Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rHqU9XPVmzCo6uOAh8HHqwFeMUs.roa
File: rHqU9XPVmzCo6uOAh8HHqwFeMUs.roa (raw, json)
Hash identifier: UqhbOuR7A5rBhHqeR/C4CuN7aTTcfDdUi8Ov+aGwpHE=
Subject key identifier: AC:7A:94:F5:73:D5:9B:30:A8:EA:E3:80:87:C1:C7:AB:01:5E:31:4B
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD1E8C2EA76503011482F9234C3E7FECA
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rHqU9XPVmzCo6uOAh8HHqwFeMUs.roa
Signing time: Thu 22 Feb 2024 17:41:48 +0000
ROA not before: Thu 22 Feb 2024 17:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35682
IP address blocks: 45.138.158.0/24 maxlen: 24
185.217.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:e8:c2:ea:76:50:30:11:48:2f:92:34:c3:e7:fe:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 22 17:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac7a94f573d59b30a8eae38087c1c7ab015e314b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:46:34:cc:6e:5d:36:87:f3:0d:30:20:2f:be:
d6:0b:74:ae:fb:d9:16:31:d2:82:ac:77:57:0c:79:
3c:94:23:7e:1d:89:2e:c9:8c:6b:f4:2a:2e:9d:9b:
dc:f2:4a:37:96:92:d6:6a:d4:87:8d:a9:36:cd:23:
7b:8e:d5:83:b3:5a:d4:9e:91:99:e7:3d:cc:e7:36:
a7:3b:7a:7a:ba:65:ed:a4:9c:55:c4:6d:d5:77:62:
67:c2:cc:0a:55:eb:74:ce:ca:97:1e:3a:9b:8e:2c:
29:e1:ed:51:39:b2:27:84:45:45:7c:5e:3a:ba:0d:
7d:14:45:15:cc:04:14:2d:90:61:b0:c8:16:2f:4c:
b4:d4:86:15:8d:20:14:ec:35:1e:19:20:3b:ce:e3:
7d:ce:14:43:46:55:d7:d0:4e:74:b4:73:5d:fa:77:
04:f5:10:ed:bb:b4:b7:cd:44:71:43:fb:44:5e:26:
15:be:99:26:26:21:41:59:ec:75:10:db:aa:b7:ef:
f6:c4:60:85:fe:45:d4:5f:8c:f1:81:ba:df:c1:31:
ab:5c:b2:fd:dd:cd:a1:e3:61:9f:87:4f:00:cd:cb:
69:7e:19:1f:8f:3f:c1:1a:96:85:b3:8b:cf:2c:04:
5f:d8:fc:20:66:5e:f5:cc:a8:0f:11:5b:4f:e7:01:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7A:94:F5:73:D5:9B:30:A8:EA:E3:80:87:C1:C7:AB:01:5E:31:4B
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rHqU9XPVmzCo6uOAh8HHqwFeMUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.158.0/24
185.217.131.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:78:06:c7:29:14:25:3f:bf:76:fd:e0:2d:79:c3:11:e2:ba:
2e:62:d9:1d:e0:79:a7:0a:39:df:75:8b:cb:20:72:19:7a:0a:
5e:68:3c:4d:1a:24:ae:bb:8b:6e:47:40:7d:6c:2c:10:37:90:
8d:d8:6f:2b:77:2b:59:fe:46:5f:ac:11:00:a5:84:18:35:8b:
d8:27:a8:f0:43:d6:a4:a2:77:63:6e:7a:fc:bc:c6:f9:ed:77:
be:be:ed:8b:4f:90:44:7b:67:1f:e3:29:84:6d:81:89:01:b8:
44:e0:10:88:17:88:9c:9b:22:18:6f:db:d9:ec:f5:e1:6e:e6:
84:09:8b:6b:52:f4:6b:e4:9b:2c:a6:7f:46:a9:da:7d:5b:69:
2f:c6:64:b0:e6:31:b3:33:7c:a3:58:82:35:8b:24:4b:29:39:
8d:99:28:12:c5:a8:3a:8d:2c:44:30:6d:6d:29:7d:87:49:0f:
79:ed:69:64:d3:fc:a4:79:22:be:ec:cc:d4:5b:4d:e4:e4:83:
27:6c:8b:69:c3:e4:2a:3b:45:8e:dd:56:0e:da:f9:61:5d:82:
d9:8d:be:b3:2f:6f:0b:d9:11:b2:47:8a:ae:9e:5d:b2:a4:82:
95:72:fe:0b:27:b1:98:cf:21:de:35:72:28:9c:1e:08:dc:2b:
23:1d:0f:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3R6MLqdlAwEUgvkjTD5/7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdhOTRmNTczZDU5YjMwYThlYWUzODA4N2MxYzdhYjAxNWUzMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkY0zG5dNofzDTAgL77WC3Su+9kW
MdKCrHdXDHk8lCN+HYkuyYxr9CounZvc8ko3lpLWatSHjak2zSN7jtWDs1rUnpGZ
5z3M5zanO3p6umXtpJxVxG3Vd2JnwswKVet0zsqXHjqbjiwp4e1RObInhEVFfF46
ug19FEUVzAQULZBhsMgWL0y01IYVjSAU7DUeGSA7zuN9zhRDRlXX0E50tHNd+ncE
9RDtu7S3zURxQ/tEXiYVvpkmJiFBWex1ENuqt+/2xGCF/kXUX4zxgbrfwTGrXLL9
3c2h42Gfh08Azctpfhkfjz/BGpaFs4vPLARf2PwgZl71zKgPEVtP5wH6VwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKx6lPVz1ZswqOrjgIfBx6sBXjFLMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvckhxVTlYUFZtekNvNnVPQWg4SEhxd0ZlTVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYqeAwQA
udmDMA0GCSqGSIb3DQEBCwUAA4IBAQA8eAbHKRQlP792/eAtecMR4rouYtkd4Hmn
CjnfdYvLIHIZegpeaDxNGiSuu4tuR0B9bCwQN5CN2G8rdytZ/kZfrBEApYQYNYvY
J6jwQ9akondjbnr8vMb57Xe+vu2LT5BEe2cf4ymEbYGJAbhE4BCIF4icmyIYb9vZ
7PXhbuaECYtrUvRr5Jsspn9Gqdp9W2kvxmSw5jGzM3yjWII1iyRLKTmNmSgSxag6
jSxEMG1tKX2HSQ957Wlk0/ykeSK+7MzUW03k5IMnbItpw+QqO0WO3VYO2vlhXYLZ
jb6zL28L2RGyR4qunl2ypIKVcv4LJ7GYzyHeNXIonB4I3CsjHQ+i
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:31 2025 by rpki-client