Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/JT4fb7fnuNgSyoCGTbtT5cD47I4.roa
File: JT4fb7fnuNgSyoCGTbtT5cD47I4.roa (raw, json)
Hash identifier: OKUEKfmkrANC33DSSK+RYk9BvLdKzUrfuoRpjvBZ1rc=
Subject key identifier: 25:3E:1F:6F:B7:E7:B8:D8:12:CA:80:86:4D:BB:53:E5:C0:F8:EC:8E
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 018CC425122607B1D4E6856FC9A4FFE8FE88
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/JT4fb7fnuNgSyoCGTbtT5cD47I4.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.146.156.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:12:26:07:b1:d4:e6:85:6f:c9:a4:ff:e8:fe:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=253e1f6fb7e7b8d812ca80864dbb53e5c0f8ec8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:2f:6e:38:e5:c3:a1:c8:1e:2c:a5:4b:c2:
ec:6b:cf:3d:ae:2d:44:90:cf:92:c9:33:ff:7c:d7:
20:78:21:5a:b3:d0:3f:00:f7:53:fb:8f:23:ea:6d:
d6:d5:f8:1d:b7:7d:04:6c:af:8f:53:4f:7c:eb:8b:
02:9c:f2:c9:a8:3f:98:ee:48:f7:24:7d:d7:2a:a4:
4c:6e:bc:6a:a8:68:5a:f9:66:b4:ff:a8:9a:06:9f:
8a:71:a7:47:da:a2:48:bf:01:ec:d4:47:4d:2a:a8:
80:a2:1a:f4:21:9c:13:42:90:9c:00:37:7b:d7:8d:
c8:33:df:8f:70:8b:db:15:ef:70:30:fc:12:15:67:
12:27:bb:e6:ac:1e:c8:df:90:83:b4:b4:aa:46:12:
33:52:72:0a:4b:35:87:19:13:64:f3:06:6f:fa:6c:
05:ea:35:f3:a3:14:14:d3:ee:51:0a:86:ec:f7:48:
59:ac:87:99:43:1c:17:de:19:30:94:22:66:ce:ad:
9a:27:4e:11:36:1a:6c:03:61:59:e8:44:3c:00:b4:
2f:a0:fd:76:22:e0:8c:c4:ef:84:d8:08:e7:38:e4:
2f:06:93:a9:00:00:bb:bf:9b:d5:19:e0:8f:09:f8:
22:c1:9d:3d:56:24:5c:83:17:b3:e9:d8:39:1c:1b:
b3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3E:1F:6F:B7:E7:B8:D8:12:CA:80:86:4D:BB:53:E5:C0:F8:EC:8E
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/JT4fb7fnuNgSyoCGTbtT5cD47I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:3e:be:46:b4:c8:60:5f:ff:82:b0:a6:cb:3a:2c:0b:ab:9d:
92:1a:fb:fe:b8:47:b7:b0:ce:d3:d7:8b:59:6d:cd:44:b9:3c:
a1:d1:f5:ae:6f:8c:bd:ce:24:66:2c:4d:83:33:9e:01:9a:26:
00:9c:21:09:47:4c:f1:9c:9c:e2:d0:45:40:d9:df:ad:61:a6:
db:21:29:76:e0:fe:f3:9d:48:35:fa:3d:57:33:b7:30:82:88:
c9:b8:d2:89:62:82:fe:dc:b6:8f:0b:4f:bf:20:97:07:f4:a3:
e0:6b:91:8d:4d:df:8a:18:12:37:22:d0:e6:10:d5:3a:a7:4f:
80:d8:12:84:71:2a:4e:9a:bf:e6:8e:80:05:d6:22:77:ed:62:
02:af:38:13:82:b9:27:1a:27:95:10:40:b3:76:97:d5:a7:46:
28:b3:c0:70:56:da:ed:fd:9e:c8:0e:35:44:ce:15:ab:09:44:
83:73:75:af:cb:f1:1d:23:0c:7e:17:d6:dd:73:d2:35:72:c7:
ae:27:7c:3d:41:c8:49:67:8c:01:75:53:99:63:dc:96:09:07:
60:1c:83:00:92:72:17:57:fb:1c:ea:62:ed:47:93:92:32:13:
3c:72:39:c2:21:04:e9:f9:4c:59:ae:01:76:af:dd:b4:2a:5d:
b9:ad:f3:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJRImB7HU5oVvyaT/6P6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNlMWY2ZmI3ZTdiOGQ4MTJjYTgwODY0ZGJiNTNlNWMwZjhlYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSwvbjjlw6HIHiylS8Lsa889ri1E
kM+SyTP/fNcgeCFas9A/APdT+48j6m3W1fgdt30EbK+PU09864sCnPLJqD+Y7kj3
JH3XKqRMbrxqqGha+Wa0/6iaBp+KcadH2qJIvwHs1EdNKqiAohr0IZwTQpCcADd7
143IM9+PcIvbFe9wMPwSFWcSJ7vmrB7I35CDtLSqRhIzUnIKSzWHGRNk8wZv+mwF
6jXzoxQU0+5RCobs90hZrIeZQxwX3hkwlCJmzq2aJ04RNhpsA2FZ6EQ8ALQvoP12
IuCMxO+E2AjnOOQvBpOpAAC7v5vVGeCPCfgiwZ09ViRcgxez6dg5HBuzfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU+H2+357jYEsqAhk27U+XA+OyOMB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvSlQ0ZmI3Zm51TmdTeW9DR1RidFQ1Y0Q0N0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZKcMA0G
CSqGSIb3DQEBCwUAA4IBAQBKPr5GtMhgX/+CsKbLOiwLq52SGvv+uEe3sM7T14tZ
bc1EuTyh0fWub4y9ziRmLE2DM54BmiYAnCEJR0zxnJzi0EVA2d+tYabbISl24P7z
nUg1+j1XM7cwgojJuNKJYoL+3LaPC0+/IJcH9KPga5GNTd+KGBI3ItDmENU6p0+A
2BKEcSpOmr/mjoAF1iJ37WICrzgTgrknGieVEECzdpfVp0Yos8BwVtrt/Z7IDjVE
zhWrCUSDc3Wvy/EdIwx+F9bdc9I1cseuJ3w9QchJZ4wBdVOZY9yWCQdgHIMAknIX
V/sc6mLtR5OSMhM8cjnCIQTp+UxZrgF2r920Kl25rfPo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:15 2025 by rpki-client