Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/v0BQroGbVfVtAVP89lezOmh0Md0.roa
File: v0BQroGbVfVtAVP89lezOmh0Md0.roa (raw, json)
Hash identifier: WbqXvkpasnIV7TI+dKYmXiHLy9OGRcsXbWku5zXLhG8=
Subject key identifier: BF:40:50:AE:81:9B:55:F5:6D:01:53:FC:F6:57:B3:3A:68:74:31:DD
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018FA4759DE3394DB41D3FC9B8856A46CB2A
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/v0BQroGbVfVtAVP89lezOmh0Md0.roa
Signing time: Thu 23 May 2024 07:58:42 +0000
ROA not before: Thu 23 May 2024 07:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 45.143.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:75:9d:e3:39:4d:b4:1d:3f:c9:b8:85:6a:46:cb:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: May 23 07:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf4050ae819b55f56d0153fcf657b33a687431dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:53:89:d8:9b:89:12:3d:c6:ae:c2:db:62:
a6:9d:c9:26:98:54:c7:a6:d4:0d:d8:85:d2:ac:65:
48:1f:96:0a:1e:97:fa:ef:4c:b4:c4:38:6e:81:3b:
53:ba:48:d3:4d:ac:13:06:0d:dc:08:56:e9:31:ee:
45:c1:ea:07:5a:99:7e:89:61:8a:bb:2b:80:32:c7:
72:a5:7a:a6:f6:79:02:b7:2c:01:59:78:0d:89:84:
79:0d:32:a7:01:2f:00:af:2e:d2:9d:ca:13:e0:52:
67:3b:ee:d9:20:22:7a:6f:16:ec:3d:30:57:c5:e2:
53:52:86:4c:9c:3e:6a:91:8b:f0:c2:02:ec:15:5f:
a7:dc:4e:80:35:0e:a4:56:bd:0e:25:5a:c5:ce:42:
1a:c7:2e:86:92:52:9d:84:a1:f6:ee:a7:8a:96:61:
48:a8:58:36:2a:9b:f8:44:ab:0c:1f:06:3d:09:5f:
ac:5a:52:8e:62:2a:d9:33:3a:e2:28:e2:0c:67:5b:
35:74:5d:8b:fb:5d:1a:ee:65:95:0e:d4:62:1f:87:
cd:6d:91:2b:58:20:ad:bf:ce:cf:fc:48:f7:68:f8:
54:f2:35:a3:0a:4a:44:d7:04:fb:1b:f4:d3:9a:3f:
bd:f3:83:ab:67:41:f1:b2:59:f3:4f:1f:02:1b:95:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:40:50:AE:81:9B:55:F5:6D:01:53:FC:F6:57:B3:3A:68:74:31:DD
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/v0BQroGbVfVtAVP89lezOmh0Md0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.5.0/24
Signature Algorithm: sha256WithRSAEncryption
01:58:17:11:72:4f:ca:07:3d:9c:30:f5:45:9e:8f:98:17:72:
c6:7c:5a:2e:ec:64:5a:e0:ea:9a:b9:12:b4:6c:e7:6a:8d:69:
db:d8:fe:87:c7:cd:66:60:6b:8b:af:a7:4b:fb:61:58:35:4e:
ac:7e:50:b1:6e:74:77:0e:85:9d:db:a7:f2:21:05:ab:bc:f1:
8c:4a:ff:de:29:2e:05:cd:80:bc:44:88:37:9c:d8:c7:a5:8d:
95:fb:d1:bf:be:a7:62:54:43:16:2d:49:8b:5c:76:cd:b8:c7:
60:b1:66:a4:6f:64:ac:60:b4:8a:18:bc:b0:ff:23:f8:4b:c6:
76:50:73:79:fb:79:68:cc:22:e6:7a:b9:16:be:8b:5d:33:d3:
0b:8b:8c:4f:aa:0e:ef:78:d8:6e:a7:ee:1f:b7:d8:a4:36:25:
d6:b0:ec:c2:6d:e9:e3:06:d4:5d:c6:ce:5f:0c:27:33:dc:81:
68:fb:9e:c4:e4:8b:c3:d6:68:cf:fc:e1:4e:45:58:e6:79:6b:
6b:59:51:66:76:27:ee:b7:1b:31:d5:63:1f:33:1e:80:ce:52:
b4:1e:91:59:cf:f5:12:d9:17:3b:f7:32:05:4e:5b:65:ef:1d:
1c:fc:b3:5b:4a:43:3f:1f:11:4b:3e:65:77:ff:3f:e5:39:96:
94:59:3a:58
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY+kdZ3jOU20HT/JuIVqRssqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjQwNTIzMDc1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQwNTBhZTgxOWI1NWY1NmQwMTUzZmNmNjU3YjMzYTY4NzQzMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv81TidibiRI9xq7C22KmnckmmFTH
ptQN2IXSrGVIH5YKHpf670y0xDhugTtTukjTTawTBg3cCFbpMe5FweoHWpl+iWGK
uyuAMsdypXqm9nkCtywBWXgNiYR5DTKnAS8Ary7SncoT4FJnO+7ZICJ6bxbsPTBX
xeJTUoZMnD5qkYvwwgLsFV+n3E6ANQ6kVr0OJVrFzkIaxy6GklKdhKH27qeKlmFI
qFg2Kpv4RKsMHwY9CV+sWlKOYirZMzriKOIMZ1s1dF2L+10a7mWVDtRiH4fNbZEr
WCCtv87P/Ej3aPhU8jWjCkpE1wT7G/TTmj+984OrZ0HxslnzTx8CG5U3MQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL9AUK6Bm1X1bQFT/PZXszpodDHdMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL3YwQlFyb0diVmZWdEFWUDg5bGV6T21oME1kMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwUw
DQYJKoZIhvcNAQELBQADggEBAAFYFxFyT8oHPZww9UWej5gXcsZ8Wi7sZFrg6pq5
ErRs52qNadvY/ofHzWZga4uvp0v7YVg1Tqx+ULFudHcOhZ3bp/IhBau88YxK/94p
LgXNgLxEiDec2MeljZX70b++p2JUQxYtSYtcds24x2CxZqRvZKxgtIoYvLD/I/hL
xnZQc3n7eWjMIuZ6uRa+i10z0wuLjE+qDu942G6n7h+32KQ2Jdaw7MJt6eMG1F3G
zl8MJzPcgWj7nsTki8PWaM/84U5FWOZ5a2tZUWZ2J+63GzHVYx8zHoDOUrQekVnP
9RLZFzv3MgVOW2XvHRz8s1tKQz8fEUs+ZXf/P+U5lpRZOlg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:49 2025 by rpki-client