Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/C_xQXvjwHtD-Dm-ujW3mquFN1N4.roa
File: C_xQXvjwHtD-Dm-ujW3mquFN1N4.roa (raw, json)
Hash identifier: zsC24U1Txw/7lC6pxlnmaHRQKvkdW2kMa2u089R+05I=
Subject key identifier: 0B:FC:50:5E:F8:F0:1E:D0:FE:0E:6F:AE:8D:6D:E6:AA:E1:4D:D4:DE
Certificate issuer: /CN=ebf385ced090dbf1d044734e12a270ee6b841c96
Certificate serial: 018F29B4C16E673AE8CAB68A1783457243A5
Authority key identifier: EB:F3:85:CE:D0:90:DB:F1:D0:44:73:4E:12:A2:70:EE:6B:84:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_OFztCQ2_HQRHNOEqJw7muEHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/C_xQXvjwHtD-Dm-ujW3mquFN1N4.roa
Signing time: Mon 29 Apr 2024 11:54:22 +0000
ROA not before: Mon 29 Apr 2024 11:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.141.88.0/24 maxlen: 24
45.141.89.0/24 maxlen: 24
45.141.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:b4:c1:6e:67:3a:e8:ca:b6:8a:17:83:45:72:43:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf385ced090dbf1d044734e12a270ee6b841c96
Validity
Not Before: Apr 29 11:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bfc505ef8f01ed0fe0e6fae8d6de6aae14dd4de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:ac:c2:d8:70:e0:38:f9:57:c4:32:bf:59:
d0:e6:42:d8:c9:db:ec:75:e3:d2:96:ca:78:31:4e:
8a:f3:09:c5:fa:1d:03:d5:94:46:ea:ff:4d:49:5c:
2a:9e:d7:4e:68:7a:35:a6:dd:10:01:44:38:1e:34:
ae:03:b6:00:8f:7e:32:d1:0d:55:12:d6:79:f6:b5:
ca:61:85:c4:fe:c3:9a:a7:96:1d:b7:a0:af:70:5a:
ea:fc:54:11:f7:4c:ec:ea:ab:21:d5:a8:78:e3:4f:
54:b9:0f:82:c9:1f:41:5d:e8:cc:28:ce:ec:d4:43:
7e:88:89:ca:d0:9f:3e:d7:3d:55:21:3c:13:d0:f1:
0b:f5:a0:da:01:e6:b1:79:ee:a4:cb:fd:5d:07:bd:
20:63:87:b2:83:12:4d:c3:71:10:d7:7e:d7:f9:3d:
26:1d:c6:d2:dd:45:ed:4b:1c:f8:a8:0e:60:e2:30:
8e:31:ec:6d:6c:0e:5b:78:bd:10:e7:2f:45:04:3a:
7a:81:b6:14:53:64:09:a4:01:06:4d:d1:8f:75:3d:
37:d5:ba:57:6d:43:05:4a:24:58:bf:dd:94:05:dc:
2b:d6:f7:27:c2:cc:de:8b:ce:d2:8a:93:eb:6b:83:
62:f7:24:5d:84:62:a7:7d:16:a0:37:e0:af:d9:5d:
3f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FC:50:5E:F8:F0:1E:D0:FE:0E:6F:AE:8D:6D:E6:AA:E1:4D:D4:DE
X509v3 Authority Key Identifier:
keyid:EB:F3:85:CE:D0:90:DB:F1:D0:44:73:4E:12:A2:70:EE:6B:84:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_OFztCQ2_HQRHNOEqJw7muEHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/C_xQXvjwHtD-Dm-ujW3mquFN1N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/6_OFztCQ2_HQRHNOEqJw7muEHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.88.0-45.141.90.255
