Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/KuOk4o1RB1x_i_Q5HgPQN_ZyXL8.roa
File: KuOk4o1RB1x_i_Q5HgPQN_ZyXL8.roa (raw, json)
Hash identifier: uDL1N4nur4xkexsISHT1DV7SBY8OLF/GxY74QaebPmI=
Subject key identifier: 2A:E3:A4:E2:8D:51:07:5C:7F:8B:F4:39:1E:03:D0:37:F6:72:5C:BF
Certificate issuer: /CN=ebf385ced090dbf1d044734e12a270ee6b841c96
Certificate serial: 018F29B4C22DBFC3BF7D91EB13269BD6BC4A
Authority key identifier: EB:F3:85:CE:D0:90:DB:F1:D0:44:73:4E:12:A2:70:EE:6B:84:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_OFztCQ2_HQRHNOEqJw7muEHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/KuOk4o1RB1x_i_Q5HgPQN_ZyXL8.roa
Signing time: Mon 29 Apr 2024 11:54:22 +0000
ROA not before: Mon 29 Apr 2024 11:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.141.88.0/24 maxlen: 24
45.141.89.0/24 maxlen: 24
45.141.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:b4:c2:2d:bf:c3:bf:7d:91:eb:13:26:9b:d6:bc:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf385ced090dbf1d044734e12a270ee6b841c96
Validity
Not Before: Apr 29 11:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ae3a4e28d51075c7f8bf4391e03d037f6725cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:42:c5:26:61:e8:e6:43:c3:81:77:94:15:ea:
42:47:fd:9e:6f:57:01:c1:81:54:67:ee:39:df:15:
20:e2:dc:0a:0d:dc:fa:c4:94:f2:7d:25:23:59:75:
87:33:68:54:7e:3b:d9:1e:22:ea:db:7e:d2:66:be:
5d:ab:68:d9:fd:78:c4:fd:40:0c:a1:06:5e:4d:bc:
ff:dc:af:80:ca:65:2f:d2:13:c6:ef:ac:65:c0:8f:
86:b4:59:6a:48:cc:62:42:be:7c:f7:fe:70:21:47:
2b:ee:0a:8b:57:74:6f:81:06:30:e2:e2:b3:b3:ac:
8c:26:9f:f3:bb:18:88:36:35:60:c7:c1:71:a0:c8:
4c:1a:cf:07:61:d5:54:9e:6b:89:ef:2e:7e:88:dc:
52:0e:fe:dc:a2:f8:af:cd:a3:06:56:f2:72:15:6f:
09:e7:e2:1c:d3:7f:28:08:12:be:6e:6f:37:66:11:
66:f5:91:ec:99:06:da:9f:c8:65:55:69:1f:73:a8:
20:88:45:d3:a5:af:bf:30:44:a2:78:58:a2:95:da:
87:81:e4:17:44:67:f7:ae:d9:68:71:3a:ee:4f:44:
e8:5b:80:9f:15:b9:16:b9:a2:17:4c:af:eb:d4:29:
51:0e:30:42:4c:a8:98:3e:ea:e6:50:83:87:3e:0a:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E3:A4:E2:8D:51:07:5C:7F:8B:F4:39:1E:03:D0:37:F6:72:5C:BF
X509v3 Authority Key Identifier:
keyid:EB:F3:85:CE:D0:90:DB:F1:D0:44:73:4E:12:A2:70:EE:6B:84:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_OFztCQ2_HQRHNOEqJw7muEHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/KuOk4o1RB1x_i_Q5HgPQN_ZyXL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1a9e14-7fb4-489b-90be-465d223b232e/1/6_OFztCQ2_HQRHNOEqJw7muEHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.88.0-45.141.90.255
