Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/14OLg-o774Kap0x9DGGlYzuFtSQ.roa
File: 14OLg-o774Kap0x9DGGlYzuFtSQ.roa (raw, json)
Hash identifier: GftMjKgPNCQaJ3VV9qXQAM0nqhrHOmHbnyUOY5aoID4=
Subject key identifier: D7:83:8B:83:EA:3B:EF:82:9A:A7:4C:7D:0C:61:A5:63:3B:85:B5:24
Certificate issuer: /CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Certificate serial: 018CC7942909FA45102052FD6DBA04D9EDF5
Authority key identifier: 73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/14OLg-o774Kap0x9DGGlYzuFtSQ.roa
Signing time: Tue 02 Jan 2024 00:30:24 +0000
ROA not before: Tue 02 Jan 2024 00:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42072
IP address blocks: 45.154.74.0/23 maxlen: 24
2a0f:b300:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:29:09:fa:45:10:20:52:fd:6d:ba:04:d9:ed:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Validity
Not Before: Jan 2 00:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7838b83ea3bef829aa74c7d0c61a5633b85b524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ba:74:24:08:51:8a:65:0e:ad:6a:be:cd:da:
fc:b7:c4:9b:6a:a4:17:17:4c:6e:12:8d:4d:bc:82:
84:b9:3f:3d:96:55:ac:c3:8c:cc:54:04:9a:63:d9:
60:38:b8:b3:25:e3:cd:6f:2c:be:52:61:6d:eb:64:
86:ef:a1:43:18:23:ad:2c:83:83:f8:d5:95:78:71:
84:ef:d7:c4:23:88:34:ca:eb:be:05:54:b1:bf:fa:
55:14:76:c1:59:0c:cf:a0:e8:16:8c:4b:5e:a3:4e:
9f:dd:8d:79:0b:a1:83:f1:52:d7:64:0d:a6:36:c6:
cd:a3:a0:f4:63:ff:e6:28:5a:69:4a:46:bc:bb:9b:
5d:3d:9b:52:d2:6e:7d:9f:24:a1:91:fe:cb:57:c8:
73:c7:1f:91:e8:06:f0:06:1b:77:01:88:77:56:16:
c6:cc:36:fa:dc:81:c0:31:1f:5a:eb:65:56:d2:87:
2a:55:53:d1:35:f3:db:61:31:7a:99:d1:48:9a:bf:
79:39:df:7f:6d:6b:1b:88:73:80:c3:19:54:0b:8d:
07:bb:15:19:7a:07:50:fd:94:5f:9a:1b:26:c5:30:
8a:c7:16:78:95:3b:46:2a:ae:0d:d7:fb:d3:9e:c8:
04:68:dc:b4:73:d1:2b:99:af:bd:0a:73:b5:b1:48:
f6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:83:8B:83:EA:3B:EF:82:9A:A7:4C:7D:0C:61:A5:63:3B:85:B5:24
X509v3 Authority Key Identifier:
keyid:73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/14OLg-o774Kap0x9DGGlYzuFtSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.74.0/23
IPv6:
2a0f:b300:2000::/36
Signature Algorithm: sha256WithRSAEncryption
47:ba:64:45:73:ad:7a:97:4e:94:39:64:ef:ad:17:69:fe:86:
69:21:02:2e:f7:9e:f1:ab:d0:10:84:3b:83:9a:62:48:76:14:
aa:a2:64:a7:08:b7:6b:91:b3:02:c2:6f:a1:98:2c:01:32:52:
fe:d1:cb:58:b1:77:76:c6:63:5b:67:45:81:45:3c:40:df:ed:
b0:8a:61:c6:61:9c:ac:90:a1:d4:81:c5:10:3f:4c:64:12:01:
85:31:8b:7b:5d:a2:ac:15:0b:ff:a1:0c:fd:ff:6a:39:32:92:
73:ab:42:a6:d6:ad:f8:f3:34:4b:87:9c:be:ed:1b:6c:b0:9d:
db:89:d9:4c:f3:23:e5:b6:6a:bd:32:b6:9f:63:9c:3f:a0:c8:
bd:0e:f3:c6:e7:5a:12:a2:1b:59:26:db:6f:ad:3a:32:88:45:
a2:dc:fe:f4:f6:db:15:20:07:6f:71:9a:1d:97:66:5f:61:9c:
51:84:c4:93:4c:b8:eb:6a:87:a3:ad:cc:b7:3a:54:b1:31:dd:
59:17:c4:82:f7:1f:06:4d:40:f0:65:b0:30:a3:51:65:2f:7d:
35:bc:25:3a:01:58:8f:6e:fd:37:f8:34:f9:b7:09:d1:1e:20:
d0:7a:a0:be:1c:bc:80:d0:89:ab:6d:b3:da:9e:64:e6:42:79:
3a:7c:d5:38
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHlCkJ+kUQIFL9bboE2e31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNmQ3MjRlMjM5ZWZiN2YyZjdiZWE1MjZhOWUwYzVlN2Zj
ODliYmUwHhcNMjQwMTAyMDAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzgzOGI4M2VhM2JlZjgyOWFhNzRjN2QwYzYxYTU2MzNiODViNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbp0JAhRimUOrWq+zdr8t8SbaqQX
F0xuEo1NvIKEuT89llWsw4zMVASaY9lgOLizJePNbyy+UmFt62SG76FDGCOtLIOD
+NWVeHGE79fEI4g0yuu+BVSxv/pVFHbBWQzPoOgWjEteo06f3Y15C6GD8VLXZA2m
NsbNo6D0Y//mKFppSka8u5tdPZtS0m59nyShkf7LV8hzxx+R6AbwBht3AYh3VhbG
zDb63IHAMR9a62VW0ocqVVPRNfPbYTF6mdFImr95Od9/bWsbiHOAwxlUC40HuxUZ
egdQ/ZRfmhsmxTCKxxZ4lTtGKq4N1/vTnsgEaNy0c9Erma+9CnO1sUj2bQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNeDi4PqO++CmqdMfQxhpWM7hbUkMB8GA1UdIwQY
MBaAFHNtck4jnvt/L3vqUmqeDF5/yJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQt
MGJlYmZjYmRlMWYzLzEvMTRPTGctbzc3NEthcDB4OURHR2xZenVGdFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQtMGJlYmZjYmRlMWYz
LzEvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBLZpKMA4E
AgACMAgDBgQqD7MAIDANBgkqhkiG9w0BAQsFAAOCAQEAR7pkRXOtepdOlDlk760X
af6GaSECLvee8avQEIQ7g5piSHYUqqJkpwi3a5GzAsJvoZgsATJS/tHLWLF3dsZj
W2dFgUU8QN/tsIphxmGcrJCh1IHFED9MZBIBhTGLe12irBUL/6EM/f9qOTKSc6tC
ptat+PM0S4ecvu0bbLCd24nZTPMj5bZqvTK2n2OcP6DIvQ7zxudaEqIbWSbbb606
MohFotz+9PbbFSAHb3GaHZdmX2GcUYTEk0y462qHo63MtzpUsTHdWRfEgvcfBk1A
8GWwMKNRZS99NbwlOgFYj279N/g0+bcJ0R4g0Hqgvhy8gNCJq22z2p5k5kJ5OnzV
OA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:43 2025 by rpki-client