Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d45f11-67c2-47a5-996c-891eb548b891/1/cbTcKreGfkHMTpStn69A8-Bbuww.roa
File: cbTcKreGfkHMTpStn69A8-Bbuww.roa (raw, json)
Hash identifier: o/KDdTNu/RfywgrfDPX4/OLlCa8nOdOtU0b2HqNGNYM=
Subject key identifier: 71:B4:DC:2A:B7:86:7E:41:CC:4E:94:AD:9F:AF:40:F3:E0:5B:BB:0C
Certificate issuer: /CN=9cf608ffadf600081ee922298e4b2ae96aff48e8
Certificate serial: 018CC80116A5CE4A49C6C2D0A49F511998E2
Authority key identifier: 9C:F6:08:FF:AD:F6:00:08:1E:E9:22:29:8E:4B:2A:E9:6A:FF:48:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPYI_632AAge6SIpjksq6Wr_SOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d45f11-67c2-47a5-996c-891eb548b891/1/cbTcKreGfkHMTpStn69A8-Bbuww.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208526
IP address blocks: 45.131.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:16:a5:ce:4a:49:c6:c2:d0:a4:9f:51:19:98:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cf608ffadf600081ee922298e4b2ae96aff48e8
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b4dc2ab7867e41cc4e94ad9faf40f3e05bbb0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:e5:33:12:b6:1e:21:d3:92:99:0c:1a:c7:
c7:5a:63:d2:7c:fd:9e:16:fe:2d:07:ca:f1:f1:a1:
68:b9:94:5a:d9:a1:a3:5a:38:ef:6a:da:c3:15:8d:
93:54:d1:3e:59:2f:07:ad:7e:5b:cc:05:c5:7a:42:
85:bc:e6:29:8c:57:f4:b5:a6:f4:2c:46:6d:07:69:
bf:d4:0b:1b:93:fe:df:7c:f1:05:06:42:6b:6f:c7:
bf:e1:f5:ca:8c:13:db:16:fc:f3:a5:b4:c8:f1:ee:
9a:30:4b:19:7e:9a:f4:55:f1:95:29:94:e9:18:ba:
56:e2:d3:b6:42:24:83:50:c8:79:8d:68:ab:d6:77:
d2:1c:16:b1:a4:e1:0b:d9:47:c8:b0:0b:ae:f9:eb:
06:1a:50:50:52:83:7e:1e:07:fb:56:56:f5:bc:26:
08:0b:40:e7:0e:40:b7:3c:90:c4:7c:af:46:8f:15:
ef:90:7a:2e:a6:c9:47:e7:6e:05:5c:90:d4:b1:1b:
9d:bc:ec:25:09:bd:08:ce:d6:0a:ed:c2:a3:f0:cf:
d6:77:e3:b3:52:0e:b1:80:02:1b:42:01:7d:91:38:
37:88:ce:b5:4a:e9:c6:85:8c:a3:27:b7:8f:da:83:
0c:e5:0b:19:e4:b6:d9:3f:80:fb:20:20:25:46:65:
43:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B4:DC:2A:B7:86:7E:41:CC:4E:94:AD:9F:AF:40:F3:E0:5B:BB:0C
X509v3 Authority Key Identifier:
keyid:9C:F6:08:FF:AD:F6:00:08:1E:E9:22:29:8E:4B:2A:E9:6A:FF:48:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPYI_632AAge6SIpjksq6Wr_SOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d45f11-67c2-47a5-996c-891eb548b891/1/cbTcKreGfkHMTpStn69A8-Bbuww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d45f11-67c2-47a5-996c-891eb548b891/1/nPYI_632AAge6SIpjksq6Wr_SOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.124.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:f3:17:6c:19:ab:21:ba:2b:c8:b6:f2:c5:21:08:5f:8a:5e:
