
78:4f:7e:0e:c2:bd:95:cc:6f:92:8b:c5:de:d3:b0:
94:cd:d3:7d:83:4d:cc:a3:e4:42:89:62:44:a9:65:
31:7b:85:74:0e:b7:11:c6:34:26:4a:6c:66:d9:c7:
ee:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DA:2C:9A:F9:39:28:6B:5B:2F:EB:74:8F:5D:74:E8:B3:0A:B8:A9
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Etosmvk5KGtbL-t0j1106LMKuKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.239.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:88:e4:fe:26:dc:e8:34:f6:33:62:22:c3:35:80:5d:a9:56:
60:5b:26:95:89:f9:fd:54:80:d8:b4:09:74:94:ca:61:48:0c:
93:4a:cb:2d:3e:68:d3:cb:0b:ee:d3:50:83:b5:67:14:55:a8:
b3:7d:df:4a:48:c0:d7:d6:f4:fe:e5:27:23:bc:ae:a0:fb:40:
ec:78:54:98:58:02:71:4a:95:ce:23:0f:29:a2:7f:f2:ff:5c:
83:4f:26:6a:52:39:22:2c:fd:86:13:2c:d3:98:40:69:68:40:
12:a1:da:e7:a5:3b:cb:35:c3:c3:7f:c3:23:8f:48:b8:c9:17:
48:be:92:0e:a8:46:04:42:3d:7b:38:cd:f1:ce:34:29:b3:40:
ec:51:29:32:ae:90:d0:f4:eb:e5:d2:74:ef:d7:8a:60:e7:a0:
e0:33:24:2c:f0:66:73:ba:ec:23:1b:fc:a0:87:ca:11:4a:a3:
20:8b:c7:fa:94:f5:38:b7:f4:eb:2d:17:a2:29:9c:25:8f:cc:
b1:e1:75:0b:2c:e8:4a:dc:28:61:d7:1d:1e:d1:27:bf:87:b7:
f7:73:1c:cd:fb:ac:1c:65:ab:86:d5:da:36:ce:d9:f6:7b:16:
8e:c3:65:1e:12:16:af:b1:b3:09:54:07:53:79:5a:4c:30:68:
17:11:10:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBFQzG4VIU0jqwTMP5F4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmRhMmM5YWY5MzkyODZiNWIyZmViNzQ4ZjVkNzRlOGIzMGFiOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfZOodGaEkIjlnV55DOvnp2skSyx
z5kT780/7ze44ht5VmD0P1ipr2QWQcYhmPQqJxMnxivNaWEtvd1+1QJqRhcyFeHw
J2aTQKw5dXraD7LFOPH5Ehs+6DUoZGxh/psN6G4ruS4ImiRfp28Jkl/gwFkkXSS/
DSTjx9qk+bhQdpgkeXzNkdbXl5as5By4EVOTaz3iulsQOYr9oaVedFn88GT7JKdK
8zAwjjHoHRV7kFyeDMap+GBlFChtWLrBqdm1ft56vMC30nfA8PiV0KwubLF4T34O
wr2VzG+Si8Xe07CUzdN9g03Mo+RCiWJEqWUxe4V0DrcRxjQmSmxm2cfuAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBLaLJr5OShrWy/rdI9ddOizCripMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvRXRvc212azVLR3RiTC10MGoxMTA2TE1LdUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZrvMA0G
CSqGSIb3DQEBCwUAA4IBAQC4iOT+JtzoNPYzYiLDNYBdqVZgWyaVifn9VIDYtAl0
lMphSAyTSsstPmjTywvu01CDtWcUVaizfd9KSMDX1vT+5ScjvK6g+0DseFSYWAJx
SpXOIw8pon/y/1yDTyZqUjkiLP2GEyzTmEBpaEASodrnpTvLNcPDf8Mjj0i4yRdI
vpIOqEYEQj17OM3xzjQps0DsUSkyrpDQ9Ovl0nTv14pg56DgMyQs8GZzuuwjG/yg
h8oRSqMgi8f6lPU4t/TrLReiKZwlj8yx4XULLOhK3Chh1x0e0Se/h7f3cxzN+6wc
ZauG1do2ztn2exaOw2UeEhavsbMJVAdTeVpMMGgXERDN
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:16:55 2025 by rpki-client