Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/8r53VdsRt5-w0a60RJX9FkxujNs.roa
File: 8r53VdsRt5-w0a60RJX9FkxujNs.roa (raw, json)
Hash identifier: /mxozZkDzO49JYq0RX+WRDiD7RiXZGqKmIBI1QyXu3c=
Subject key identifier: F2:BE:77:55:DB:11:B7:9F:B0:D1:AE:B4:44:95:FD:16:4C:6E:8C:DB
Certificate issuer: /CN=30195c3bb050586b5f4e5004118007c48b34eae5
Certificate serial: 018CC7277540F3923929FF3957F8EA4FE139
Authority key identifier: 30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/8r53VdsRt5-w0a60RJX9FkxujNs.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 45.91.159.0/24 maxlen: 24
45.91.156.0/24 maxlen: 24
45.91.157.0/24 maxlen: 24
45.91.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:40:f3:92:39:29:ff:39:57:f8:ea:4f:e1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30195c3bb050586b5f4e5004118007c48b34eae5
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2be7755db11b79fb0d1aeb44495fd164c6e8cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:03:64:22:9f:e1:da:d1:de:18:02:17:39:
99:0e:5a:df:a5:f6:1e:81:72:3f:6e:8a:4b:e0:04:
d4:ea:20:cc:23:15:2b:e2:dd:80:3c:be:ee:5d:7e:
ae:87:75:ff:db:21:e7:c0:97:d2:bb:33:c3:90:16:
94:f9:87:cf:34:37:d6:7d:a4:86:cf:11:0f:53:10:
e1:0b:f5:9a:22:82:2a:a9:6d:3f:7b:8e:f5:f9:3f:
76:55:51:57:71:4d:1c:23:6a:3e:41:c3:ca:dc:28:
33:4d:e2:7d:82:a4:12:9c:27:4b:db:f8:41:cc:09:
f4:ff:61:91:35:3a:5d:36:b9:08:8c:7e:bb:73:22:
fe:b3:14:0a:c9:17:75:a8:1d:b2:da:bc:56:db:d2:
2b:ef:c1:b1:d2:4c:bd:d8:de:48:09:58:ea:ad:87:
4b:15:c3:24:8e:e2:e8:fa:f9:e6:69:f2:d1:56:f7:
34:29:99:b7:d7:d2:5c:26:8c:aa:2a:4b:1d:2e:63:
cb:48:a2:4e:30:8b:ef:b3:6e:93:e8:58:47:53:4c:
a1:c9:ff:98:c6:d9:4c:f6:79:72:9f:af:1e:18:de:
e1:09:c4:e6:72:d6:27:2b:ae:93:da:de:4c:66:30:
95:1c:98:28:f4:a4:98:72:aa:6a:87:62:a2:48:a4:
8e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BE:77:55:DB:11:B7:9F:B0:D1:AE:B4:44:95:FD:16:4C:6E:8C:DB
X509v3 Authority Key Identifier:
keyid:30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/8r53VdsRt5-w0a60RJX9FkxujNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/MBlcO7BQWGtfTlAEEYAHxIs06uU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.156.0/22
Signature Algorithm: sha256WithRSAEncryption
25:b3:cc:0c:23:c6:06:84:e5:57:ee:63:6d:14:d4:d8:6e:3d:
31:c5:22:7f:44:3c:89:d2:cf:ff:50:bc:a1:ae:da:70:de:e4:
ff:d8:3c:81:cf:e5:92:6d:2e:94:d0:a4:e4:34:d1:c9:10:f7:
e5:47:53:e4:8f:57:87:f3:33:54:79:e2:f0:72:cb:b2:68:d1:
89:b6:2d:57:4f:a5:bc:3f:e1:c8:b0:ba:09:a7:c3:86:25:86:
0b:68:cc:19:96:7d:7c:fd:1b:cb:0c:61:c3:ab:0c:55:c4:68:
1c:d5:aa:0e:70:b6:cf:3c:ac:69:8b:02:15:d7:d1:87:6a:62:
d6:8f:55:05:8b:c9:50:d9:97:2c:aa:d5:9a:61:58:4e:e6:58:
aa:b5:6f:f8:2a:75:85:a4:c8:89:64:24:04:08:34:cf:3a:b8:
a1:0d:91:d3:af:06:00:e8:d6:4a:5f:66:5c:52:e9:ad:eb:e5:
9a:e5:27:17:59:5f:83:23:5d:6f:15:25:f8:26:e4:37:7c:da:
f0:75:78:be:92:48:51:13:1d:fa:cb:bb:66:d4:c7:6d:a1:6f:
d1:b3:50:fd:85:5d:4b:d7:50:02:eb:b9:80:25:2c:8e:11:f3:
9d:5b:af:ee:f4:40:97:2e:f2:b3:76:c1:cb:cd:5f:34:4a:48:
b8:e1:a2:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3VA85I5Kf85V/jqT+E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTk1YzNiYjA1MDU4NmI1ZjRlNTAwNDExODAwN2M0OGIz
NGVhZTUwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJlNzc1NWRiMTFiNzlmYjBkMWFlYjQ0NDk1ZmQxNjRjNmU4Y2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh94DZCKf4drR3hgCFzmZDlrfpfYe
gXI/bopL4ATU6iDMIxUr4t2APL7uXX6uh3X/2yHnwJfSuzPDkBaU+YfPNDfWfaSG
zxEPUxDhC/WaIoIqqW0/e471+T92VVFXcU0cI2o+QcPK3CgzTeJ9gqQSnCdL2/hB
zAn0/2GRNTpdNrkIjH67cyL+sxQKyRd1qB2y2rxW29Ir78Gx0ky92N5ICVjqrYdL
FcMkjuLo+vnmafLRVvc0KZm319JcJoyqKksdLmPLSKJOMIvvs26T6FhHU0yhyf+Y
xtlM9nlyn68eGN7hCcTmctYnK66T2t5MZjCVHJgo9KSYcqpqh2KiSKSOaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPK+d1XbEbefsNGutESV/RZMbozbMB8GA1UdIwQY
MBaAFDAZXDuwUFhrX05QBBGAB8SLNOrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJsY083QlFXR3RmVGxBRUVZQUh4SXMwNnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9jNzYyNzUtZDhkYS00NTIzLTgzYWQt
YjQyMWMzOGIyZjdmLzEvOHI1M1Zkc1J0NS13MGE2MFJKWDlGa3h1ak5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9jNzYyNzUtZDhkYS00NTIzLTgzYWQtYjQyMWMzOGIyZjdm
LzEvTUJsY083QlFXR3RmVGxBRUVZQUh4SXMwNnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVucMA0G
CSqGSIb3DQEBCwUAA4IBAQAls8wMI8YGhOVX7mNtFNTYbj0xxSJ/RDyJ0s//ULyh
rtpw3uT/2DyBz+WSbS6U0KTkNNHJEPflR1Pkj1eH8zNUeeLwcsuyaNGJti1XT6W8
P+HIsLoJp8OGJYYLaMwZln18/RvLDGHDqwxVxGgc1aoOcLbPPKxpiwIV19GHamLW
j1UFi8lQ2ZcsqtWaYVhO5liqtW/4KnWFpMiJZCQECDTPOrihDZHTrwYA6NZKX2Zc
Uumt6+Wa5ScXWV+DI11vFSX4JuQ3fNrwdXi+kkhREx36y7tm1MdtoW/Rs1D9hV1L
11AC67mAJSyOEfOdW6/u9ECXLvKzdsHLzV80Ski44aLW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:18 2025 by rpki-client