Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kIDKM2REWNOkIcKZ0WC1UqLZgUQ.roa
File: kIDKM2REWNOkIcKZ0WC1UqLZgUQ.roa (raw, json)
Hash identifier: eJo6Ao3L5/Nt4FR1QABFYdkDHQgkjeGFxQ89RBP85ps=
Subject key identifier: 90:80:CA:33:64:44:58:D3:A4:21:C2:99:D1:60:B5:52:A2:D9:81:44
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206855EE758AAA088EEDC972E2A963EB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kIDKM2REWNOkIcKZ0WC1UqLZgUQ.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210546
IP address blocks: 147.45.198.0/24 maxlen: 24
147.45.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 19:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:55:ee:75:8a:aa:08:8e:ed:c9:72:e2:a9:63:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9080ca33644458d3a421c299d160b552a2d98144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:bc:d3:58:7b:c2:81:3f:69:4b:22:f3:92:
30:15:91:bf:a7:41:97:ef:12:24:90:7b:2a:28:fa:
c9:51:85:08:3e:c7:be:fc:40:30:0e:a7:2c:cf:77:
e5:45:79:e9:ff:68:dd:88:19:0d:e9:83:60:0c:5e:
a1:85:3f:7e:fa:55:c5:05:f7:48:ff:ad:fd:f6:d5:
30:ea:f7:d3:50:ec:58:09:d6:b4:da:78:13:4e:64:
2e:bd:5f:28:65:54:77:8f:1a:0d:a4:ac:2d:72:ce:
76:73:57:a4:cc:a3:11:11:aa:e2:f1:9e:00:aa:be:
da:1b:22:d9:94:2e:49:06:bd:3f:7c:1c:c4:f0:6e:
37:d2:0a:5f:e3:43:59:63:b9:c5:71:58:ac:ee:e4:
3d:01:02:8b:c1:3a:f4:f2:45:34:fd:a7:da:af:29:
06:06:0b:38:d1:95:0d:89:8e:74:f5:57:77:0a:1b:
38:d4:51:36:d6:35:b4:10:4a:49:35:c9:02:d0:0b:
b8:d0:35:5a:d2:2d:a4:c5:29:21:30:62:10:fc:ba:
2a:d0:7a:5f:5d:fa:30:cf:5c:3a:0e:dd:ee:52:89:
0e:ac:57:95:ea:03:1b:1b:d0:65:71:71:61:26:4e:
99:db:e5:5f:79:6a:02:43:03:c6:04:5f:94:a0:63:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:80:CA:33:64:44:58:D3:A4:21:C2:99:D1:60:B5:52:A2:D9:81:44
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kIDKM2REWNOkIcKZ0WC1UqLZgUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.198.0/23
Signature Algorithm: sha256WithRSAEncryption
27:9d:25:28:84:82:ba:46:27:1e:27:20:70:1d:58:c5:5b:2a:
89:4d:fd:2f:b3:78:94:16:92:a4:7b:25:4b:e8:c4:20:d3:2b:
35:d4:da:1a:6a:12:c4:94:c3:2b:d9:8d:b0:12:e4:a6:64:e6:
16:c4:e6:99:2f:6d:6c:e3:a7:16:bc:f1:8f:9f:2c:2b:f8:e1:
e5:58:86:d4:af:01:5f:19:63:cf:fe:41:95:f5:fe:86:84:14:
d7:9e:ae:29:2d:05:ac:79:0d:b6:cc:03:b8:4d:e6:a6:fe:f7:
9b:e3:c2:5c:fb:8f:76:04:1c:fc:36:47:00:f4:7f:48:03:ba:
11:0c:7b:c4:3e:e0:d3:e8:b5:8c:79:ed:c2:7f:fd:7f:ac:ef:
e0:8b:45:01:a9:78:55:6f:c6:d4:f8:0f:69:aa:2b:99:84:ee:
e1:f3:47:7c:ba:97:fa:30:a2:b0:a8:3d:4b:e5:25:97:2a:53:
92:70:d8:5e:da:c9:dc:41:d5:bb:6a:ee:7f:b3:cc:e1:79:9f:
97:23:b7:05:c3:6c:55:c9:e7:10:53:de:c5:48:8e:ad:4b:95:
73:4c:03:7c:a8:55:4a:76:b8:73:b0:ab:cf:de:72:36:5d:e5:
4d:32:fa:95:b9:25:d2:86:d0:dc:8f:1e:23:f0:b8:32:2e:28:
3a:ef:60:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaFXudYqqCI7tyXLiqWPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgwY2EzMzY0NDQ1OGQzYTQyMWMyOTlkMTYwYjU1MmEyZDk4MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqq801h7woE/aUsi85IwFZG/p0GX
7xIkkHsqKPrJUYUIPse+/EAwDqcsz3flRXnp/2jdiBkN6YNgDF6hhT9++lXFBfdI
/6399tUw6vfTUOxYCda02ngTTmQuvV8oZVR3jxoNpKwtcs52c1ekzKMREari8Z4A
qr7aGyLZlC5JBr0/fBzE8G430gpf40NZY7nFcVis7uQ9AQKLwTr08kU0/afarykG
Bgs40ZUNiY509Vd3Chs41FE21jW0EEpJNckC0Au40DVa0i2kxSkhMGIQ/Loq0Hpf
Xfowz1w6Dt3uUokOrFeV6gMbG9BlcXFhJk6Z2+VfeWoCQwPGBF+UoGMczQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCAyjNkRFjTpCHCmdFgtVKi2YFEMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEva0lES00yUkVXTk9rSWNLWjBXQzFVcUxaZ1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBky3GMA0G
CSqGSIb3DQEBCwUAA4IBAQAnnSUohIK6RiceJyBwHVjFWyqJTf0vs3iUFpKkeyVL
6MQg0ys11NoaahLElMMr2Y2wEuSmZOYWxOaZL21s46cWvPGPnywr+OHlWIbUrwFf
GWPP/kGV9f6GhBTXnq4pLQWseQ22zAO4Team/veb48Jc+492BBz8NkcA9H9IA7oR
DHvEPuDT6LWMee3Cf/1/rO/gi0UBqXhVb8bU+A9pqiuZhO7h80d8upf6MKKwqD1L
5SWXKlOScNhe2sncQdW7au5/s8zheZ+XI7cFw2xVyecQU97FSI6tS5VzTAN8qFVK
drhzsKvP3nI2XeVNMvqVuSXShtDcjx4j8LgyLig672AH
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:09:50 2025 by rpki-client