Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/UVvIixpi3ZR-gqWyrmqZvqZgYzo.roa
File: UVvIixpi3ZR-gqWyrmqZvqZgYzo.roa (raw, json)
Hash identifier: AKRJQZo9eBJYsL68y0gkAhTYwvtEQ2kK3amwjDGgqjg=
Subject key identifier: 51:5B:C8:8B:1A:62:DD:94:7E:82:A5:B2:AE:6A:99:BE:A6:60:63:3A
Certificate issuer: /CN=37f8ccf0c82de044e8e2e3c2b12c080d524c6f15
Certificate serial: 018CC3492C4CC5C6CB2EF0D09F04A7D0AC43
Authority key identifier: 37:F8:CC:F0:C8:2D:E0:44:E8:E2:E3:C2:B1:2C:08:0D:52:4C:6F:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/UVvIixpi3ZR-gqWyrmqZvqZgYzo.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60264
IP address blocks: 45.150.124.0/24 maxlen: 24
45.150.124.0/23 maxlen: 23
45.150.125.0/24 maxlen: 24
45.150.127.0/24 maxlen: 24
45.150.126.0/24 maxlen: 24
45.150.126.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2c:4c:c5:c6:cb:2e:f0:d0:9f:04:a7:d0:ac:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37f8ccf0c82de044e8e2e3c2b12c080d524c6f15
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=515bc88b1a62dd947e82a5b2ae6a99bea660633a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ac:14:4f:5c:d7:1f:e0:93:de:89:53:47:c8:
44:9e:62:77:37:e0:6a:96:04:d0:f8:04:21:83:05:
ea:3a:07:6b:bd:33:d1:d0:f3:36:71:fb:3e:2a:21:
e9:7d:93:dc:28:57:4a:1e:fd:1a:b5:8a:94:98:2c:
32:5f:9d:cf:6b:ea:e1:a1:bf:25:bf:ac:67:54:60:
c9:4c:62:50:57:30:89:fe:fe:36:15:79:d4:7c:5b:
57:26:40:45:ce:63:d1:85:8b:43:d8:3a:ec:d5:ce:
09:31:0d:5c:80:8d:a5:78:bd:2f:62:ea:62:49:72:
85:4e:04:f9:08:fb:7c:fd:39:f0:33:cd:77:27:52:
8b:22:78:74:eb:04:57:33:89:af:5a:bb:94:dd:bc:
5f:85:20:a7:ff:33:2d:08:15:8d:91:43:89:cb:a7:
a5:7f:fe:91:74:2d:dc:0c:88:01:47:25:6c:1a:96:
c1:7d:05:3c:dc:3c:32:9a:e0:cd:6a:ee:22:3e:2d:
a4:5a:e0:cd:ef:ea:30:e0:40:a9:17:a6:58:cb:1a:
f6:58:4c:0b:c2:14:e7:72:d9:46:1d:70:02:48:ae:
f5:ac:8a:7a:7e:74:ff:73:d7:5f:e8:f3:69:76:8f:
f2:8c:31:eb:c8:e1:e8:6f:4b:8f:d3:07:15:d2:d8:
ec:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5B:C8:8B:1A:62:DD:94:7E:82:A5:B2:AE:6A:99:BE:A6:60:63:3A
X509v3 Authority Key Identifier:
keyid:37:F8:CC:F0:C8:2D:E0:44:E8:E2:E3:C2:B1:2C:08:0D:52:4C:6F:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/UVvIixpi3ZR-gqWyrmqZvqZgYzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.124.0/22
Signature Algorithm: sha256WithRSAEncryption
52:17:1a:ad:88:2b:29:dd:8d:75:d5:7b:0c:44:eb:8c:7d:c1:
