Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/caSXI4rkLQxghWhiO_gViONlD04.roa
File: caSXI4rkLQxghWhiO_gViONlD04.roa (raw, json)
Hash identifier: NEh4qZHxnK3Zh2Wou5bYmfw3RxU+gfl0E8od5KYLZlM=
Subject key identifier: 71:A4:97:23:8A:E4:2D:0C:60:85:68:62:3B:F8:15:88:E3:65:0F:4E
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01933E21E9C99183FD576D99B56BE1D335DD
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/caSXI4rkLQxghWhiO_gViONlD04.roa
Signing time: Mon 18 Nov 2024 07:17:10 +0000
ROA not before: Mon 18 Nov 2024 07:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 329272
IP address blocks: 45.150.188.0/22 maxlen: 24
185.240.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:21:e9:c9:91:83:fd:57:6d:99:b5:6b:e1:d3:35:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Nov 18 07:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a497238ae42d0c608568623bf81588e3650f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a6:c4:2b:1c:ad:50:61:08:f2:ff:91:bc:6d:
bf:73:07:30:95:89:5f:5a:f5:a3:7d:e6:93:d9:50:
c2:a4:71:1e:7a:05:dd:ee:c3:ec:e3:77:57:3d:98:
c1:05:85:f8:f2:cc:61:a1:5c:e1:b2:9c:84:9c:ac:
e5:f3:cc:5f:df:16:c8:ef:53:53:5e:b5:38:ae:00:
a9:34:f6:62:a8:17:a4:9b:dc:1a:16:d6:92:35:72:
bb:a5:73:2c:83:4b:69:d6:c8:3d:a5:55:47:c0:49:
6f:42:55:20:66:fd:18:03:1f:a6:cf:ba:8b:7e:39:
fc:1e:a4:36:73:42:dc:fd:80:50:17:4e:f4:34:35:
29:e2:7b:3a:a8:d0:13:13:e8:a6:8a:6f:42:53:34:
20:47:f5:6b:25:32:59:88:03:7e:c2:6c:de:4c:d7:
f8:79:d8:e2:72:2a:5a:1b:92:4e:5c:c3:ec:aa:ae:
85:68:dd:79:47:03:70:ce:23:9e:aa:ff:23:9e:9f:
a5:5f:e3:f9:dc:b6:fc:fa:e6:84:0a:0a:34:a6:07:
f8:2a:4d:7e:2c:94:61:dd:a3:c3:a9:56:99:78:06:
77:50:97:37:f5:b9:7f:03:ab:a1:2b:c9:b2:68:dd:
1f:49:a4:e4:22:8f:1a:f6:e2:d0:8e:43:1a:ee:76:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A4:97:23:8A:E4:2D:0C:60:85:68:62:3B:F8:15:88:E3:65:0F:4E
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/caSXI4rkLQxghWhiO_gViONlD04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.188.0/22
185.240.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:10:ac:45:59:7e:30:8e:4b:90:48:35:f8:ae:90:2f:2a:4e:
2d:03:c2:c9:e1:4b:e6:1c:51:84:e6:52:01:38:c2:42:20:82:
69:ce:e0:cb:3b:f0:0f:de:75:bb:5f:a0:3f:a8:6b:25:c6:6c:
ca:f2:35:55:9a:fa:f6:0b:dc:a5:ed:78:d6:c4:77:a1:e0:28:
c9:c7:f6:c9:37:ca:d4:67:8b:22:7f:0e:7c:30:53:e9:8b:01:
32:48:60:ac:b3:7a:1c:9d:c5:7a:ab:3d:5e:d2:e1:76:75:62:
3c:56:07:b4:0c:1d:0c:d1:fe:88:e8:a4:52:23:2b:24:12:25:
ff:a8:3d:0a:98:65:cb:b2:66:57:3a:ae:23:6e:4e:c0:05:9d:
df:cf:ab:9c:98:fd:1c:b0:54:ff:ac:2e:2e:ea:68:f4:6c:e0:
31:82:c6:8e:d5:b5:b1:e5:7e:86:bb:20:af:12:0f:06:53:58:
9a:13:d5:82:21:e2:51:32:02:5f:1a:1d:8b:89:94:b2:1b:21:
36:c9:f0:89:46:f1:13:ee:df:13:e3:97:cf:3d:a7:cd:83:8d:
8d:70:cb:34:20:10:c7:43:42:51:57:f2:81:eb:8a:f8:51:d1:
3a:ef:b6:94:91:8d:e8:8f:05:7e:69:13:19:14:c2:90:e4:7a:
5f:c1:4a:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZM+IenJkYP9V22ZtWvh0zXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjQxMTE4MDcxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE0OTcyMzhhZTQyZDBjNjA4NTY4NjIzYmY4MTU4OGUzNjUwZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKbEKxytUGEI8v+RvG2/cwcwlYlf
WvWjfeaT2VDCpHEeegXd7sPs43dXPZjBBYX48sxhoVzhspyEnKzl88xf3xbI71NT
XrU4rgCpNPZiqBekm9waFtaSNXK7pXMsg0tp1sg9pVVHwElvQlUgZv0YAx+mz7qL
fjn8HqQ2c0Lc/YBQF070NDUp4ns6qNATE+imim9CUzQgR/VrJTJZiAN+wmzeTNf4
edjicipaG5JOXMPsqq6FaN15RwNwziOeqv8jnp+lX+P53Lb8+uaECgo0pgf4Kk1+
LJRh3aPDqVaZeAZ3UJc39bl/A6uhK8myaN0fSaTkIo8a9uLQjkMa7nZ1KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGklyOK5C0MYIVoYjv4FYjjZQ9OMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvY2FTWEk0cmtMUXhnaFdoaU9fZ1ZpT05sRDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZa8AwQC
ufAwMA0GCSqGSIb3DQEBCwUAA4IBAQArEKxFWX4wjkuQSDX4rpAvKk4tA8LJ4Uvm
HFGE5lIBOMJCIIJpzuDLO/AP3nW7X6A/qGslxmzK8jVVmvr2C9yl7XjWxHeh4CjJ
x/bJN8rUZ4sifw58MFPpiwEySGCss3ocncV6qz1e0uF2dWI8Vge0DB0M0f6I6KRS
IyskEiX/qD0KmGXLsmZXOq4jbk7ABZ3fz6ucmP0csFT/rC4u6mj0bOAxgsaO1bWx
5X6GuyCvEg8GU1iaE9WCIeJRMgJfGh2LiZSyGyE2yfCJRvET7t8T45fPPafNg42N
cMs0IBDHQ0JRV/KB64r4UdE677aUkY3ojwV+aRMZFMKQ5HpfwUoY
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:39:16 2025 by rpki-client