Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/gnAHlHq4t46P2wcH8zaAKwkpppk.roa
File: gnAHlHq4t46P2wcH8zaAKwkpppk.roa (raw, json)
Hash identifier: e6tUPAsmDK5eZVTRUpWBzmSygbYCcGVA67vbon/I9Zg=
Subject key identifier: 82:70:07:94:7A:B8:B7:8E:8F:DB:07:07:F3:36:80:2B:09:29:A6:99
Certificate issuer: /CN=08cd67b5f97ba795a6bf86906b771c1dd2cb1dc9
Certificate serial: 01936ABE32A370A4718018F861EDCB53DFA3
Authority key identifier: 08:CD:67:B5:F9:7B:A7:95:A6:BF:86:90:6B:77:1C:1D:D2:CB:1D:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CM1ntfl7p5Wmv4aQa3ccHdLLHck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/gnAHlHq4t46P2wcH8zaAKwkpppk.roa
Signing time: Tue 26 Nov 2024 23:11:09 +0000
ROA not before: Tue 26 Nov 2024 23:11:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212555
IP address blocks: 45.11.108.0/24 maxlen: 24
45.11.109.0/24 maxlen: 24
45.11.110.0/24 maxlen: 24
45.11.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6a:be:32:a3:70:a4:71:80:18:f8:61:ed:cb:53:df:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08cd67b5f97ba795a6bf86906b771c1dd2cb1dc9
Validity
Not Before: Nov 26 23:11:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=827007947ab8b78e8fdb0707f336802b0929a699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:34:9f:4d:4a:51:b6:85:07:9c:94:4e:52:
28:3c:84:5d:d5:e3:fb:f2:5a:0b:f7:46:15:7b:9f:
16:2b:54:a2:7c:74:d0:a0:e7:29:33:c7:be:a9:71:
89:30:41:ab:9f:fb:ee:56:88:6a:45:e5:0e:af:60:
6e:8f:b9:8c:a2:cc:28:34:3d:ec:75:88:ce:68:6f:
d5:70:7a:9b:ed:9e:00:ec:e5:80:5f:ee:89:52:8e:
a1:71:40:0e:6a:da:51:62:42:58:36:64:c7:22:e5:
5f:d5:9e:b8:17:0f:1a:3d:fe:66:c2:73:4f:81:3e:
d2:11:85:43:f5:d2:f9:1a:64:04:48:12:06:90:e2:
80:e2:5d:bf:69:55:fa:bd:d3:eb:3c:ee:d6:e3:bd:
00:c6:65:99:ec:8a:76:a4:07:54:48:24:27:b8:a6:
c6:3e:72:01:9f:10:ca:6a:d1:aa:ee:bb:b8:c5:ce:
ed:8b:ef:e3:72:ad:02:e0:d4:1c:cf:88:26:1c:54:
31:75:de:a4:96:ec:57:98:aa:e1:ab:28:81:1d:0d:
a0:1a:01:36:5f:77:a9:36:b6:ab:d0:84:c8:8e:c6:
49:ee:53:1c:9e:c8:44:48:d8:fb:bc:29:66:65:80:
76:37:be:c5:d6:0c:21:79:f8:da:03:4e:5a:9a:ec:
bd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:70:07:94:7A:B8:B7:8E:8F:DB:07:07:F3:36:80:2B:09:29:A6:99
X509v3 Authority Key Identifier:
keyid:08:CD:67:B5:F9:7B:A7:95:A6:BF:86:90:6B:77:1C:1D:D2:CB:1D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CM1ntfl7p5Wmv4aQa3ccHdLLHck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/gnAHlHq4t46P2wcH8zaAKwkpppk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/CM1ntfl7p5Wmv4aQa3ccHdLLHck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.108.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:2b:1e:65:cc:46:d7:62:c8:c6:52:91:55:8a:f2:3c:11:91:
