Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YT2nQBc1r74oyHxGADpkJtjCwmU.roa
File: YT2nQBc1r74oyHxGADpkJtjCwmU.roa (raw, json)
Hash identifier: OfaGV8Di5Rs9Dyhbju3qNQsp23GeBXOmzYKdQIBewBs=
Subject key identifier: 61:3D:A7:40:17:35:AF:BE:28:C8:7C:46:00:3A:64:26:D8:C2:C2:65
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0192BE1EB79E777AC6A4111A056DAEF8035B
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YT2nQBc1r74oyHxGADpkJtjCwmU.roa
Signing time: Thu 24 Oct 2024 10:42:16 +0000
ROA not before: Thu 24 Oct 2024 10:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216314
IP address blocks: 45.43.144.0/24 maxlen: 24
45.43.157.0/24 maxlen: 24
216.173.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:1e:b7:9e:77:7a:c6:a4:11:1a:05:6d:ae:f8:03:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 24 10:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=613da7401735afbe28c87c46003a6426d8c2c265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:61:be:84:7f:ac:4f:45:80:b9:07:f1:28:8b:
18:57:49:a7:ed:35:ff:13:ec:b4:8a:f4:29:14:cb:
ce:15:3a:e1:e3:b8:57:07:2a:42:52:70:b1:6c:00:
8c:c0:58:28:82:4c:d5:c7:b5:72:e8:a1:b0:36:4d:
27:52:a3:4b:19:fc:27:72:a7:b6:f2:2b:e4:78:73:
85:9d:4b:05:4e:e0:05:6c:a7:46:ea:ac:9a:c1:24:
54:4d:d0:57:3f:ea:cb:8b:12:1f:f3:87:6d:7d:2d:
bc:3c:e3:d6:14:48:55:f6:f4:93:bc:a1:29:67:c0:
5f:79:74:2d:26:aa:80:a1:e3:60:2e:5e:a4:ac:4d:
a5:c9:98:04:db:80:29:d0:f0:1a:eb:17:9b:57:a1:
a7:6b:80:c3:5a:c6:41:90:ac:a6:c9:a7:51:28:fa:
9c:cc:11:0d:41:f8:31:40:35:1c:69:de:77:5a:4f:
20:ea:de:e0:ba:5a:63:9e:9b:18:bd:f0:87:9e:73:
3f:85:91:c5:01:aa:8e:dc:4f:81:44:89:68:6d:bc:
7c:87:7c:0a:b3:b7:2d:f3:2e:16:76:b6:34:9e:a3:
a9:e7:6d:b1:f2:de:2f:8c:1e:59:1e:b8:e1:08:eb:
c1:c2:45:e4:82:e3:56:7f:c7:e7:bb:46:f0:30:26:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3D:A7:40:17:35:AF:BE:28:C8:7C:46:00:3A:64:26:D8:C2:C2:65
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YT2nQBc1r74oyHxGADpkJtjCwmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.144.0/24
45.43.157.0/24
216.173.100.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:52:22:32:39:51:16:8c:44:04:85:7f:e8:2a:88:68:21:33:
12:03:36:6d:d4:61:d3:91:ac:e9:2e:e1:47:6e:18:89:ad:1f:
9c:a0:68:a0:f5:5d:b2:0d:89:7f:f5:c1:7c:3a:9e:75:d4:03:
da:88:35:82:eb:5f:fa:3e:1d:cc:4b:a9:ef:8d:b0:d4:4f:fb:
81:0e:a9:5b:cb:c8:9c:74:2f:c5:6e:1f:52:4a:c5:7b:37:44:
f6:d3:be:82:7f:6c:fd:87:f9:5c:26:c8:2e:6e:1e:0d:97:da:
c7:0f:25:c7:43:6c:61:7a:7f:21:ca:7b:49:66:0f:22:18:1c:
62:cf:0f:e7:70:68:2e:fb:5c:0f:45:b4:f5:fd:29:48:4e:4d:
f6:d9:85:f5:02:f1:5b:9c:ff:7c:af:b9:07:bf:53:86:7c:56:
26:d1:d0:52:9b:e2:c0:cd:57:96:6b:6a:f5:9b:7d:8b:fb:bd:
cc:5d:e1:b0:77:76:d5:0f:2e:a1:22:fa:d4:50:3e:ef:61:30:
8f:81:f6:9a:20:52:e8:79:83:b2:7b:72:7d:af:ac:cc:1f:d9:
71:bd:f4:cb:ff:fa:87:31:5a:0a:95:2a:b0:c6:40:68:e2:cf:
ff:ae:05:f9:6d:df:27:d8:d8:b3:55:34:50:b8:de:2a:3a:25:
17:52:55:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK+Hreed3rGpBEaBW2u+ANbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMDI0MTA0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNkYTc0MDE3MzVhZmJlMjhjODdjNDYwMDNhNjQyNmQ4YzJjMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGG+hH+sT0WAuQfxKIsYV0mn7TX/
E+y0ivQpFMvOFTrh47hXBypCUnCxbACMwFgogkzVx7Vy6KGwNk0nUqNLGfwncqe2
8ivkeHOFnUsFTuAFbKdG6qyawSRUTdBXP+rLixIf84dtfS28POPWFEhV9vSTvKEp
Z8BfeXQtJqqAoeNgLl6krE2lyZgE24Ap0PAa6xebV6Gna4DDWsZBkKymyadRKPqc
zBENQfgxQDUcad53Wk8g6t7gulpjnpsYvfCHnnM/hZHFAaqO3E+BRIlobbx8h3wK
s7ct8y4WdrY0nqOp522x8t4vjB5ZHrjhCOvBwkXkguNWf8fnu0bwMCbgvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGE9p0AXNa++KMh8RgA6ZCbYwsJlMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWVQyblFCYzFyNzRveUh4R0FEcGtKdGpDd21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSuQAwQA
LSudAwQA2K1kMA0GCSqGSIb3DQEBCwUAA4IBAQA/UiIyOVEWjEQEhX/oKohoITMS
AzZt1GHTkazpLuFHbhiJrR+coGig9V2yDYl/9cF8Op511APaiDWC61/6Ph3MS6nv
jbDUT/uBDqlby8icdC/Fbh9SSsV7N0T2076Cf2z9h/lcJsgubh4Nl9rHDyXHQ2xh
en8hyntJZg8iGBxizw/ncGgu+1wPRbT1/SlITk322YX1AvFbnP98r7kHv1OGfFYm
0dBSm+LAzVeWa2r1m32L+73MXeGwd3bVDy6hIvrUUD7vYTCPgfaaIFLoeYOye3J9
r6zMH9lxvfTL//qHMVoKlSqwxkBo4s//rgX5bd8n2NizVTRQuN4qOiUXUlV3
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:39 2025 by rpki-client