Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/W99ttbCJgwoKmYuWx9F7fsUdzD4.roa
File: W99ttbCJgwoKmYuWx9F7fsUdzD4.roa (raw, json)
Hash identifier: EtvfEZC8/GGV6yT3PUSgT/Jxf5GekeTFXhLM0/Yys3U=
Subject key identifier: 5B:DF:6D:B5:B0:89:83:0A:0A:99:8B:96:C7:D1:7B:7E:C5:1D:CC:3E
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 0193A3952BD5A01DE229AA6B17CDDCE8C9A5
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/W99ttbCJgwoKmYuWx9F7fsUdzD4.roa
Signing time: Sun 08 Dec 2024 00:04:42 +0000
ROA not before: Sun 08 Dec 2024 00:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.140.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 05:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a3:95:2b:d5:a0:1d:e2:29:aa:6b:17:cd:dc:e8:c9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Dec 8 00:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bdf6db5b089830a0a998b96c7d17b7ec51dcc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:20:5a:80:01:ff:9d:1a:bf:30:56:66:72:
fd:e8:f9:71:14:8e:52:71:54:73:f1:42:a9:a8:67:
da:e1:8d:5f:06:7f:ad:8a:98:84:18:ee:3f:e5:cf:
64:40:8f:60:f7:45:2b:92:98:d5:2b:40:4f:c2:4c:
d1:dd:ec:74:a9:0a:15:f2:ae:d8:5c:65:2c:5d:30:
62:c1:c0:80:ce:85:9a:a1:c2:cb:74:29:f5:ae:73:
ef:90:ff:38:68:d7:f0:07:db:36:ab:61:2a:bc:ad:
08:17:77:d9:12:4a:50:da:14:b3:80:a3:77:c8:54:
e9:d2:02:b4:c8:b4:82:cb:5c:a7:d6:b4:28:06:b9:
3c:e3:6c:c9:7c:25:20:77:aa:a7:60:d4:5f:98:28:
d9:3a:8a:15:79:fb:8d:30:c8:29:96:51:af:e6:ae:
a7:71:f0:43:9a:7c:a8:1b:34:f1:f7:b3:04:88:15:
e1:a7:98:61:1d:72:6b:d3:34:fe:91:9a:c2:37:e3:
a9:05:08:f4:c7:13:07:58:15:05:1c:b7:85:ff:06:
98:da:a7:07:a2:f0:f6:74:f2:57:c8:4a:80:5c:cc:
16:79:46:c8:57:6d:da:12:b8:5e:25:a9:29:35:3e:
01:54:70:34:75:14:c8:64:17:2c:af:b1:70:63:b7:
3a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DF:6D:B5:B0:89:83:0A:0A:99:8B:96:C7:D1:7B:7E:C5:1D:CC:3E
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/W99ttbCJgwoKmYuWx9F7fsUdzD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.247.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:5a:7d:e8:8a:68:ca:d2:cf:ed:98:4a:eb:e7:99:a0:39:e7:
cb:06:c3:86:b5:2a:d8:e4:17:5a:b5:f4:de:d9:62:e8:d4:85:
77:3e:fc:f5:e2:bd:cd:41:c5:12:9d:37:c4:2f:cc:9c:9e:5b:
d8:e3:89:06:37:dd:ae:ea:a0:03:70:98:20:ef:21:38:7a:4a:
c5:63:1e:ab:fd:17:d5:86:9f:8b:07:ca:3e:dc:2f:0a:90:ec:
83:db:4f:74:48:02:48:b9:9e:1b:e4:a2:03:af:6a:f0:49:db:
59:a9:4d:21:8a:b5:2d:ca:6f:d0:5f:69:fa:f3:90:09:a2:61:
4c:7b:e6:66:29:70:78:5b:58:4c:81:c9:eb:47:25:f0:8f:fe:
37:3f:37:c3:01:eb:b7:bf:a2:3f:69:2d:9f:50:63:fb:78:02:
b4:2e:91:47:d9:c3:23:1c:e9:73:22:22:4d:b1:0e:4a:d8:73:
a4:11:c4:04:5e:31:fe:ab:c3:d8:06:36:bc:29:86:a7:fa:97:
55:e5:8d:cc:82:82:4a:82:1e:71:81:3f:38:49:e1:13:29:be:
77:46:9e:db:24:d3:35:4e:d0:c7:ec:e5:5a:d4:33:f8:aa:ff:
75:4d:85:4e:d3:c1:e1:71:0f:a0:cf:91:b4:a6:4e:29:d1:d7:
93:3e:f2:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOjlSvVoB3iKaprF83c6MmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQxMjA4MDAwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRmNmRiNWIwODk4MzBhMGE5OThiOTZjN2QxN2I3ZWM1MWRjYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz8gWoAB/50avzBWZnL96PlxFI5S
cVRz8UKpqGfa4Y1fBn+tipiEGO4/5c9kQI9g90UrkpjVK0BPwkzR3ex0qQoV8q7Y
XGUsXTBiwcCAzoWaocLLdCn1rnPvkP84aNfwB9s2q2EqvK0IF3fZEkpQ2hSzgKN3
yFTp0gK0yLSCy1yn1rQoBrk842zJfCUgd6qnYNRfmCjZOooVefuNMMgpllGv5q6n
cfBDmnyoGzTx97MEiBXhp5hhHXJr0zT+kZrCN+OpBQj0xxMHWBUFHLeF/waY2qcH
ovD2dPJXyEqAXMwWeUbIV23aErheJakpNT4BVHA0dRTIZBcsr7FwY7c6zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvfbbWwiYMKCpmLlsfRe37FHcw+MB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvVzk5dHRiQ0pnd29LbVl1V3g5Rjdmc1VkekQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz3MA0G
CSqGSIb3DQEBCwUAA4IBAQC1Wn3oimjK0s/tmErr55mgOefLBsOGtSrY5BdatfTe
2WLo1IV3Pvz14r3NQcUSnTfEL8ycnlvY44kGN92u6qADcJgg7yE4ekrFYx6r/RfV
hp+LB8o+3C8KkOyD2090SAJIuZ4b5KIDr2rwSdtZqU0hirUtym/QX2n685AJomFM
e+ZmKXB4W1hMgcnrRyXwj/43PzfDAeu3v6I/aS2fUGP7eAK0LpFH2cMjHOlzIiJN
sQ5K2HOkEcQEXjH+q8PYBja8KYan+pdV5Y3MgoJKgh5xgT84SeETKb53Rp7bJNM1
TtDH7OVa1DP4qv91TYVO08HhcQ+gz5G0pk4p0deTPvIW
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:01:21 2025 by rpki-client