Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/mC2V2GyQb0zuizzVS-HO0CBm2oY.roa
File: mC2V2GyQb0zuizzVS-HO0CBm2oY.roa (raw, json)
Hash identifier: FEEsupTR3+WZB2wvbdOALackjMWI+89PNnWUafouaqc=
Subject key identifier: 98:2D:95:D8:6C:90:6F:4C:EE:8B:3C:D5:4B:E1:CE:D0:20:66:DA:86
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018CC9BCA89EBB7AD5F3C20913D915986626
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/mC2V2GyQb0zuizzVS-HO0CBm2oY.roa
Signing time: Tue 02 Jan 2024 10:33:53 +0000
ROA not before: Tue 02 Jan 2024 10:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42517
IP address blocks: 145.35.174.0/24 maxlen: 24
145.35.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a8:9e:bb:7a:d5:f3:c2:09:13:d9:15:98:66:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 10:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=982d95d86c906f4cee8b3cd54be1ced02066da86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d0:a5:b3:55:c3:1b:cd:0e:05:57:ce:4e:b6:
69:e8:fa:52:06:22:a4:19:62:15:f7:97:3e:f6:3c:
99:ec:52:b5:bf:e9:b9:d4:ca:ec:53:f7:63:ab:7a:
66:b7:da:9b:d6:f5:19:18:d5:3d:8d:02:b2:54:26:
d8:36:78:ee:6d:16:dc:5a:74:8d:44:eb:1a:5b:0a:
5b:a6:e3:8a:a2:59:2b:92:9b:eb:a8:45:f3:f8:c1:
0d:ed:f9:ca:a4:61:50:80:8f:f3:88:15:1d:4a:a7:
ca:d0:ad:dc:d4:96:5c:29:fc:15:6a:4f:5e:63:7b:
a4:83:7d:34:ff:dd:89:af:e9:fe:10:d1:43:d1:dd:
df:de:a3:54:31:bc:67:b8:1f:7e:a8:27:6c:52:61:
7b:96:9e:9b:45:49:73:99:4a:b8:aa:af:bf:f2:47:
29:89:8f:d9:ef:a8:30:59:e0:fa:4b:8c:0f:92:eb:
ed:d5:e0:0b:18:50:c0:52:4b:0b:b5:b9:ea:22:52:
f8:3d:58:ad:d6:32:65:81:73:db:52:7e:c7:17:07:
93:25:2d:30:a5:e9:39:02:8a:be:d8:68:21:3c:f6:
eb:8c:76:aa:9a:65:18:d5:57:ab:9e:86:60:19:b4:
c2:c2:81:8b:d8:2d:cb:0d:26:dc:04:e9:c8:49:e0:
38:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2D:95:D8:6C:90:6F:4C:EE:8B:3C:D5:4B:E1:CE:D0:20:66:DA:86
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/mC2V2GyQb0zuizzVS-HO0CBm2oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:b6:19:1f:5e:71:b9:7c:15:00:67:bd:f8:a6:ac:66:f2:7a:
24:22:81:13:eb:54:df:b5:bf:a6:2a:ab:2f:1d:4e:fb:5b:5c:
82:e0:24:4c:29:bb:18:a1:19:f9:a5:d7:41:8c:9f:91:97:73:
eb:ab:ef:5d:07:e5:81:60:4a:ae:43:62:5b:eb:40:0e:40:f5:
a4:66:af:15:4d:81:2a:d9:02:84:5f:d4:f8:07:fc:ef:58:3c:
c4:34:59:dc:a5:e4:1c:7b:db:8f:22:a4:28:e1:3a:ec:8b:d8:
09:18:39:c6:68:cb:e6:bf:09:a0:14:39:6e:4a:97:f8:d9:20:
49:f9:a3:12:d4:d0:06:c4:d5:75:e4:44:82:e1:eb:11:81:bc:
46:ed:59:f6:44:04:27:d8:7b:77:a7:cf:71:64:6c:f5:b9:e8:
08:e4:2e:0c:ee:cd:7b:a8:92:b2:49:56:24:7c:f0:0c:e7:ba:
39:50:f0:19:b9:38:93:e1:9c:21:d2:cc:88:cd:ee:4b:c9:1a:
ad:a7:cd:9c:c7:21:5d:54:45:16:0c:5b:98:9f:eb:91:09:c6:
97:4e:48:0e:a2:7d:f5:6e:6e:79:aa:6b:86:78:25:ca:02:a0:
3b:87:a8:89:01:ee:79:03:d3:c7:2d:95:c8:63:9b:ce:81:d3:
3a:a7:ff:0c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJvKieu3rV88IJE9kVmGYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTAyMTAzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJkOTVkODZjOTA2ZjRjZWU4YjNjZDU0YmUxY2VkMDIwNjZkYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktCls1XDG80OBVfOTrZp6PpSBiKk
GWIV95c+9jyZ7FK1v+m51MrsU/djq3pmt9qb1vUZGNU9jQKyVCbYNnjubRbcWnSN
ROsaWwpbpuOKolkrkpvrqEXz+MEN7fnKpGFQgI/ziBUdSqfK0K3c1JZcKfwVak9e
Y3ukg300/92Jr+n+ENFD0d3f3qNUMbxnuB9+qCdsUmF7lp6bRUlzmUq4qq+/8kcp
iY/Z76gwWeD6S4wPkuvt1eALGFDAUksLtbnqIlL4PVit1jJlgXPbUn7HFweTJS0w
pek5Aoq+2GghPPbrjHaqmmUY1VernoZgGbTCwoGL2C3LDSbcBOnISeA4fQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJgtldhskG9M7os81UvhztAgZtqGMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvbUMyVjJHeVFiMHp1aXp6VlMtSE8wQ0JtMm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkSMwDQYJ
KoZIhvcNAQELBQADggEBAEK2GR9ecbl8FQBnvfimrGbyeiQigRPrVN+1v6Yqqy8d
TvtbXILgJEwpuxihGfml10GMn5GXc+ur710H5YFgSq5DYlvrQA5A9aRmrxVNgSrZ
AoRf1PgH/O9YPMQ0Wdyl5Bx7248ipCjhOuyL2AkYOcZoy+a/CaAUOW5Kl/jZIEn5
oxLU0AbE1XXkRILh6xGBvEbtWfZEBCfYe3enz3FkbPW56AjkLgzuzXuokrJJViR8
8AznujlQ8Bm5OJPhnCHSzIjN7kvJGq2nzZzHIV1URRYMW5if65EJxpdOSA6iffVu
bnmqa4Z4JcoCoDuHqIkB7nkD08ctlchjm86B0zqn/ww=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:04 2025 by rpki-client