b8:1f:ce:17:c1:00:b6:bd:c4:0a:bf:52:fd:62:92:87:36:ac:
06:d6:64:d7:51:55:d7:15:e2:1d:c5:a1:64:3f:36:9b:c6:88:
8c:9f:3f:ea:2f:d3:ae:31:0a:94:ac:2f:30:b0:88:ab:04:0e:
97:96:fc:00:bd:5f:d9:45:54:82:b0:2c:43:f5:01:a5:b1:c8:
b3:3c:b5:d5:f6:2f:0e:08:4c:d9:f3:93:d6:12:b2:49:ce:39:
db:0c:b2:2b:53:2c:31:4b:4a:c9:61:61:37:d3:64:95:ee:56:
e1:93:bd:c0:56:41:74:79:ae:46:c9:82:22:c9:bf:f5:26:cd:
c0:bd:1e:70:8b:9a:95:33:fb:41:64:9e:7c:ef:91:48:1c:9f:
19:f9:3c:43:01:6e:eb:33:65:d0:27:3a:ec:06:fc:9e:9d:80:
90:71:b5:bf:c1:49:7c:32:48:b6:11:e3:74:2d:eb:95:17:cf:
6b:b2:c6:d8:cf:0a:09:98:e5:c1:71:1e:8f:5d:fa:06:bd:18:
b5:8a:e4:09:a5:c5:c5:b8:3c:54:3b:91:34:e6:99:25:31:65:
29:d6:1e:a4:6d:90:6a:f7:36:5a:fa:e6:b8:5c:da:6a:51:e6:
c1:53:5e:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSxMxcbLLvDQnwSn0KxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZjhjY2YwYzgyZGUwNDRlOGUyZTNjMmIxMmMwODBkNTI0
YzZmMTUwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTViYzg4YjFhNjJkZDk0N2U4MmE1YjJhZTZhOTliZWE2NjA2MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqwUT1zXH+CT3olTR8hEnmJ3N+Bq
lgTQ+AQhgwXqOgdrvTPR0PM2cfs+KiHpfZPcKFdKHv0atYqUmCwyX53Pa+rhob8l
v6xnVGDJTGJQVzCJ/v42FXnUfFtXJkBFzmPRhYtD2Drs1c4JMQ1cgI2leL0vYupi
SXKFTgT5CPt8/TnwM813J1KLInh06wRXM4mvWruU3bxfhSCn/zMtCBWNkUOJy6el
f/6RdC3cDIgBRyVsGpbBfQU83DwymuDNau4iPi2kWuDN7+ow4ECpF6ZYyxr2WEwL
whTnctlGHXACSK71rIp6fnT/c9df6PNpdo/yjDHryOHob0uP0wcV0tjs9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFbyIsaYt2UfoKlsq5qmb6mYGM6MB8GA1UdIwQY
MBaAFDf4zPDILeBE6OLjwrEsCA1STG8VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9qTThNZ3Q0RVRvNHVQQ3NTd0lEVkpNYnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zODgwM2YtNjk0Ny00YzlkLThjZTEt
MDMyODNkNDlhZGNmLzEvVVZ2SWl4cGkzWlItZ3FXeXJtcVp2cVpnWXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zODgwM2YtNjk0Ny00YzlkLThjZTEtMDMyODNkNDlhZGNm
LzEvTl9qTThNZ3Q0RVRvNHVQQ3NTd0lEVkpNYnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBSFxqtiCsp3Y111XsMROuMfcG4H84XwQC2vcQKv1L9
YpKHNqwG1mTXUVXXFeIdxaFkPzabxoiMnz/qL9OuMQqUrC8wsIirBA6XlvwAvV/Z
RVSCsCxD9QGlscizPLXV9i8OCEzZ85PWErJJzjnbDLIrUywxS0rJYWE302SV7lbh
k73AVkF0ea5GyYIiyb/1Js3AvR5wi5qVM/tBZJ5875FIHJ8Z+TxDAW7rM2XQJzrs
BvyenYCQcbW/wUl8Mki2EeN0LeuVF89rssbYzwoJmOXBcR6PXfoGvRi1iuQJpcXF
uDxUO5E05pklMWUp1h6kbZBq9zZa+ua4XNpqUebBU14B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:45 2025 by rpki-client