Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/zVw6etnb48M4UxxKbYJe9MzY2yc.roa
File: zVw6etnb48M4UxxKbYJe9MzY2yc.roa (raw, json)
Hash identifier: kLqkYIg+WivLpmhmDDiZoH3kSrfk85htqSHFG9b+W/M=
Subject key identifier: CD:5C:3A:7A:D9:DB:E3:C3:38:53:1C:4A:6D:82:5E:F4:CC:D8:DB:27
Certificate issuer: /CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Certificate serial: 018CC3B6A5E3B136DE8C8BDB9549B5197265
Authority key identifier: 0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/zVw6etnb48M4UxxKbYJe9MzY2yc.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208202
IP address blocks: 45.154.55.0/24 maxlen: 24
45.154.52.0/24 maxlen: 24
45.154.53.0/24 maxlen: 24
45.154.54.0/24 maxlen: 24
2a0f:ad01::/32 maxlen: 32
2a0f:ad00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a5:e3:b1:36:de:8c:8b:db:95:49:b5:19:72:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd5c3a7ad9dbe3c338531c4a6d825ef4ccd8db27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:c9:cc:f4:e7:56:93:f4:4d:a1:ac:37:3e:
06:22:72:59:10:16:de:67:2c:fe:43:cf:06:8e:12:
7e:f3:f0:c0:15:30:6e:d7:4b:6f:23:31:ae:ee:64:
f5:ea:92:5f:e1:d8:55:f8:fe:11:1a:69:91:98:5e:
5a:1b:6f:99:ea:73:97:b0:97:40:fb:d7:a5:be:a5:
e5:9e:5f:2c:ae:1e:4c:74:37:fa:95:03:c1:24:eb:
22:78:cf:86:7f:ff:93:4c:2d:f2:85:9a:1a:a7:12:
b5:51:59:6c:1b:f8:72:5d:35:11:74:52:05:bd:6d:
58:8c:ca:33:37:d5:03:34:fa:d9:11:9f:f1:74:95:
1a:07:99:5a:35:cb:0f:c9:ff:ac:5d:36:38:9b:35:
0b:46:ad:91:c1:31:0e:96:5e:e5:f4:0d:b7:e4:75:
ca:1b:f4:42:f1:9d:ea:70:43:b0:4a:9b:da:1e:37:
33:77:c6:00:55:9c:d8:75:7e:ce:f2:56:d6:ca:0c:
e0:02:cf:d5:fe:41:be:34:1f:b7:02:ba:91:ea:c3:
27:39:09:71:78:68:69:f8:9d:0f:e0:82:5a:93:ee:
c9:f8:5a:bb:0b:fc:09:40:84:e7:59:7f:3a:c4:b1:
40:df:fe:d8:f3:14:b8:97:66:f2:08:e5:17:45:41:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5C:3A:7A:D9:DB:E3:C3:38:53:1C:4A:6D:82:5E:F4:CC:D8:DB:27
X509v3 Authority Key Identifier:
keyid:0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/zVw6etnb48M4UxxKbYJe9MzY2yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.52.0/22
IPv6:
2a0f:ad00::/31
Signature Algorithm: sha256WithRSAEncryption
17:0c:f2:35:db:aa:64:5c:eb:cc:72:d7:0e:68:5a:4e:0b:a6:
bc:13:b9:25:9e:c8:34:0b:f2:a3:8b:ad:44:0a:3e:03:bf:3c:
46:df:56:ce:48:48:0e:43:33:73:99:cb:eb:21:71:ac:ef:33:
0a:8e:0f:94:e4:c9:10:48:8a:b3:57:f5:d4:8d:ff:78:09:8f:
c7:78:be:18:8e:28:65:1c:89:a0:1c:7c:09:3d:d2:a7:8c:42:
6b:37:80:65:2f:02:bb:78:e2:6f:42:b3:4c:ff:f2:1a:68:6c:
34:71:af:42:36:bb:89:69:ed:94:99:ed:25:31:db:8d:e6:89:
a3:e5:07:0a:e3:d9:a2:7e:6e:bf:36:2c:2e:93:90:13:e1:7e:
12:05:3b:42:de:ba:3a:1a:87:58:7c:35:d1:ec:7e:c2:b3:3d:
d4:6e:c0:f8:8b:09:fe:97:89:00:4d:10:2b:ca:b6:8e:55:1f:
01:c5:dc:18:65:c1:7b:4f:b6:b6:8b:0e:ad:65:c2:82:c5:c7:
0e:ba:98:1f:0a:fd:3c:be:ab:ad:a8:41:f1:b9:47:fa:3b:99:
35:8a:15:1d:3e:ed:7c:87:19:bb:38:05:70:ab:2e:b4:86:ed:
7a:aa:47:ca:ef:93:e1:cf:40:ce:9a:bf:ad:9e:fb:9f:5b:04:
0a:90:cb:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtqXjsTbejIvblUm1GXJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMTcwZWU4NTllOTFmNDk3M2RlNGE1NzJiMWJhZDJmM2E1
ZDE4MjUwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDVjM2E3YWQ5ZGJlM2MzMzg1MzFjNGE2ZDgyNWVmNGNjZDhkYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxITJzPTnVpP0TaGsNz4GInJZEBbe
Zyz+Q88GjhJ+8/DAFTBu10tvIzGu7mT16pJf4dhV+P4RGmmRmF5aG2+Z6nOXsJdA
+9elvqXlnl8srh5MdDf6lQPBJOsieM+Gf/+TTC3yhZoapxK1UVlsG/hyXTURdFIF
vW1YjMozN9UDNPrZEZ/xdJUaB5laNcsPyf+sXTY4mzULRq2RwTEOll7l9A235HXK
G/RC8Z3qcEOwSpvaHjczd8YAVZzYdX7O8lbWygzgAs/V/kG+NB+3ArqR6sMnOQlx
eGhp+J0P4IJak+7J+Fq7C/wJQITnWX86xLFA3/7Y8xS4l2byCOUXRUFIIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM1cOnrZ2+PDOFMcSm2CXvTM2NsnMB8GA1UdIwQY
MBaAFA4XDuhZ6R9Jc95KVysbrS86XRglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTkt
ZmMyZWM0YmI1OTY3LzEvelZ3NmV0bmI0OE00VXh4S2JZSmU5TXpZMnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTktZmMyZWM0YmI1OTY3
LzEvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZo0MA0E
AgACMAcDBQEqD60AMA0GCSqGSIb3DQEBCwUAA4IBAQAXDPI126pkXOvMctcOaFpO
C6a8E7klnsg0C/Kji61ECj4DvzxG31bOSEgOQzNzmcvrIXGs7zMKjg+U5MkQSIqz
V/XUjf94CY/HeL4YjihlHImgHHwJPdKnjEJrN4BlLwK7eOJvQrNM//IaaGw0ca9C
NruJae2Ume0lMduN5omj5QcK49mifm6/Niwuk5AT4X4SBTtC3ro6GodYfDXR7H7C
sz3UbsD4iwn+l4kATRAryraOVR8BxdwYZcF7T7a2iw6tZcKCxccOupgfCv08vqut
qEHxuUf6O5k1ihUdPu18hxm7OAVwqy60hu16qkfK75Phz0DOmr+tnvufWwQKkMtV
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:19 2025 by rpki-client