74:83:33:93:e5:8d:98:2f:2a:f3:67:8a:02:7f:54:64:43:b4:
9c:59:51:fd:eb:70:72:37:81:8e:f1:03:7d:54:ea:ff:06:06:
41:79:30:04:6d:7f:01:dd:1c:92:2c:87:8b:44:f5:07:ef:d6:
38:53:5c:b9:d1:f7:38:05:f7:e2:78:e1:f7:32:82:da:ed:e3:
e5:00:8d:49:82:a3:55:8e:54:67:11:ef:01:40:e1:4c:3a:03:
90:61:39:cf:29:43:e2:35:f4:39:44:9d:0a:28:fd:42:08:75:
55:9b:36:40:04:33:0f:ca:41:38:61:70:fb:7c:63:26:08:c6:
5d:ef:1e:1c:c0:a6:4a:d4:d7:dc:bc:62:39:f5:c6:65:ed:e9:
76:27:c2:91:e7:d6:74:8c:b0:4d:4d:8c:ea:81:72:68:16:20:
6b:53:97:e0:8d:52:ca:c6:12:6b:0a:ff:04:e9:f1:eb:65:3e:
4a:f0:73:f3:22:34:71:90:c4:75:2f:45:b3:41:34:9f:04:5f:
f1:96:dd:36:8b:a9:cd:21:84:5a:f8:ee:31:ae:21:63:e8:49:
14:70:b1:0b:82:39:b9:26:de:ee:eb:7b:f8:19:c7:23:a0:d6:
0d:c0:00:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNqvjKjcKRxgBj4Ye3LU9+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4Y2Q2N2I1Zjk3YmE3OTVhNmJmODY5MDZiNzcxYzFkZDJj
YjFkYzkwHhcNMjQxMTI2MjMxMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcwMDc5NDdhYjhiNzhlOGZkYjA3MDdmMzM2ODAyYjA5MjlhNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYE0n01KUbaFB5yUTlIoPIRd1eP7
8loL90YVe58WK1SifHTQoOcpM8e+qXGJMEGrn/vuVohqReUOr2Buj7mMoswoND3s
dYjOaG/VcHqb7Z4A7OWAX+6JUo6hcUAOatpRYkJYNmTHIuVf1Z64Fw8aPf5mwnNP
gT7SEYVD9dL5GmQESBIGkOKA4l2/aVX6vdPrPO7W470AxmWZ7Ip2pAdUSCQnuKbG
PnIBnxDKatGq7ru4xc7ti+/jcq0C4NQcz4gmHFQxdd6kluxXmKrhqyiBHQ2gGgE2
X3epNrar0ITIjsZJ7lMcnshESNj7vClmZYB2N77F1gwhefjaA05amuy9rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJwB5R6uLeOj9sHB/M2gCsJKaaZMB8GA1UdIwQY
MBaAFAjNZ7X5e6eVpr+GkGt3HB3Syx3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ00xbnRmbDdwNVdtdjRhUWEzY2NIZExMSGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNDliODMtNmY3NC00OWVjLWE0ZmMt
NTc0NjJjMjgzMjk0LzEvZ25BSGxIcTR0NDZQMndjSDh6YUFLd2twcHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNDliODMtNmY3NC00OWVjLWE0ZmMtNTc0NjJjMjgzMjk0
LzEvQ00xbnRmbDdwNVdtdjRhUWEzY2NIZExMSGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQtsMA0G
CSqGSIb3DQEBCwUAA4IBAQCfKx5lzEbXYsjGUpFVivI8EZF0gzOT5Y2YLyrzZ4oC
f1RkQ7ScWVH963ByN4GO8QN9VOr/BgZBeTAEbX8B3RySLIeLRPUH79Y4U1y50fc4
BffieOH3MoLa7ePlAI1JgqNVjlRnEe8BQOFMOgOQYTnPKUPiNfQ5RJ0KKP1CCHVV
mzZABDMPykE4YXD7fGMmCMZd7x4cwKZK1NfcvGI59cZl7el2J8KR59Z0jLBNTYzq
gXJoFiBrU5fgjVLKxhJrCv8E6fHrZT5K8HPzIjRxkMR1L0WzQTSfBF/xlt02i6nN
IYRa+O4xriFj6EkUcLELgjm5Jt7u63v4GccjoNYNwAD4
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:21:51 2025 by rpki-client