Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IgJ7df0gsxCk1pvkjdTaYhwcNME.roa
File: IgJ7df0gsxCk1pvkjdTaYhwcNME.roa (raw, json)
Hash identifier: h7d7MclGSDh5JoRSLm+Kl76k5nKYKXrD53dLSh3mPGQ=
Subject key identifier: 22:02:7B:75:FD:20:B3:10:A4:D6:9B:E4:8D:D4:DA:62:1C:1C:34:C1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0192B40544EFB2997693736BA2957E80D8C7
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IgJ7df0gsxCk1pvkjdTaYhwcNME.roa
Signing time: Tue 22 Oct 2024 11:38:17 +0000
ROA not before: Tue 22 Oct 2024 11:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61330
IP address blocks: 45.43.157.0/24 maxlen: 24
216.173.100.0/24 maxlen: 24
216.173.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:05:44:ef:b2:99:76:93:73:6b:a2:95:7e:80:d8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 22 11:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22027b75fd20b310a4d69be48dd4da621c1c34c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c2:6d:d4:7b:f3:5d:2b:16:59:b1:71:0e:db:
46:b0:1b:7b:b9:29:90:1d:0c:74:0d:68:41:ff:49:
83:47:53:e0:b2:41:00:32:4c:84:b3:f4:b7:68:d8:
d6:26:71:8e:2b:c3:73:a6:f4:6c:98:74:6b:10:7a:
45:59:c7:34:5f:a5:e3:68:9a:4c:c6:a4:82:58:aa:
79:81:d4:dc:49:53:c7:6b:08:bb:17:90:10:04:8f:
5d:87:0b:85:7d:34:69:d1:9b:3b:e9:e1:0f:5f:93:
92:8a:0d:14:aa:ba:40:d7:41:44:3d:07:f2:10:fb:
48:ea:9c:8f:0d:a9:ed:e4:5b:78:03:a3:f8:84:c8:
68:6f:e4:c7:2b:1e:1c:fe:2a:07:dc:50:43:55:f9:
23:6c:26:13:3e:b7:d1:18:21:61:6a:b5:85:34:42:
78:1c:ad:30:18:53:60:68:db:f3:fb:8a:a4:4f:74:
98:10:4a:ac:18:ea:d1:2e:3b:b0:52:b5:47:e8:48:
c8:1b:d0:0b:1c:bf:eb:af:f5:29:bc:c6:a8:98:f0:
01:a5:1d:89:3a:cb:15:8b:5b:ad:ee:69:96:ef:0b:
ae:1f:03:5e:9b:60:6f:f1:aa:6e:f3:c4:2d:6d:b2:
a6:1a:34:74:08:6c:09:0e:3d:98:10:d2:8d:97:08:
23:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:7B:75:FD:20:B3:10:A4:D6:9B:E4:8D:D4:DA:62:1C:1C:34:C1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IgJ7df0gsxCk1pvkjdTaYhwcNME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.157.0/24
216.173.100.0/24
216.173.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:5f:33:91:79:b9:8d:2b:97:e5:3f:c9:fe:e3:ff:2b:3b:56:
a2:61:aa:9a:9d:e2:28:1e:4d:7e:1a:e6:93:4e:1b:e3:da:e3:
e4:bb:6d:d6:e3:1a:28:13:54:83:60:2a:cc:ff:87:3d:22:85:
d6:ad:b3:31:1a:f7:7a:53:20:20:38:c9:79:3a:73:b8:aa:41:
46:ea:62:0b:b0:86:50:db:d9:9d:99:66:9e:4d:92:ae:0d:ca:
38:6f:3b:f3:ea:de:41:b2:7c:35:47:9a:d5:49:e3:6b:b2:80:
81:a6:37:c4:83:7c:64:ff:c7:79:c3:60:57:4a:8e:6b:8e:9e:
7f:ef:75:74:c0:e1:ce:54:9b:04:6d:c1:c2:29:4d:85:0d:72:
63:f4:2c:c5:51:11:f7:32:de:12:01:77:23:8d:62:f3:d9:58:
c5:57:a0:ef:25:b6:72:43:8f:1d:36:52:00:e4:4e:d7:9d:5e:
eb:ce:bf:60:a4:b9:a3:94:c9:88:94:70:c9:03:39:6d:4f:37:
03:43:29:7b:91:6b:87:bf:6a:98:20:63:c8:89:eb:b7:04:ff:
17:a7:21:fe:35:06:66:37:a3:37:de:83:db:86:c9:37:5f:41:
ef:d0:6d:2b:b7:16:71:18:d5:97:92:1d:05:72:af:b3:05:56:
b7:61:14:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK0BUTvspl2k3NropV+gNjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMDIyMTEzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAyN2I3NWZkMjBiMzEwYTRkNjliZTQ4ZGQ0ZGE2MjFjMWMzNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8Jt1HvzXSsWWbFxDttGsBt7uSmQ
HQx0DWhB/0mDR1PgskEAMkyEs/S3aNjWJnGOK8NzpvRsmHRrEHpFWcc0X6XjaJpM
xqSCWKp5gdTcSVPHawi7F5AQBI9dhwuFfTRp0Zs76eEPX5OSig0UqrpA10FEPQfy
EPtI6pyPDant5Ft4A6P4hMhob+THKx4c/ioH3FBDVfkjbCYTPrfRGCFharWFNEJ4
HK0wGFNgaNvz+4qkT3SYEEqsGOrRLjuwUrVH6EjIG9ALHL/rr/UpvMaomPABpR2J
OssVi1ut7mmW7wuuHwNem2Bv8apu88QtbbKmGjR0CGwJDj2YENKNlwgjowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCICe3X9ILMQpNab5I3U2mIcHDTBMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSWdKN2RmMGdzeENrMXB2a2pkVGFZaHdjTk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSudAwQA
2K1kAwQA2K15MA0GCSqGSIb3DQEBCwUAA4IBAQAPXzORebmNK5flP8n+4/8rO1ai
YaqaneIoHk1+GuaTThvj2uPku23W4xooE1SDYCrM/4c9IoXWrbMxGvd6UyAgOMl5
OnO4qkFG6mILsIZQ29mdmWaeTZKuDco4bzvz6t5Bsnw1R5rVSeNrsoCBpjfEg3xk
/8d5w2BXSo5rjp5/73V0wOHOVJsEbcHCKU2FDXJj9CzFURH3Mt4SAXcjjWLz2VjF
V6DvJbZyQ48dNlIA5E7XnV7rzr9gpLmjlMmIlHDJAzltTzcDQyl7kWuHv2qYIGPI
ieu3BP8XpyH+NQZmN6M33oPbhsk3X0Hv0G0rtxZxGNWXkh0Fcq+zBVa3YRTS
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:58:52 2025 by rpki-client