Signature Algorithm: sha256WithRSAEncryption
04:33:4e:0a:f6:8e:75:bf:25:d1:d2:4b:18:21:49:23:9d:49:
48:c1:36:d1:e9:63:4b:e4:21:d8:e3:bf:3b:59:54:92:29:bc:
0a:a4:bf:c1:bf:48:0f:3c:12:91:f0:19:22:4c:db:38:40:c8:
0e:e2:38:ed:b5:d1:9a:ad:d3:a7:68:7f:e5:b8:26:de:1c:de:
a4:f0:c2:25:4a:a1:6e:ae:0e:ad:c9:5a:e0:da:ee:07:e1:31:
01:8a:cc:7d:85:34:47:05:4e:8c:f3:f4:76:83:f3:9d:fd:ff:
7f:27:b7:55:fe:4f:c6:c2:14:cf:b2:21:ae:a5:1a:48:de:3f:
4f:f4:4a:76:3e:32:81:54:8e:be:ec:d2:4e:05:3a:37:b2:71:
97:fb:5f:01:0b:ca:9b:18:5f:25:25:0c:11:9e:18:6f:b2:6e:
ad:f0:83:7d:e5:bd:9d:0a:52:6f:c8:24:02:af:f2:d6:b9:db:
0e:6a:5a:f7:fe:82:d2:89:c6:b1:72:a9:0d:dd:74:a2:78:88:
94:b0:fa:8f:a0:7b:db:66:2a:37:a9:19:40:8c:33:ab:7c:f2:
ae:09:3c:91:66:80:72:e3:ac:79:b0:3e:f7:cf:f7:96:28:bd:
43:b9:32:36:1f:bd:07:0d:8f:86:ed:8d:a0:c9:73:20:4f:b2:
71:e8:bd:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8ptMFuZzroyraKF4NFckOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM4NWNlZDA5MGRiZjFkMDQ0NzM0ZTEyYTI3MGVlNmI4
NDFjOTYwHhcNMjQwNDI5MTE1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmZjNTA1ZWY4ZjAxZWQwZmUwZTZmYWU4ZDZkZTZhYWUxNGRkNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFuswthw4Dj5V8Qyv1nQ5kLYydvs
dePSlsp4MU6K8wnF+h0D1ZRG6v9NSVwqntdOaHo1pt0QAUQ4HjSuA7YAj34y0Q1V
EtZ59rXKYYXE/sOap5Ydt6CvcFrq/FQR90zs6qsh1ah4409UuQ+CyR9BXejMKM7s
1EN+iInK0J8+1z1VITwT0PEL9aDaAeaxee6ky/1dB70gY4eygxJNw3EQ137X+T0m
HcbS3UXtSxz4qA5g4jCOMextbA5beL0Q5y9FBDp6gbYUU2QJpAEGTdGPdT031bpX
bUMFSiRYv92UBdwr1vcnwszei87SipPra4Ni9yRdhGKnfRagN+Cv2V0/6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAv8UF748B7Q/g5vro1t5qrhTdTeMB8GA1UdIwQY
MBaAFOvzhc7QkNvx0ERzThKicO5rhByWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9PRnp0Q1EyX0hRUkhOT0VxSnc3bXVFSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xYTllMTQtN2ZiNC00ODliLTkwYmUt
NDY1ZDIyM2IyMzJlLzEvQ194UVh2andIdEQtRG0tdWpXM21xdUZOMU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xYTllMTQtN2ZiNC00ODliLTkwYmUtNDY1ZDIyM2IyMzJl
LzEvNl9PRnp0Q1EyX0hRUkhOT0VxSnc3bXVFSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMtjVgD
BAAtjVowDQYJKoZIhvcNAQELBQADggEBAAQzTgr2jnW/JdHSSxghSSOdSUjBNtHp
Y0vkIdjjvztZVJIpvAqkv8G/SA88EpHwGSJM2zhAyA7iOO210Zqt06dof+W4Jt4c
3qTwwiVKoW6uDq3JWuDa7gfhMQGKzH2FNEcFTozz9HaD8539/38nt1X+T8bCFM+y
Ia6lGkjeP0/0SnY+MoFUjr7s0k4FOjeycZf7XwELypsYXyUlDBGeGG+ybq3wg33l
vZ0KUm/IJAKv8ta52w5qWvf+gtKJxrFyqQ3ddKJ4iJSw+o+ge9tmKjepGUCMM6t8
8q4JPJFmgHLjrHmwPvfP95YovUO5MjYfvQcNj4btjaDJcyBPsnHovWM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:29 2025 by rpki-client