Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/r7b3Py8ZDV-M-wonSVrbg38R3Pk.roa
File: r7b3Py8ZDV-M-wonSVrbg38R3Pk.roa (raw, json)
Hash identifier: gNi/BPGwheqGTZY8K8gS0NCtOvOlLbL8FAjbBxPWvaE=
Subject key identifier: AF:B6:F7:3F:2F:19:0D:5F:8C:FB:0A:27:49:5A:DB:83:7F:11:DC:F9
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 018CC5015673E9B3E5546640A0081C83F2AA
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/r7b3Py8ZDV-M-wonSVrbg38R3Pk.roa
Signing time: Mon 01 Jan 2024 12:30:48 +0000
ROA not before: Mon 01 Jan 2024 12:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41683
IP address blocks: 45.158.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 10:56:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:56:73:e9:b3:e5:54:66:40:a0:08:1c:83:f2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 1 12:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afb6f73f2f190d5f8cfb0a27495adb837f11dcf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b2:43:f6:9b:82:e1:e4:4c:e7:15:b5:38:2c:
a6:e3:c1:ad:94:53:cb:7b:b5:0a:cd:db:1f:b5:aa:
1f:d1:35:cd:a9:3c:71:cb:96:df:c6:2c:bf:64:5a:
50:38:0c:59:55:6b:35:c9:cd:86:8b:6d:7d:cb:3c:
f5:3d:1e:f3:a7:79:22:80:15:48:f1:28:0a:23:29:
eb:a1:ab:dc:f8:37:20:8d:d3:7c:48:8c:84:91:93:
0a:61:4c:34:16:e5:20:11:19:09:76:d5:4e:f7:9b:
86:c3:21:a6:87:87:ab:f4:46:62:8e:6a:f3:ed:20:
a7:68:59:23:6a:e8:b1:94:f6:24:9c:3a:34:bf:5f:
2e:2d:4d:d2:77:3b:49:db:2c:b4:ef:4f:ad:85:68:
30:0a:32:4a:9b:a9:c4:28:65:18:00:d2:74:fe:38:
0d:ba:50:fe:8a:95:c0:db:41:57:21:a8:80:48:3f:
b5:c4:be:a0:65:54:ce:aa:da:f7:f8:1b:a2:13:36:
9e:00:13:22:f0:99:c5:7b:e1:e0:b7:5e:bc:82:75:
d0:f2:30:78:f8:05:ad:2f:57:7f:0c:ef:4b:85:ae:
a6:9c:68:c7:ca:5d:47:a2:a8:f5:3c:57:1a:3b:42:
17:7f:be:6f:91:35:b1:96:24:d1:e2:56:23:48:36:
bc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B6:F7:3F:2F:19:0D:5F:8C:FB:0A:27:49:5A:DB:83:7F:11:DC:F9
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/r7b3Py8ZDV-M-wonSVrbg38R3Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.13.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:40:ba:f7:98:21:11:01:31:ec:56:ba:6e:41:8a:02:7b:43:
c8:36:e3:8f:bb:03:81:cd:d8:1c:36:72:c2:69:cd:ba:54:d1:
08:8c:a5:19:91:0e:a1:83:db:cc:30:f2:79:db:54:40:e9:f3:
d4:3c:0b:c6:96:bc:95:45:6b:31:a9:1d:4a:9a:d3:04:15:77:
32:ab:0e:70:02:72:f9:73:9c:33:8f:e6:b9:6b:e5:f3:50:8a:
32:8d:21:43:2f:30:0b:39:12:7f:39:19:46:38:e1:1a:2f:49:
bc:e1:64:69:12:26:49:44:b9:e4:02:92:80:f9:f4:9e:df:d7:
75:84:fc:6d:0f:0a:5e:33:14:89:aa:9f:a0:6a:a4:41:e2:83:
79:fa:09:58:f7:76:d1:3e:55:75:6d:56:f5:87:49:9f:de:73:
3e:a8:13:87:25:8a:20:e2:46:23:b2:35:80:40:37:b2:8d:fa:
d6:91:40:d8:ce:95:47:d6:ea:65:12:3f:8a:22:b4:53:fd:22:
b1:e4:2f:cc:d7:83:6c:37:46:cc:98:02:03:fd:3a:56:80:ae:
68:f1:35:33:2f:ab:ee:fe:46:09:a9:24:1b:c7:09:a7:0d:48:
eb:b6:60:b1:c3:26:2e:ff:91:fa:a3:8a:8e:b6:d0:b4:04:e2:
03:3b:51:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAVZz6bPlVGZAoAgcg/KqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjQwMTAxMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI2ZjczZjJmMTkwZDVmOGNmYjBhMjc0OTVhZGI4MzdmMTFkY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrJD9puC4eRM5xW1OCym48GtlFPL
e7UKzdsftaof0TXNqTxxy5bfxiy/ZFpQOAxZVWs1yc2Gi219yzz1PR7zp3kigBVI
8SgKIynroavc+DcgjdN8SIyEkZMKYUw0FuUgERkJdtVO95uGwyGmh4er9EZijmrz
7SCnaFkjauixlPYknDo0v18uLU3SdztJ2yy070+thWgwCjJKm6nEKGUYANJ0/jgN
ulD+ipXA20FXIaiASD+1xL6gZVTOqtr3+BuiEzaeABMi8JnFe+Hgt168gnXQ8jB4
+AWtL1d/DO9Lha6mnGjHyl1Hoqj1PFcaO0IXf75vkTWxliTR4lYjSDa8WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+29z8vGQ1fjPsKJ0la24N/Edz5MB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvcjdiM1B5OFpEVi1NLXdvblNWcmJnMzhSM1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4NMA0G
CSqGSIb3DQEBCwUAA4IBAQC6QLr3mCERATHsVrpuQYoCe0PINuOPuwOBzdgcNnLC
ac26VNEIjKUZkQ6hg9vMMPJ521RA6fPUPAvGlryVRWsxqR1KmtMEFXcyqw5wAnL5
c5wzj+a5a+XzUIoyjSFDLzALORJ/ORlGOOEaL0m84WRpEiZJRLnkApKA+fSe39d1
hPxtDwpeMxSJqp+gaqRB4oN5+glY93bRPlV1bVb1h0mf3nM+qBOHJYog4kYjsjWA
QDeyjfrWkUDYzpVH1uplEj+KIrRT/SKx5C/M14NsN0bMmAID/TpWgK5o8TUzL6vu
/kYJqSQbxwmnDUjrtmCxwyYu/5H6o4qOttC0BOIDO1Hj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:08 2025 by rpki-client