62:5b:c5:90:b0:18:9d:64:f7:a9:89:6f:14:89:98:06:6b:b7:
2b:90:da:19:fc:7b:7f:bc:f4:33:03:d5:52:e1:6e:96:26:a6:
2d:28:19:7d:6d:d1:42:a2:8f:80:a7:6e:8a:20:88:4f:ef:7a:
68:bf:8e:44:6c:99:01:78:d2:83:3d:9f:b8:72:3f:2d:50:36:
92:8a:72:40:3c:d4:50:04:f7:b6:e2:0f:4a:56:ec:29:ef:9a:
41:24:ab:86:c8:e7:06:fc:b6:f1:ed:35:02:c0:26:c2:b6:f2:
06:27:23:02:28:24:c0:8a:78:f1:71:b0:c9:66:19:c2:42:5c:
fb:10:80:0f:31:c0:75:44:51:2f:1d:58:9b:a6:c0:77:44:e1:
15:a9:7a:1d:c9:df:10:0e:2d:f7:1b:64:83:2a:a5:e9:6f:da:
f3:b2:24:a9:d4:5b:73:b8:71:89:08:bf:70:af:52:e1:d1:df:
27:3c:aa:77:5f:42:52:32:4b:a9:7e:84:9d:0f:7e:b4:77:ac:
92:ec:62:92:e9:ef:74:de:9d:0a:36:ab:99:ef:45:6b:20:3a:
5c:87:fa:40:39:73:b4:79:d6:01:57:75:91:f7:9e:95:ce:30:
71:7c:85:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIARalzkpJxsLQpJ9RGZjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjYwOGZmYWRmNjAwMDgxZWU5MjIyOThlNGIyYWU5NmFm
ZjQ4ZTgwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI0ZGMyYWI3ODY3ZTQxY2M0ZTk0YWQ5ZmFmNDBmM2UwNWJiYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/lMxK2HiHTkpkMGsfHWmPSfP2e
Fv4tB8rx8aFouZRa2aGjWjjvatrDFY2TVNE+WS8HrX5bzAXFekKFvOYpjFf0tab0
LEZtB2m/1Asbk/7ffPEFBkJrb8e/4fXKjBPbFvzzpbTI8e6aMEsZfpr0VfGVKZTp
GLpW4tO2QiSDUMh5jWir1nfSHBaxpOEL2UfIsAuu+esGGlBQUoN+Hgf7Vlb1vCYI
C0DnDkC3PJDEfK9GjxXvkHoupslH524FXJDUsRudvOwlCb0IztYK7cKj8M/Wd+Oz
Ug6xgAIbQgF9kTg3iM61SunGhYyjJ7eP2oMM5QsZ5LbZP4D7ICAlRmVDQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHG03Cq3hn5BzE6UrZ+vQPPgW7sMMB8GA1UdIwQY
MBaAFJz2CP+t9gAIHukiKY5LKulq/0joMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBZSV82MzJBQWdlNlNJcGprc3E2V3JfU09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNDVmMTEtNjdjMi00N2E1LTk5NmMt
ODkxZWI1NDhiODkxLzEvY2JUY0tyZUdma0hNVHBTdG42OUE4LUJidXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNDVmMTEtNjdjMi00N2E1LTk5NmMtODkxZWI1NDhiODkx
LzEvblBZSV82MzJBQWdlNlNJcGprc3E2V3JfU09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYN8MA0G
CSqGSIb3DQEBCwUAA4IBAQDW8xdsGashuivItvLFIQhfil5iW8WQsBidZPepiW8U
iZgGa7crkNoZ/Ht/vPQzA9VS4W6WJqYtKBl9bdFCoo+Ap26KIIhP73pov45EbJkB
eNKDPZ+4cj8tUDaSinJAPNRQBPe24g9KVuwp75pBJKuGyOcG/Lbx7TUCwCbCtvIG
JyMCKCTAinjxcbDJZhnCQlz7EIAPMcB1RFEvHVibpsB3ROEVqXodyd8QDi33G2SD
KqXpb9rzsiSp1FtzuHGJCL9wr1Lh0d8nPKp3X0JSMkupfoSdD360d6yS7GKS6e90
3p0KNquZ70VrIDpch/pAOXO0edYBV3WR956VzjBxfIXS
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:10 2025 by rpki-client