Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/33IOMc5nxvSMf2V2a6W71X8lOQA.roa
File: 33IOMc5nxvSMf2V2a6W71X8lOQA.roa (raw, json)
Hash identifier: wd3QbLBJEDb+ohUfXwYtQGbD6oOETQkPpfCUPtFpzXc=
Subject key identifier: DF:72:0E:31:CE:67:C6:F4:8C:7F:65:76:6B:A5:BB:D5:7F:25:39:00
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0193704944D1E51D6C605313DA471F4600DE
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/33IOMc5nxvSMf2V2a6W71X8lOQA.roa
Signing time: Thu 28 Nov 2024 01:01:09 +0000
ROA not before: Thu 28 Nov 2024 01:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13737
IP address blocks: 45.141.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:70:49:44:d1:e5:1d:6c:60:53:13:da:47:1f:46:00:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Nov 28 01:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df720e31ce67c6f48c7f65766ba5bbd57f253900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:07:e9:9a:d5:71:09:03:ba:c5:40:6e:93:ca:
54:c3:6a:61:d5:f6:11:ae:84:c1:db:75:6b:cb:d4:
82:3a:12:dd:e5:e4:7c:c9:e0:76:dd:f5:49:ab:9f:
88:08:54:f2:dd:c9:5a:cd:fb:73:15:eb:87:5b:89:
0c:52:a6:8e:74:cb:85:4d:73:d4:1b:e5:b8:f9:bf:
05:ec:67:30:e2:b7:22:ad:11:79:68:4c:c7:25:92:
28:81:e6:9e:29:08:18:fa:d2:cc:2c:e4:ef:36:6e:
e8:e2:01:e0:2a:3d:8d:e4:4c:d4:7c:09:3b:7b:23:
04:7a:d6:b0:ee:ea:18:cd:de:d4:be:a1:08:f4:bc:
45:6e:71:9a:c9:22:bc:e6:a1:86:fb:33:89:2a:96:
64:22:d1:11:93:a4:69:9a:e0:85:3f:3f:de:2d:2d:
12:87:b5:05:3e:4b:88:69:c4:e8:19:78:64:41:2d:
87:9f:db:6c:37:86:ad:fb:35:15:cd:98:2e:90:5a:
2d:62:8a:59:16:af:29:d3:96:2b:11:10:d4:0f:04:
d6:35:2a:97:25:21:ef:f8:ca:e0:6f:90:8f:35:5b:
21:1f:98:c5:03:a4:34:09:5e:be:56:de:41:97:56:
f4:e8:74:e9:78:b0:06:f5:7c:6d:ae:78:d6:80:2c:
0b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:72:0E:31:CE:67:C6:F4:8C:7F:65:76:6B:A5:BB:D5:7F:25:39:00
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/33IOMc5nxvSMf2V2a6W71X8lOQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.13.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8d:1c:a4:53:52:6c:23:9d:af:2a:8d:58:6e:59:c8:88:c3:
87:21:3f:37:0a:45:28:60:c6:5d:5b:26:f9:5f:17:35:15:94:
c7:ab:80:f7:a9:35:c0:87:71:f4:3c:75:e2:01:77:48:f1:a5:
c2:37:9d:43:ce:62:6b:24:48:82:7e:7e:25:ae:a3:ec:8b:73:
49:51:35:f6:3d:28:1e:23:2b:b1:ae:03:95:aa:0d:a5:d7:0b:
e7:f0:ef:f8:c4:de:e3:e7:c1:dc:90:90:23:87:2f:66:65:14:
69:ce:d2:0f:ae:69:fc:c2:bb:c9:4b:0e:b5:aa:f1:e0:7d:b5:
9d:21:93:c2:ce:fb:37:8e:b8:c9:b7:b9:c5:ae:4b:fc:70:7e:
c1:72:e9:d7:cf:90:f5:4f:7c:30:5c:03:c8:fb:c2:25:bf:94:
56:ff:6d:77:a8:57:e5:c6:d6:60:4d:f9:b5:7e:ce:32:16:8d:
c1:20:8d:34:56:cd:60:d8:c3:81:a8:50:4f:27:e4:52:51:d4:
d2:29:18:fd:97:47:78:c9:94:ee:d4:95:d0:11:01:f2:f2:24:
25:67:41:37:c0:13:e5:3e:b2:39:5c:e0:18:5d:cf:88:69:de:
4a:ed:e7:86:3f:fc:c4:e4:66:4a:a9:ff:fd:17:29:94:91:ac:
43:a5:64:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNwSUTR5R1sYFMT2kcfRgDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQxMTI4MDEwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjcyMGUzMWNlNjdjNmY0OGM3ZjY1NzY2YmE1YmJkNTdmMjUzOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQfpmtVxCQO6xUBuk8pUw2ph1fYR
roTB23Vry9SCOhLd5eR8yeB23fVJq5+ICFTy3clazftzFeuHW4kMUqaOdMuFTXPU
G+W4+b8F7Gcw4rcirRF5aEzHJZIogeaeKQgY+tLMLOTvNm7o4gHgKj2N5EzUfAk7
eyMEetaw7uoYzd7UvqEI9LxFbnGaySK85qGG+zOJKpZkItERk6RpmuCFPz/eLS0S
h7UFPkuIacToGXhkQS2Hn9tsN4at+zUVzZgukFotYopZFq8p05YrERDUDwTWNSqX
JSHv+Mrgb5CPNVshH5jFA6Q0CV6+Vt5Bl1b06HTpeLAG9XxtrnjWgCwLAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9yDjHOZ8b0jH9ldmulu9V/JTkAMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMzNJT01jNW54dlNNZjJWMmE2VzcxWDhsT1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY0NMA0G
CSqGSIb3DQEBCwUAA4IBAQA0jRykU1JsI52vKo1YblnIiMOHIT83CkUoYMZdWyb5
Xxc1FZTHq4D3qTXAh3H0PHXiAXdI8aXCN51DzmJrJEiCfn4lrqPsi3NJUTX2PSge
IyuxrgOVqg2l1wvn8O/4xN7j58HckJAjhy9mZRRpztIPrmn8wrvJSw61qvHgfbWd
IZPCzvs3jrjJt7nFrkv8cH7BcunXz5D1T3wwXAPI+8Ilv5RW/213qFflxtZgTfm1
fs4yFo3BII00Vs1g2MOBqFBPJ+RSUdTSKRj9l0d4yZTu1JXQEQHy8iQlZ0E3wBPl
PrI5XOAYXc+Iad5K7eeGP/zE5GZKqf/9FymUkaxDpWRO
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:19:44 2025 by rpki-client