Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2CzsR1sJWd78vHM8tIoJskjmJkY.roa
File: 2CzsR1sJWd78vHM8tIoJskjmJkY.roa (raw, json)
Hash identifier: NPX9/szbffmR/U++4gD8CT7jMbNccXdVmfJhroh8Ncg=
Subject key identifier: D8:2C:EC:47:5B:09:59:DE:FC:BC:73:3C:B4:8A:09:B2:48:E6:26:46
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01928A0452A3DC28716EAA6AF50C9EABDF3F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2CzsR1sJWd78vHM8tIoJskjmJkY.roa
Signing time: Mon 14 Oct 2024 07:53:12 +0000
ROA not before: Mon 14 Oct 2024 07:53:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 45.83.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:04:52:a3:dc:28:71:6e:aa:6a:f5:0c:9e:ab:df:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Oct 14 07:53:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d82cec475b0959defcbc733cb48a09b248e62646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:82:4f:ef:c0:8a:fd:e3:45:f1:21:aa:8f:
fe:f9:ea:53:9d:16:1a:5d:45:72:be:67:27:de:c1:
68:05:d8:7f:fd:d4:f8:97:ba:eb:dd:e4:a5:6f:a4:
b6:b3:f4:11:19:cc:43:62:8a:b6:d7:78:70:ba:65:
41:95:7b:be:fe:2a:7f:31:05:70:ab:9a:ce:db:eb:
d3:0e:97:fa:6f:46:94:0b:eb:6b:74:c9:6e:1e:05:
c9:9f:6a:c7:da:9d:36:24:e4:a4:fa:e1:24:ac:23:
b6:fd:be:fa:b2:6e:86:fa:ce:71:42:b1:8c:36:a1:
e0:65:2e:a1:57:a9:54:5c:d9:9f:70:63:1d:d4:a6:
a9:7c:4b:22:49:a6:5b:f2:41:c3:a3:2c:07:21:16:
ea:2f:f2:d3:31:9c:da:23:e5:59:c2:c1:5c:d4:c7:
02:76:78:1a:39:53:63:5e:33:cc:8c:1f:78:8e:36:
e2:52:28:b4:19:82:74:4a:1f:53:60:ea:4e:e8:88:
fa:a1:93:3c:d5:51:7f:47:37:3b:ce:38:c4:21:c3:
ac:9a:06:ae:9a:70:44:6d:7f:6f:0f:41:82:cf:26:
d7:0f:2f:e8:dd:29:f4:88:f8:69:4d:17:99:d4:d4:
46:cd:7a:e4:c9:f0:a8:5c:94:b1:83:9a:0d:e7:7e:
ee:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2C:EC:47:5B:09:59:DE:FC:BC:73:3C:B4:8A:09:B2:48:E6:26:46
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2CzsR1sJWd78vHM8tIoJskjmJkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.8.0/22
Signature Algorithm: sha256WithRSAEncryption
03:70:27:05:b2:80:df:7b:6c:ff:7e:45:e2:7b:d5:af:de:57:
a2:6c:ea:2d:08:95:96:0d:c8:3a:cc:c2:ac:42:52:f0:c0:2a:
d4:36:0b:84:e8:1d:cc:af:48:be:0b:1e:3f:c5:5f:70:94:cd:
7a:43:36:95:b6:59:e5:8d:70:ba:b9:00:85:55:73:01:36:ac:
2b:8b:fe:59:e5:5a:cb:40:7d:c1:bb:9c:48:54:a6:10:39:2c:
9d:36:a5:27:08:9b:cb:2d:74:fd:bd:6a:fe:58:45:2c:3f:34:
08:81:e2:46:4e:b4:ed:f8:87:b6:00:b6:a2:28:a5:be:d4:73:
69:9b:65:10:ed:f7:58:48:11:9a:8a:d7:46:99:b2:7e:cb:93:
dc:9f:24:44:ef:c0:a9:bb:d9:0f:6d:1a:5e:6c:9e:fc:37:53:
91:c7:0e:c5:03:a8:4d:73:68:0c:bd:71:76:bd:a8:7b:e4:9e:
2d:f1:cb:b9:1c:86:a4:09:81:7f:d4:dc:0b:4b:67:62:35:b7:
ca:f5:86:e3:c3:b0:2d:13:c3:65:2b:fe:d7:09:75:8e:85:78:
cd:7f:87:2e:c1:60:04:12:3d:c8:90:49:0a:9b:6b:2e:f7:ec:
de:9b:eb:d9:5c:c9:92:56:b5:c4:eb:84:ac:f1:9f:39:1e:7e:
f9:73:f2:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKKBFKj3Chxbqpq9Qyeq98/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQxMDE0MDc1MzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJjZWM0NzViMDk1OWRlZmNiYzczM2NiNDhhMDliMjQ4ZTYyNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUyCT+/Aiv3jRfEhqo/++epTnRYa
XUVyvmcn3sFoBdh//dT4l7rr3eSlb6S2s/QRGcxDYoq213hwumVBlXu+/ip/MQVw
q5rO2+vTDpf6b0aUC+trdMluHgXJn2rH2p02JOSk+uEkrCO2/b76sm6G+s5xQrGM
NqHgZS6hV6lUXNmfcGMd1KapfEsiSaZb8kHDoywHIRbqL/LTMZzaI+VZwsFc1McC
dngaOVNjXjPMjB94jjbiUii0GYJ0Sh9TYOpO6Ij6oZM81VF/Rzc7zjjEIcOsmgau
mnBEbX9vD0GCzybXDy/o3Sn0iPhpTReZ1NRGzXrkyfCoXJSxg5oN537uFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgs7EdbCVne/LxzPLSKCbJI5iZGMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMkN6c1Ixc0pXZDc4dkhNOHRJb0pza2ptSmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVMIMA0G
CSqGSIb3DQEBCwUAA4IBAQADcCcFsoDfe2z/fkXie9Wv3leibOotCJWWDcg6zMKs
QlLwwCrUNguE6B3Mr0i+Cx4/xV9wlM16QzaVtlnljXC6uQCFVXMBNqwri/5Z5VrL
QH3Bu5xIVKYQOSydNqUnCJvLLXT9vWr+WEUsPzQIgeJGTrTt+Ie2ALaiKKW+1HNp
m2UQ7fdYSBGaitdGmbJ+y5PcnyRE78Cpu9kPbRpebJ78N1ORxw7FA6hNc2gMvXF2
vah75J4t8cu5HIakCYF/1NwLS2diNbfK9Ybjw7AtE8NlK/7XCXWOhXjNf4cuwWAE
Ej3IkEkKm2su9+zem+vZXMmSVrXE64Ss8Z85Hn75c/Lr
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:45 2025 by rpki-client