Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/a7-REkWI98ljujjCWw28jnpmEIA.roa
File: a7-REkWI98ljujjCWw28jnpmEIA.roa (raw, json)
Hash identifier: spFXVvqg8jD68Iwj7b9WelrmNkkKY8p8hxt1ntRySSs=
Subject key identifier: 6B:BF:91:12:45:88:F7:C9:63:BA:38:C2:5B:0D:BC:8E:7A:66:10:80
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBC7281C314443A9BEB5C88136D0ED
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/a7-REkWI98ljujjCWw28jnpmEIA.roa
Signing time: Wed 01 Jan 2025 17:48:33 +0000
ROA not before: Wed 01 Jan 2025 17:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215391
IP address blocks: 45.138.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 11:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c7:28:1c:31:44:43:a9:be:b5:c8:81:36:d0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bbf91124588f7c963ba38c25b0dbc8e7a661080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4b:54:32:72:02:cf:58:e6:fd:64:17:96:3b:
08:68:88:5c:5c:ea:18:7b:45:72:c6:81:d1:73:2b:
99:92:8b:7d:05:43:ce:50:aa:e7:22:11:fa:ff:2b:
dd:99:8b:41:a8:37:30:45:60:ae:59:3f:78:98:da:
91:9b:ba:a7:a1:9b:8a:bb:2a:de:b8:67:f7:5f:05:
37:85:aa:89:99:e5:5f:e9:a6:d6:db:ae:89:0a:c1:
fa:0e:3f:68:8c:e9:ff:36:d5:3e:96:d4:52:2e:f1:
bd:4b:99:6a:28:0e:b7:dc:f9:e7:5d:b9:80:1b:f9:
bf:e9:f3:35:e4:df:1d:4d:c1:7d:f1:e8:d1:da:de:
bb:3d:3d:60:7f:c6:dc:58:d3:a4:5c:51:b8:a4:71:
5e:c5:fe:0a:19:ed:ce:24:47:ee:e0:90:2f:6b:65:
80:d3:25:be:2d:25:6d:c9:10:bc:77:37:e8:22:03:
a6:f7:8c:8a:50:04:82:6f:cf:c3:10:d1:e7:5f:41:
24:ab:ac:5f:86:b5:5c:dd:3c:39:c4:69:98:81:7f:
88:13:99:2d:5a:15:0c:15:66:b9:60:ae:a8:50:76:
b0:ce:91:17:67:f4:61:78:a8:22:e1:63:40:bb:fe:
da:36:00:bc:58:94:e0:1b:a5:2c:39:fe:1f:81:c7:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BF:91:12:45:88:F7:C9:63:BA:38:C2:5B:0D:BC:8E:7A:66:10:80
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/a7-REkWI98ljujjCWw28jnpmEIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.180.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:7d:52:ea:3e:3c:f3:ab:83:2a:5c:ea:ac:eb:df:47:c2:0d:
c6:a1:e8:36:a0:fc:ca:70:b4:dd:92:e2:77:ae:06:be:2d:b0:
49:e8:da:78:19:6c:93:99:f1:9d:de:4f:fd:31:59:46:c1:b3:
be:34:6a:9f:99:70:ea:07:ec:bf:dd:43:e5:8e:ef:41:09:c3:
c8:d7:b8:a3:27:fc:00:21:2e:07:01:2d:04:82:85:49:3e:85:
5a:30:7e:c5:95:25:e2:88:14:d5:43:70:d0:8d:44:6e:90:ba:
f5:bd:78:6e:71:44:f1:28:06:53:97:71:d9:2c:f7:3f:4d:a8:
c2:ab:62:06:6c:ba:4b:45:ba:93:5d:c1:de:ff:87:c3:b4:36:
2f:20:4f:1b:f6:17:36:81:68:9b:8b:32:a8:24:83:13:34:92:
9e:d0:4a:df:b5:be:c8:bf:d9:be:c5:60:1a:3a:c9:b3:39:c4:
97:24:da:6e:69:70:8c:f8:20:d3:81:10:a9:c3:f8:16:ee:3c:
77:85:4c:2a:db:85:f8:97:55:25:41:24:8d:2f:b0:70:fe:ba:
30:9d:2a:97:3f:8c:96:6c:37:7a:e5:36:ce:a7:31:31:20:ef:
37:4a:38:b3:97:46:9f:41:ce:2f:14:db:0b:8f:d2:8c:13:d5:
dc:e8:23:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+8coHDFEQ6m+tciBNtDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJmOTExMjQ1ODhmN2M5NjNiYTM4YzI1YjBkYmM4ZTdhNjYxMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUtUMnICz1jm/WQXljsIaIhcXOoY
e0VyxoHRcyuZkot9BUPOUKrnIhH6/yvdmYtBqDcwRWCuWT94mNqRm7qnoZuKuyre
uGf3XwU3haqJmeVf6abW266JCsH6Dj9ojOn/NtU+ltRSLvG9S5lqKA633PnnXbmA
G/m/6fM15N8dTcF98ejR2t67PT1gf8bcWNOkXFG4pHFexf4KGe3OJEfu4JAva2WA
0yW+LSVtyRC8dzfoIgOm94yKUASCb8/DENHnX0Ekq6xfhrVc3Tw5xGmYgX+IE5kt
WhUMFWa5YK6oUHawzpEXZ/RheKgi4WNAu/7aNgC8WJTgG6UsOf4fgcdkCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu/kRJFiPfJY7o4wlsNvI56ZhCAMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYTctUkVrV0k5OGxqdWpqQ1d3MjhqbnBtRUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYq0MA0G
CSqGSIb3DQEBCwUAA4IBAQBLfVLqPjzzq4MqXOqs699Hwg3Goeg2oPzKcLTdkuJ3
rga+LbBJ6Np4GWyTmfGd3k/9MVlGwbO+NGqfmXDqB+y/3UPlju9BCcPI17ijJ/wA
IS4HAS0EgoVJPoVaMH7FlSXiiBTVQ3DQjURukLr1vXhucUTxKAZTl3HZLPc/TajC
q2IGbLpLRbqTXcHe/4fDtDYvIE8b9hc2gWibizKoJIMTNJKe0Erftb7Iv9m+xWAa
OsmzOcSXJNpuaXCM+CDTgRCpw/gW7jx3hUwq24X4l1UlQSSNL7Bw/rownSqXP4yW
bDd65TbOpzExIO83Sjizl0afQc4vFNsLj9KME9Xc6CMW
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:49:05 2025 by rpki-client