Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pdLe7OCwVM2QJAkiR9Ck9rfosG0.roa
File: pdLe7OCwVM2QJAkiR9Ck9rfosG0.roa (raw, json)
Hash identifier: /IlwnQLaM6ubvM4KexWaeiig4rAi/XiUwo/jHfTzl0U=
Subject key identifier: A5:D2:DE:EC:E0:B0:54:CD:90:24:09:22:47:D0:A4:F6:B7:E8:B0:6D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01952D867A37C765BD12DF01705FC9039084
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pdLe7OCwVM2QJAkiR9Ck9rfosG0.roa
Signing time: Sat 22 Feb 2025 11:59:02 +0000
ROA not before: Sat 22 Feb 2025 11:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.155.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 19:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2d:86:7a:37:c7:65:bd:12:df:01:70:5f:c9:03:90:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 22 11:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5d2deece0b054cd9024092247d0a4f6b7e8b06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:d8:83:21:b6:0c:bf:48:50:4c:54:4d:02:
ab:f5:97:c9:04:6e:c7:3a:f7:62:28:54:61:50:3e:
c3:7b:bf:09:e2:e3:82:72:cc:d7:5b:80:03:88:7e:
4f:9a:d2:8e:ca:69:19:7a:5d:8b:d4:a2:76:42:0f:
67:35:38:97:86:d8:42:46:62:69:25:ae:03:5d:28:
fd:d0:bd:a7:27:e4:1b:ba:a5:b8:50:58:c5:ab:17:
7d:43:e9:91:1a:3b:6b:e3:39:37:81:34:2a:43:f1:
22:9e:54:d2:c0:9a:57:23:f2:b2:70:58:60:15:f3:
a8:e5:21:23:e4:91:c0:c6:d3:45:18:7a:ba:f2:7e:
ac:e9:87:60:11:b4:50:8a:ea:6f:3f:a9:11:ea:96:
e8:ad:b0:fa:31:f0:dc:8c:8e:b4:db:b7:01:ce:37:
aa:43:88:12:5d:7e:aa:38:da:b7:d6:66:ab:e9:77:
2b:d9:57:2e:23:c9:05:37:bc:34:36:13:68:4e:67:
e2:f5:44:67:76:bf:d6:81:81:a7:91:4f:24:7e:88:
ea:4b:95:0b:95:7e:08:07:96:87:04:fe:13:a7:7e:
9c:05:72:94:47:bd:89:d0:5e:41:ac:92:4a:07:5d:
31:e2:ab:12:2d:6e:ec:5e:99:4c:99:5d:78:08:a1:
7f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D2:DE:EC:E0:B0:54:CD:90:24:09:22:47:D0:A4:F6:B7:E8:B0:6D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pdLe7OCwVM2QJAkiR9Ck9rfosG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ee:32:5e:6c:0f:9f:df:36:1f:6f:56:a3:d7:bc:4e:35:0c:
2a:31:51:4e:81:1e:d5:f4:8c:81:2f:1a:72:16:7a:7e:c4:47:
2a:89:9f:e4:ca:ca:cb:75:e4:5a:fc:6f:5e:3e:61:cf:07:1b:
d7:54:be:97:21:76:c0:db:5f:49:64:85:87:24:92:5f:da:41:
36:9f:86:a3:f4:82:3e:e8:4c:5b:a1:ba:ee:1a:87:b4:f0:22:
fc:cb:47:9c:0e:c5:9b:1d:d6:70:43:e0:63:5d:e7:f0:9e:94:
7e:35:7c:17:28:b6:b1:56:bb:48:65:13:02:ac:f5:55:47:61:
04:76:46:5a:cc:7a:67:22:82:df:6a:94:68:d1:89:05:bd:71:
b5:48:85:3a:3b:8a:81:ef:30:d1:22:42:74:30:8f:6d:f1:67:
4a:6b:f4:dc:87:da:57:dc:39:31:d7:69:1f:44:32:70:e2:5a:
6d:42:5f:93:7c:ac:d2:b6:50:ce:e6:dd:b9:1c:75:40:b3:30:
e1:1d:8c:e9:e8:8b:59:1a:c0:d6:6e:26:da:83:54:61:97:69:
ea:59:08:f6:3a:32:54:8e:c4:30:8d:66:29:30:49:3b:c3:91:
53:42:50:3e:1a:15:16:6d:85:02:63:cc:8b:00:d1:b1:27:df:
e7:f6:33:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUthno3x2W9Et8BcF/JA5CEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjIyMTE1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQyZGVlY2UwYjA1NGNkOTAyNDA5MjI0N2QwYTRmNmI3ZThiMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuvYgyG2DL9IUExUTQKr9ZfJBG7H
OvdiKFRhUD7De78J4uOCcszXW4ADiH5PmtKOymkZel2L1KJ2Qg9nNTiXhthCRmJp
Ja4DXSj90L2nJ+QbuqW4UFjFqxd9Q+mRGjtr4zk3gTQqQ/EinlTSwJpXI/KycFhg
FfOo5SEj5JHAxtNFGHq68n6s6YdgEbRQiupvP6kR6pborbD6MfDcjI6027cBzjeq
Q4gSXX6qONq31mar6Xcr2VcuI8kFN7w0NhNoTmfi9URndr/WgYGnkU8kfojqS5UL
lX4IB5aHBP4Tp36cBXKUR72J0F5BrJJKB10x4qsSLW7sXplMmV14CKF/pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXS3uzgsFTNkCQJIkfQpPa36LBtMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcGRMZTdPQ3dWTTJRSkFraVI5Q2s5cmZvc0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZtBMA0G
CSqGSIb3DQEBCwUAA4IBAQBY7jJebA+f3zYfb1aj17xONQwqMVFOgR7V9IyBLxpy
Fnp+xEcqiZ/kysrLdeRa/G9ePmHPBxvXVL6XIXbA219JZIWHJJJf2kE2n4aj9II+
6ExbobruGoe08CL8y0ecDsWbHdZwQ+BjXefwnpR+NXwXKLaxVrtIZRMCrPVVR2EE
dkZazHpnIoLfapRo0YkFvXG1SIU6O4qB7zDRIkJ0MI9t8WdKa/Tch9pX3Dkx12kf
RDJw4lptQl+TfKzStlDO5t25HHVAszDhHYzp6ItZGsDWbibag1Rhl2nqWQj2OjJU
jsQwjWYpMEk7w5FTQlA+GhUWbYUCY8yLANGxJ9/n9jOV
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:25:53 2025 by rpki-client