Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/k5Sj94pAgmsnYErsc-PaitYLPL8.roa
File: k5Sj94pAgmsnYErsc-PaitYLPL8.roa (raw, json)
Hash identifier: LbzVS/okcEXXeZ4JrHF5oyEfURuo4dBMNeebh3DQ688=
Subject key identifier: 93:94:A3:F7:8A:40:82:6B:27:60:4A:EC:73:E3:DA:8A:D6:0B:3C:BF
Certificate issuer: /CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Certificate serial: 018CC492BCB1D604A519552834E4C6667530
Authority key identifier: 49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/k5Sj94pAgmsnYErsc-PaitYLPL8.roa
Signing time: Mon 01 Jan 2024 10:30:00 +0000
ROA not before: Mon 01 Jan 2024 10:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 45.147.76.0/24 maxlen: 24
45.147.77.0/24 maxlen: 24
45.147.78.0/23 maxlen: 23
45.147.78.0/24 maxlen: 24
45.147.76.0/22 maxlen: 22
45.147.76.0/23 maxlen: 23
45.147.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 04:10:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:bc:b1:d6:04:a5:19:55:28:34:e4:c6:66:75:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Validity
Not Before: Jan 1 10:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9394a3f78a40826b27604aec73e3da8ad60b3cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:78:79:24:0e:66:e9:65:f6:48:88:a7:56:
86:4c:58:38:49:5b:eb:27:d4:70:fd:66:bb:14:29:
18:de:29:ac:68:d9:53:2e:83:59:3b:23:5a:72:8c:
39:8f:36:71:81:f8:9d:cf:6c:99:98:26:b7:99:ef:
24:dd:32:bc:81:b2:6b:3a:11:52:ca:d8:86:13:cc:
1c:b8:e8:0d:a5:76:08:78:25:24:f9:cc:6a:5f:c6:
8c:bf:6d:a2:ca:37:b2:9e:6f:c2:e4:b9:ab:0a:2a:
bd:3f:25:1b:93:6d:cb:82:af:21:1c:c1:22:71:59:
2e:b6:43:2f:a7:9c:71:c3:2e:3d:98:7e:71:13:a1:
be:43:f3:5a:ca:00:76:e0:a7:28:8c:6f:7d:cc:0c:
57:bb:86:2e:ca:28:34:1d:89:3d:3a:bf:34:18:7f:
26:78:16:c3:b4:ec:33:1b:d3:85:40:83:2a:4f:ff:
12:e1:04:d6:81:90:56:12:15:61:65:47:43:44:73:
b0:02:de:ab:ef:39:ae:de:5e:da:f1:d1:59:fb:1c:
ea:e1:a6:8a:db:a5:7c:b9:06:66:ed:66:6e:96:42:
cf:48:89:5a:45:54:70:81:22:67:42:98:df:15:02:
61:85:e0:af:c7:b0:01:d7:45:01:5c:d7:22:7a:13:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:94:A3:F7:8A:40:82:6B:27:60:4A:EC:73:E3:DA:8A:D6:0B:3C:BF
X509v3 Authority Key Identifier:
keyid:49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/k5Sj94pAgmsnYErsc-PaitYLPL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.76.0/22
Signature Algorithm: sha256WithRSAEncryption
11:12:c6:36:cb:9c:24:12:09:cb:9d:43:a0:a4:bb:8e:f3:f2:
57:bc:1e:28:6e:03:f5:1e:df:7f:bd:c5:cb:ad:40:aa:13:fc:
07:1f:eb:1d:8f:49:fc:08:76:05:a7:d8:b3:c1:3c:48:74:1e:
98:14:17:05:ee:9a:26:ea:92:2c:48:bb:eb:db:3c:a2:6c:8e:
07:df:e5:15:91:47:32:e8:08:64:bf:9c:3c:d3:b5:94:cd:78:
b3:37:b6:a4:73:fd:8f:10:12:5c:80:0c:19:47:dd:24:fd:bc:
16:94:92:4c:b8:66:86:88:62:2a:1f:e4:6d:51:60:2e:96:2d:
0c:6d:4a:0c:28:b5:93:ac:04:70:66:6d:ba:f7:43:69:99:c6:
16:e8:11:55:46:06:79:5d:dc:0a:07:c7:20:bc:01:cc:bd:71:
6c:ea:d1:bb:9e:ab:ce:0e:e8:4b:a6:50:8e:8c:0e:11:46:df:
11:3e:4f:6d:40:c5:2c:5c:bd:42:19:5b:f2:6e:49:1f:85:7f:
ce:82:96:fd:70:07:3b:18:16:9a:cf:e1:1d:2f:2f:bc:52:c1:
73:62:11:c2:30:5e:bf:f2:45:25:e1:f8:0b:90:de:8b:f5:96:
0f:64:a7:36:e2:9c:a5:8b:c7:7d:7e:d0:16:11:55:b5:ec:1d:
ed:27:2c:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkryx1gSlGVUoNOTGZnUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OGZlNWIyODJiMWM3ZGIwMGY2N2JiNGExM2Q5Zjc5NTIw
NTA4YjcwHhcNMjQwMTAxMTAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk0YTNmNzhhNDA4MjZiMjc2MDRhZWM3M2UzZGE4YWQ2MGIzY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyp4eSQOZull9kiIp1aGTFg4SVvr
J9Rw/Wa7FCkY3imsaNlTLoNZOyNacow5jzZxgfidz2yZmCa3me8k3TK8gbJrOhFS
ytiGE8wcuOgNpXYIeCUk+cxqX8aMv22iyjeynm/C5LmrCiq9PyUbk23Lgq8hHMEi
cVkutkMvp5xxwy49mH5xE6G+Q/NaygB24KcojG99zAxXu4Yuyig0HYk9Or80GH8m
eBbDtOwzG9OFQIMqT/8S4QTWgZBWEhVhZUdDRHOwAt6r7zmu3l7a8dFZ+xzq4aaK
26V8uQZm7WZulkLPSIlaRVRwgSJnQpjfFQJhheCvx7AB10UBXNciehMgfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOUo/eKQIJrJ2BK7HPj2orWCzy/MB8GA1UdIwQY
MBaAFEmP5bKCscfbAPZ7tKE9n3lSBQi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWIt
MDA0MDNiNjQwNTVhLzEvazVTajk0cEFnbXNuWUVyc2MtUGFpdFlMUEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWItMDA0MDNiNjQwNTVh
LzEvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAREsY2y5wkEgnLnUOgpLuO8/JXvB4obgP1Ht9/vcXL
rUCqE/wHH+sdj0n8CHYFp9izwTxIdB6YFBcF7pom6pIsSLvr2zyibI4H3+UVkUcy
6Ahkv5w807WUzXizN7akc/2PEBJcgAwZR90k/bwWlJJMuGaGiGIqH+RtUWAuli0M
bUoMKLWTrARwZm2690NpmcYW6BFVRgZ5XdwKB8cgvAHMvXFs6tG7nqvODuhLplCO
jA4RRt8RPk9tQMUsXL1CGVvybkkfhX/Ogpb9cAc7GBaaz+EdLy+8UsFzYhHCMF6/
8kUl4fgLkN6L9ZYPZKc24pyli8d9ftAWEVW17B3tJyzN
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:36:01 2025 by rpki-client