Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/5LT9v133DdjDIyK-dcI5J5HNliw.roa
File: 5LT9v133DdjDIyK-dcI5J5HNliw.roa (raw, json)
Hash identifier: KXSKwYyHi/UPiXS3brpOcG36Kndk9KShyO8yxEE+Kj0=
Subject key identifier: E4:B4:FD:BF:5D:F7:0D:D8:C3:23:22:BE:75:C2:39:27:91:CD:96:2C
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 0193FD178C8B7EE978D05AF1BD4BE0C25D32
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/5LT9v133DdjDIyK-dcI5J5HNliw.roa
Signing time: Wed 25 Dec 2024 09:13:19 +0000
ROA not before: Wed 25 Dec 2024 09:13:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203735
IP address blocks: 45.143.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:17:8c:8b:7e:e9:78:d0:5a:f1:bd:4b:e0:c2:5d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Dec 25 09:13:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4b4fdbf5df70dd8c32322be75c2392791cd962c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e2:09:a6:7b:18:b5:0a:56:08:83:71:26:4b:
94:89:9e:0d:f9:58:2a:50:24:4a:6c:54:16:36:44:
87:79:b2:47:f7:5e:ff:6c:de:19:09:45:81:3a:2c:
bb:3a:4d:48:5a:53:6b:f2:9e:93:09:54:42:b2:89:
48:b1:2f:34:b3:1b:bc:aa:72:ef:b5:97:54:ba:d8:
ee:56:5d:18:b7:c1:33:7a:b9:65:56:6e:c2:11:5c:
64:f6:c1:9e:b0:61:e2:3a:02:d8:41:aa:ea:dd:d1:
20:3a:85:2b:31:a2:f6:ad:0d:41:42:0e:7b:08:24:
23:8f:4a:a8:94:13:9b:9c:e0:e1:41:f4:ac:44:68:
d3:5c:36:ad:c4:5b:ac:10:ab:ba:b3:8d:d7:08:00:
fd:46:ce:c3:ec:3f:d6:a7:a3:5a:45:71:b4:68:1e:
1f:59:44:31:80:b2:2a:be:8a:74:f0:1f:e3:53:85:
40:ff:0b:88:02:23:ca:dc:d1:12:18:ee:3d:bc:0b:
69:fa:fb:d9:32:70:0c:09:01:d3:13:92:9f:bd:76:
91:e2:bc:8c:36:ff:9e:37:7f:67:d2:b8:a9:37:ce:
f1:e9:47:4b:84:d0:b8:4e:52:94:55:51:d0:c6:6e:
f2:e4:61:a7:7c:4e:ca:92:18:0b:3f:b9:ed:3b:d9:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B4:FD:BF:5D:F7:0D:D8:C3:23:22:BE:75:C2:39:27:91:CD:96:2C
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/5LT9v133DdjDIyK-dcI5J5HNliw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.31.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:24:d0:ae:7a:3f:2b:ce:61:ad:2c:2c:68:f6:86:b4:f5:41:
27:88:05:2e:cc:bd:3c:63:78:d3:5d:f1:7c:04:d6:ae:ed:26:
51:10:78:96:74:62:09:a9:fe:f7:3e:58:d4:b0:10:9a:e9:12:
9e:5a:9e:c0:22:a0:54:8d:5a:1b:2e:e8:e1:8b:09:96:22:f1:
18:cb:0c:fb:da:ed:0f:bd:db:64:b6:a8:f0:58:17:c8:ef:6a:
0b:91:56:cc:90:ad:57:ff:29:73:b4:7b:a7:1c:d8:ec:85:fc:
97:7e:57:73:3d:42:70:35:e0:e1:f5:4c:cb:f5:21:9c:cf:ae:
78:07:64:18:02:f4:5c:5b:9f:6d:5a:0b:a3:42:95:b9:25:5d:
51:36:55:8b:b0:42:71:03:4f:94:e7:5b:23:2c:d6:a2:3a:3d:
3f:f7:b4:db:8c:07:30:81:31:09:bc:f9:2b:12:c9:a5:fb:c8:
ec:b3:d8:5f:68:83:85:19:e4:c1:5e:64:45:ad:29:bd:63:e6:
a0:f7:da:9f:de:5c:c5:73:8f:97:1c:ab:d6:88:29:d6:49:49:
00:a2:d3:77:f7:dc:bc:46:a9:fd:1f:6c:b6:52:0d:f6:84:25:
90:42:c0:2b:b9:53:14:25:c4:6d:d1:3e:b1:e9:e1:82:1a:8e:
29:44:8b:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP9F4yLful40FrxvUvgwl0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjQxMjI1MDkxMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI0ZmRiZjVkZjcwZGQ4YzMyMzIyYmU3NWMyMzkyNzkxY2Q5NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOIJpnsYtQpWCINxJkuUiZ4N+Vgq
UCRKbFQWNkSHebJH917/bN4ZCUWBOiy7Ok1IWlNr8p6TCVRCsolIsS80sxu8qnLv
tZdUutjuVl0Yt8EzerllVm7CEVxk9sGesGHiOgLYQarq3dEgOoUrMaL2rQ1BQg57
CCQjj0qolBObnODhQfSsRGjTXDatxFusEKu6s43XCAD9Rs7D7D/Wp6NaRXG0aB4f
WUQxgLIqvop08B/jU4VA/wuIAiPK3NESGO49vAtp+vvZMnAMCQHTE5KfvXaR4ryM
Nv+eN39n0ripN87x6UdLhNC4TlKUVVHQxm7y5GGnfE7KkhgLP7ntO9l13wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS0/b9d9w3YwyMivnXCOSeRzZYsMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvNUxUOXYxMzNEZGpESXlLLWRjSTVKNUhObGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8fMA0G
CSqGSIb3DQEBCwUAA4IBAQAsJNCuej8rzmGtLCxo9oa09UEniAUuzL08Y3jTXfF8
BNau7SZREHiWdGIJqf73PljUsBCa6RKeWp7AIqBUjVobLujhiwmWIvEYywz72u0P
vdtktqjwWBfI72oLkVbMkK1X/ylztHunHNjshfyXfldzPUJwNeDh9UzL9SGcz654
B2QYAvRcW59tWgujQpW5JV1RNlWLsEJxA0+U51sjLNaiOj0/97TbjAcwgTEJvPkr
Esml+8jss9hfaIOFGeTBXmRFrSm9Y+ag99qf3lzFc4+XHKvWiCnWSUkAotN399y8
Rqn9H2y2Ug32hCWQQsAruVMUJcRt0T6x6eGCGo4pRItN
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:23:11 2025 by rpki-client