Signature Algorithm: sha256WithRSAEncryption
00:b7:42:99:b6:d6:f8:cb:ca:71:cc:dd:6d:d6:76:f2:66:2b:
4c:be:b6:a6:45:dc:06:a0:47:65:ac:c9:ad:fb:7f:31:c3:9c:
63:ed:bb:2a:92:6b:0f:b6:67:f5:fa:ba:53:07:3a:53:11:94:
47:99:9c:2a:12:60:78:1c:fa:97:40:9f:3b:6f:d5:e1:78:4e:
ac:9d:44:a2:3b:e7:88:97:3e:ac:7b:44:62:b5:25:dc:f9:c3:
73:e1:8f:5d:68:97:fa:7c:d0:60:cd:a6:79:75:d7:c5:6d:08:
1c:c3:b5:41:91:32:4c:c9:2b:9a:93:ed:b9:8d:d5:03:e8:6f:
17:4b:06:d1:e7:cd:20:78:99:01:93:03:25:aa:e5:09:5d:2d:
5b:7a:51:2a:0b:76:72:97:21:73:93:56:5d:5c:e9:66:d4:fc:
55:8d:5a:cd:c3:7b:3c:d3:a6:38:bf:75:c4:6a:5a:c2:23:c6:
56:08:10:db:2c:67:1c:97:8a:ac:e9:44:c7:70:62:ff:d6:de:
34:91:88:b9:18:94:d3:d1:62:80:6d:43:5b:d6:97:fe:c2:6f:
f4:2d:80:4f:97:fe:59:fe:0e:a1:ba:65:fa:22:4c:2f:12:2c:
4d:3e:77:8c:c7:e3:44:c9:42:14:1f:49:98:a7:0f:e8:2e:94:
57:cb:11:9c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8ptMItv8O/fZHrEyab1rxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM4NWNlZDA5MGRiZjFkMDQ0NzM0ZTEyYTI3MGVlNmI4
NDFjOTYwHhcNMjQwNDI5MTE1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWUzYTRlMjhkNTEwNzVjN2Y4YmY0MzkxZTAzZDAzN2Y2NzI1Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkLFJmHo5kPDgXeUFepCR/2eb1cB
wYFUZ+453xUg4twKDdz6xJTyfSUjWXWHM2hUfjvZHiLq237SZr5dq2jZ/XjE/UAM
oQZeTbz/3K+AymUv0hPG76xlwI+GtFlqSMxiQr589/5wIUcr7gqLV3RvgQYw4uKz
s6yMJp/zuxiINjVgx8FxoMhMGs8HYdVUnmuJ7y5+iNxSDv7covivzaMGVvJyFW8J
5+Ic038oCBK+bm83ZhFm9ZHsmQban8hlVWkfc6ggiEXTpa+/MESieFiildqHgeQX
RGf3rtlocTruT0ToW4CfFbkWuaIXTK/r1ClRDjBCTKiYPurmUIOHPgqcLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCrjpOKNUQdcf4v0OR4D0Df2cly/MB8GA1UdIwQY
MBaAFOvzhc7QkNvx0ERzThKicO5rhByWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9PRnp0Q1EyX0hRUkhOT0VxSnc3bXVFSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xYTllMTQtN2ZiNC00ODliLTkwYmUt
NDY1ZDIyM2IyMzJlLzEvS3VPazRvMVJCMXhfaV9RNUhnUFFOX1p5WEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xYTllMTQtN2ZiNC00ODliLTkwYmUtNDY1ZDIyM2IyMzJl
LzEvNl9PRnp0Q1EyX0hRUkhOT0VxSnc3bXVFSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMtjVgD
BAAtjVowDQYJKoZIhvcNAQELBQADggEBAAC3Qpm21vjLynHM3W3WdvJmK0y+tqZF
3AagR2Wsya37fzHDnGPtuyqSaw+2Z/X6ulMHOlMRlEeZnCoSYHgc+pdAnztv1eF4
TqydRKI754iXPqx7RGK1Jdz5w3Phj11ol/p80GDNpnl118VtCBzDtUGRMkzJK5qT
7bmN1QPobxdLBtHnzSB4mQGTAyWq5QldLVt6USoLdnKXIXOTVl1c6WbU/FWNWs3D
ezzTpji/dcRqWsIjxlYIENssZxyXiqzpRMdwYv/W3jSRiLkYlNPRYoBtQ1vWl/7C
b/QtgE+X/ln+DqG6ZfoiTC8SLE0+d4zH40TJQhQfSZinD+gulFfLEZw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:31 2025 by rpki-client