Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/f2OeFvQR7fI4t0DMh5eGZfrfYtU.roa
File: f2OeFvQR7fI4t0DMh5eGZfrfYtU.roa (raw, json)
Hash identifier: eIRZ0/ncnntx8J1wwBMx9R6zuY49+RRqHCtVsrrvxqw=
Subject key identifier: 7F:63:9E:16:F4:11:ED:F2:38:B7:40:CC:87:97:86:65:FA:DF:62:D5
Certificate issuer: /CN=d39123880f427446d5ff07cef9633e86dc49198d
Certificate serial: 018CC3B71B48EA10C86CD9751CF3A9DF5A6F
Authority key identifier: D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/f2OeFvQR7fI4t0DMh5eGZfrfYtU.roa
Signing time: Mon 01 Jan 2024 06:30:06 +0000
ROA not before: Mon 01 Jan 2024 06:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210792
IP address blocks: 45.153.76.0/22 maxlen: 22
158.255.79.0/24 maxlen: 24
2a11:ba80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1b:48:ea:10:c8:6c:d9:75:1c:f3:a9:df:5a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39123880f427446d5ff07cef9633e86dc49198d
Validity
Not Before: Jan 1 06:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f639e16f411edf238b740cc87978665fadf62d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:66:20:e2:28:4d:8a:ff:3f:05:0f:f1:f5:4d:
3f:38:04:9e:b8:04:90:b8:b8:6a:a0:22:1a:cc:73:
8d:2c:49:4a:d5:82:34:f3:38:db:e3:be:25:5e:c0:
93:16:69:42:27:43:b2:3e:08:23:13:8e:db:51:be:
9e:cb:0e:cc:10:cc:ca:16:18:f6:36:fc:30:20:8e:
64:31:08:c0:d0:c9:5b:d2:8c:37:a5:f9:da:55:5c:
ad:f4:ed:10:81:54:ac:8e:88:60:4d:ee:36:65:59:
35:b4:50:9a:30:03:4a:34:e8:48:f0:15:da:06:c0:
c9:92:0c:1f:d5:c9:59:a6:ba:01:da:eb:63:a4:09:
56:25:d0:6c:c7:b1:2d:d7:f8:34:5e:f7:5d:8b:62:
88:04:1c:cc:2c:47:e8:d9:20:b4:d6:d0:9d:59:df:
06:35:cc:97:89:fb:c3:fe:62:a2:56:9b:c2:05:35:
fe:7e:a3:fd:ce:3d:b4:ae:3a:d5:2a:49:9f:61:06:
16:e0:82:15:d2:de:30:85:12:84:f3:c7:62:2c:b2:
6a:97:45:39:e1:41:c5:cd:ad:69:8f:b8:c0:dd:b1:
07:74:0b:b7:20:ab:0f:bb:4a:11:f2:d1:94:43:53:
8d:4e:21:b8:e7:ce:88:9c:6a:7f:10:16:26:29:df:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:63:9E:16:F4:11:ED:F2:38:B7:40:CC:87:97:86:65:FA:DF:62:D5
X509v3 Authority Key Identifier:
keyid:D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/f2OeFvQR7fI4t0DMh5eGZfrfYtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.76.0/22
158.255.79.0/24
IPv6:
2a11:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:cf:37:02:f1:37:db:59:ec:fe:19:ba:47:11:a4:5e:fd:37:
7a:00:e1:c0:0b:6b:77:6d:53:da:d2:5c:95:34:68:df:90:d5:
83:90:e4:85:f7:28:ec:86:0b:8a:2f:ab:a7:e6:a4:26:b7:d5:
75:b7:b8:c7:18:31:39:4b:aa:cf:db:e1:c8:be:a2:32:cb:81:
c4:80:78:7b:29:bc:01:7d:41:e9:3c:23:f9:4d:40:a7:f0:02:
a4:e4:43:4d:7b:0a:7d:39:81:7e:27:8d:77:d6:17:fd:b4:f2:
0b:f4:5d:a4:46:3c:2c:39:a9:4d:d7:8c:25:5a:4f:c0:f7:a1:
1c:fb:82:e1:25:42:98:e0:9d:43:9d:4e:eb:74:c2:ac:ba:27:
ed:1b:13:de:91:2e:e6:52:4a:2c:dd:1a:f8:43:5c:fe:14:8d:
78:6d:e4:49:cd:e5:18:ef:d4:28:d7:40:11:0a:29:32:2a:d9:
fe:e8:78:84:24:4d:89:fa:c3:1a:a1:b8:5d:8a:89:44:6e:f7:
a6:b3:21:09:87:09:62:9f:3a:02:24:c1:75:ce:ac:5d:8b:2a:
37:50:bd:ce:d9:3a:6d:ed:bb:0a:62:8c:11:b6:da:96:30:11:
cd:9b:49:13:71:64:cb:b3:73:fc:a6:99:75:31:4e:5d:b7:77:
cf:7e:dc:6f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtxtI6hDIbNl1HPOp31pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTEyMzg4MGY0Mjc0NDZkNWZmMDdjZWY5NjMzZTg2ZGM0
OTE5OGQwHhcNMjQwMTAxMDYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjYzOWUxNmY0MTFlZGYyMzhiNzQwY2M4Nzk3ODY2NWZhZGY2MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmYg4ihNiv8/BQ/x9U0/OASeuASQ
uLhqoCIazHONLElK1YI08zjb474lXsCTFmlCJ0OyPggjE47bUb6eyw7MEMzKFhj2
NvwwII5kMQjA0Mlb0ow3pfnaVVyt9O0QgVSsjohgTe42ZVk1tFCaMANKNOhI8BXa
BsDJkgwf1clZproB2utjpAlWJdBsx7Et1/g0Xvddi2KIBBzMLEfo2SC01tCdWd8G
NcyXifvD/mKiVpvCBTX+fqP9zj20rjrVKkmfYQYW4IIV0t4whRKE88diLLJql0U5
4UHFza1pj7jA3bEHdAu3IKsPu0oR8tGUQ1ONTiG4586InGp/EBYmKd91CwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH9jnhb0Ee3yOLdAzIeXhmX632LVMB8GA1UdIwQY
MBaAFNORI4gPQnRG1f8HzvljPobcSRmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQt
Y2NhMGFkMjY4NWNhLzEvZjJPZUZ2UVI3Zkk0dDBETWg1ZUdaZnJmWXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQtY2NhMGFkMjY4NWNh
LzEvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZlMAwQA
nv9PMA0EAgACMAcDBQMqEbqAMA0GCSqGSIb3DQEBCwUAA4IBAQAtzzcC8TfbWez+
GbpHEaRe/Td6AOHAC2t3bVPa0lyVNGjfkNWDkOSF9yjshguKL6un5qQmt9V1t7jH
GDE5S6rP2+HIvqIyy4HEgHh7KbwBfUHpPCP5TUCn8AKk5ENNewp9OYF+J4131hf9
tPIL9F2kRjwsOalN14wlWk/A96Ec+4LhJUKY4J1DnU7rdMKsuiftGxPekS7mUkos
3Rr4Q1z+FI14beRJzeUY79Qo10ARCikyKtn+6HiEJE2J+sMaobhdiolEbvemsyEJ
hwlinzoCJMF1zqxdiyo3UL3O2Tpt7bsKYowRttqWMBHNm0kTcWTLs3P8ppl1MU5d
t3fPftxv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:05 2025 by rpki-client