Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/oOhM7GpSIJGGKscYCbsu1_jU6zA.roa
File: oOhM7GpSIJGGKscYCbsu1_jU6zA.roa (raw, json)
Hash identifier: VVyg12+OmaaNZcNRXjqvH6+Fih3joThGaZO82hah8sM=
Subject key identifier: A0:E8:4C:EC:6A:52:20:91:86:2A:C7:18:09:BB:2E:D7:F8:D4:EB:30
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0193F1D49133EFBEC2D7BE359F19B29F5960
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/oOhM7GpSIJGGKscYCbsu1_jU6zA.roa
Signing time: Mon 23 Dec 2024 04:44:20 +0000
ROA not before: Mon 23 Dec 2024 04:44:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214743
IP address blocks: 45.91.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f1:d4:91:33:ef:be:c2:d7:be:35:9f:19:b2:9f:59:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 23 04:44:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0e84cec6a522091862ac71809bb2ed7f8d4eb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8e:39:78:9f:f9:c1:9a:cc:b4:50:5a:69:73:
ab:da:2d:42:7a:95:44:73:c9:1d:30:4a:3f:9a:80:
c6:11:2f:2e:59:a5:0c:01:46:4a:31:e3:7c:bb:5c:
41:94:a9:b1:79:eb:9f:cb:7a:d2:1d:43:19:e1:3c:
9a:1a:3b:9c:6a:d3:ae:86:28:a1:02:36:f0:ec:59:
ad:94:07:dc:87:95:0c:53:97:91:fa:5a:ab:f9:cc:
55:b0:a5:0d:39:c6:d5:7b:d5:9b:83:e0:38:46:89:
c7:24:d2:cc:ef:8c:59:79:2e:b7:86:d7:4b:52:d3:
ad:dd:0c:17:f4:97:85:f7:9b:65:fd:81:26:b1:40:
15:40:3f:dd:ed:56:43:a3:57:10:f7:80:3c:0c:1a:
29:2d:9b:bd:bc:69:c4:4a:78:21:2c:6b:29:ba:53:
53:9b:5e:24:16:93:49:c8:9e:a8:58:22:3f:c2:7c:
ab:76:ea:37:81:70:7a:2d:8c:3a:82:fa:1a:ae:20:
35:f0:bb:7f:11:42:5f:6b:ed:21:60:0d:fb:d6:f3:
ab:ac:94:a8:d9:8e:32:17:43:f8:1c:80:5e:d9:e1:
08:5d:74:ec:93:59:0c:5c:6a:a8:9b:17:16:da:82:
f3:52:78:5e:ff:46:6f:2c:8a:d3:00:6d:3d:d8:f6:
d6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E8:4C:EC:6A:52:20:91:86:2A:C7:18:09:BB:2E:D7:F8:D4:EB:30
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/oOhM7GpSIJGGKscYCbsu1_jU6zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.224.0/24
Signature Algorithm: sha256WithRSAEncryption
16:6b:94:f5:a3:95:d7:32:ba:89:bd:ea:63:a5:10:da:3b:57:
a8:dd:33:8a:53:17:cf:0e:f3:50:37:8c:52:3b:f7:83:40:a3:
02:2c:7f:fc:6d:2a:1d:df:02:52:42:84:2d:80:c1:f6:b9:df:
fb:22:2f:d6:f5:70:61:8e:e2:1c:11:f5:d8:0a:07:14:44:c3:
7d:bb:b0:40:38:08:60:0d:68:39:c9:2a:b0:57:70:fd:db:39:
6e:89:a4:60:7f:7a:07:c8:d0:60:0a:40:ee:ba:ae:80:59:0d:
de:54:bc:a5:5d:8a:47:49:03:ab:2d:37:de:62:12:2a:e4:3b:
ba:8c:b9:45:66:d1:ca:9a:25:8c:03:42:2b:a5:be:0b:1d:7d:
7f:4c:32:18:d8:1e:d9:92:36:4b:4b:5c:14:b4:0d:9a:77:6f:
fe:4d:57:92:ed:86:c0:47:a6:ec:ab:38:5b:0b:81:fc:3b:af:
61:b8:e1:30:b0:c7:b9:1e:d7:46:6c:37:e1:a9:8e:a6:1c:83:
ab:70:80:ec:11:ce:a8:dc:79:eb:c9:dd:68:00:c5:e3:d5:51:
71:20:56:a1:76:f5:d5:70:6b:18:40:4d:10:26:7b:0f:c7:c0:
8a:63:45:ce:95:f2:ec:8a:21:35:3b:59:8c:bd:f6:d8:a4:34:
31:18:ee:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPx1JEz777C1741nxmyn1lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQxMjIzMDQ0NDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGU4NGNlYzZhNTIyMDkxODYyYWM3MTgwOWJiMmVkN2Y4ZDRlYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY45eJ/5wZrMtFBaaXOr2i1CepVE
c8kdMEo/moDGES8uWaUMAUZKMeN8u1xBlKmxeeufy3rSHUMZ4TyaGjucatOuhiih
Ajbw7FmtlAfch5UMU5eR+lqr+cxVsKUNOcbVe9Wbg+A4RonHJNLM74xZeS63htdL
UtOt3QwX9JeF95tl/YEmsUAVQD/d7VZDo1cQ94A8DBopLZu9vGnESnghLGspulNT
m14kFpNJyJ6oWCI/wnyrduo3gXB6LYw6gvoariA18Lt/EUJfa+0hYA371vOrrJSo
2Y4yF0P4HIBe2eEIXXTsk1kMXGqomxcW2oLzUnhe/0ZvLIrTAG092PbWAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDoTOxqUiCRhirHGAm7Ltf41OswMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvb09oTTdHcFNJSkdHS3NjWUNic3UxX2pVNnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVvgMA0G
CSqGSIb3DQEBCwUAA4IBAQAWa5T1o5XXMrqJvepjpRDaO1eo3TOKUxfPDvNQN4xS
O/eDQKMCLH/8bSod3wJSQoQtgMH2ud/7Ii/W9XBhjuIcEfXYCgcURMN9u7BAOAhg
DWg5ySqwV3D92zluiaRgf3oHyNBgCkDuuq6AWQ3eVLylXYpHSQOrLTfeYhIq5Du6
jLlFZtHKmiWMA0Irpb4LHX1/TDIY2B7ZkjZLS1wUtA2ad2/+TVeS7YbAR6bsqzhb
C4H8O69huOEwsMe5HtdGbDfhqY6mHIOrcIDsEc6o3Hnryd1oAMXj1VFxIFahdvXV
cGsYQE0QJnsPx8CKY0XOlfLsiiE1O1mMvfbYpDQxGO7B
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:52:20 2025 by rpki-client