Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z-UoOPuA3U-6ZbvAIW5U92lH8zo.roa
File: Z-UoOPuA3U-6ZbvAIW5U92lH8zo.roa (raw, json)
Hash identifier: 60oPtgo+X4jm2MxfBpDKFssh0LbDqJhZ201DeXkzkHw=
Subject key identifier: 67:E5:28:38:FB:80:DD:4F:BA:65:BB:C0:21:6E:54:F7:69:47:F3:3A
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019151B7B62BF282615C0DD13C9566ABE361
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z-UoOPuA3U-6ZbvAIW5U92lH8zo.roa
Signing time: Wed 14 Aug 2024 16:27:59 +0000
ROA not before: Wed 14 Aug 2024 16:27:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209594
IP address blocks: 45.90.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:51:b7:b6:2b:f2:82:61:5c:0d:d1:3c:95:66:ab:e3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Aug 14 16:27:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e52838fb80dd4fba65bbc0216e54f76947f33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:0d:34:15:17:07:c8:f4:f2:f6:da:c1:36:
48:bc:d9:97:86:6d:56:c1:4f:d1:c9:da:2e:5e:05:
f9:0c:3d:c0:15:2a:f4:24:74:d8:59:46:76:f4:6c:
ea:8f:bb:2a:a4:b0:f5:98:09:57:54:1f:21:d2:a1:
6a:93:69:38:6c:57:e3:bf:50:75:8d:54:6c:30:54:
57:57:20:39:9a:d4:42:30:96:66:f0:40:a5:b5:e8:
db:65:09:55:d0:a1:af:29:3c:6b:2d:c3:4f:e7:8b:
f7:76:0a:0e:1e:fe:59:b8:c1:fc:63:70:de:03:b8:
51:f9:8c:c9:16:82:76:c7:f4:2e:17:fe:c3:33:0d:
8c:05:11:96:17:25:88:96:38:c6:ca:5c:c8:76:02:
1f:a9:81:d4:f1:b2:61:d1:0e:6d:5b:36:8b:8e:f9:
2d:32:66:c0:5a:7e:07:5d:36:71:5c:f5:bc:4b:60:
bd:9e:93:04:69:68:e7:3c:c3:58:e4:63:53:1c:bf:
b9:59:ad:84:be:e9:5b:e1:16:81:08:05:15:f5:95:
1b:ba:b6:46:b0:1e:b3:d4:13:fb:de:64:f1:a0:b2:
12:03:5d:d2:7c:ce:c7:11:a6:17:f1:b2:10:f2:ad:
a1:1a:58:fb:0a:1a:3b:4c:94:21:ab:46:93:7e:65:
ec:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E5:28:38:FB:80:DD:4F:BA:65:BB:C0:21:6E:54:F7:69:47:F3:3A
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z-UoOPuA3U-6ZbvAIW5U92lH8zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:8f:2e:9e:16:01:59:a5:91:50:5e:96:14:44:72:b9:76:6f:
70:d9:e8:66:d6:ac:27:93:95:99:75:82:c5:7f:0d:ae:57:3f:
a0:e2:52:2a:58:a3:58:b0:1a:61:a8:0c:95:52:61:5b:71:50:
e1:ef:34:79:e6:ab:f6:38:95:4b:27:92:07:05:77:9f:1b:70:
20:1e:bd:ce:7b:b2:7b:f4:15:28:60:04:50:00:7d:94:94:04:
8d:86:c6:8a:db:0a:77:94:f8:28:6b:2d:10:4e:7d:59:1b:db:
61:6e:c4:a0:e5:95:31:bb:fb:24:cc:0f:c6:4c:ef:cb:98:b4:
b9:6d:8f:81:57:72:20:ac:79:d2:7b:d3:64:02:c1:99:b0:9e:
a0:de:c4:64:86:d9:8f:72:a0:d3:f4:bd:0f:e4:eb:94:29:cc:
a0:b1:ef:ef:9e:22:09:e3:77:18:b9:6b:a1:fa:ca:63:b5:e5:
22:fd:85:42:55:fb:87:41:2a:ab:85:a8:a1:b5:5e:a5:47:d2:
01:4c:93:ce:05:07:3d:8d:ec:f2:fc:19:64:05:5e:7a:23:88:
c1:fe:4f:cb:19:62:ad:49:8f:4d:10:5a:07:26:c3:81:38:5e:
7e:db:b3:35:ba:54:f1:31:ec:e0:52:8c:27:31:02:bd:93:d1:
7d:d9:3d:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFRt7Yr8oJhXA3RPJVmq+NhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwODE0MTYyNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U1MjgzOGZiODBkZDRmYmE2NWJiYzAyMTZlNTRmNzY5NDdmMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuENNBUXB8j08vbawTZIvNmXhm1W
wU/RydouXgX5DD3AFSr0JHTYWUZ29Gzqj7sqpLD1mAlXVB8h0qFqk2k4bFfjv1B1
jVRsMFRXVyA5mtRCMJZm8ECltejbZQlV0KGvKTxrLcNP54v3dgoOHv5ZuMH8Y3De
A7hR+YzJFoJ2x/QuF/7DMw2MBRGWFyWIljjGylzIdgIfqYHU8bJh0Q5tWzaLjvkt
MmbAWn4HXTZxXPW8S2C9npMEaWjnPMNY5GNTHL+5Wa2Evulb4RaBCAUV9ZUburZG
sB6z1BP73mTxoLISA13SfM7HEaYX8bIQ8q2hGlj7Cho7TJQhq0aTfmXsDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGflKDj7gN1PumW7wCFuVPdpR/M6MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWi1Vb09QdUEzVS02WmJ2QUlXNVU5MmxIOHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVqSMA0G
CSqGSIb3DQEBCwUAA4IBAQA7jy6eFgFZpZFQXpYURHK5dm9w2ehm1qwnk5WZdYLF
fw2uVz+g4lIqWKNYsBphqAyVUmFbcVDh7zR55qv2OJVLJ5IHBXefG3AgHr3Oe7J7
9BUoYARQAH2UlASNhsaK2wp3lPgoay0QTn1ZG9thbsSg5ZUxu/skzA/GTO/LmLS5
bY+BV3IgrHnSe9NkAsGZsJ6g3sRkhtmPcqDT9L0P5OuUKcygse/vniIJ43cYuWuh
+spjteUi/YVCVfuHQSqrhaihtV6lR9IBTJPOBQc9jezy/BlkBV56I4jB/k/LGWKt
SY9NEFoHJsOBOF5+27M1ulTxMezgUownMQK9k9F92T06
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:46 2025 by rpki-client