Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ee2d10-ebb0-41ba-9981-3f06829e0f5c/1/C0DhL11wBySQ6tOOPckifcoQRrc.roa
File: C0DhL11wBySQ6tOOPckifcoQRrc.roa (raw, json)
Hash identifier: 70c7Et/x+IJ168myLvfl36wU0NL0WFr5tosmWpRkfk0=
Subject key identifier: 0B:40:E1:2F:5D:70:07:24:90:EA:D3:8E:3D:C9:22:7D:CA:10:46:B7
Certificate issuer: /CN=3490424c688ff519fb9e204d8f1588553455b151
Certificate serial: 018EC791EA4B742A58D245E78E075DA48FDE
Authority key identifier: 34:90:42:4C:68:8F:F5:19:FB:9E:20:4D:8F:15:88:55:34:55:B1:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJBCTGiP9Rn7niBNjxWIVTRVsVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ee2d10-ebb0-41ba-9981-3f06829e0f5c/1/C0DhL11wBySQ6tOOPckifcoQRrc.roa
Signing time: Wed 10 Apr 2024 10:33:32 +0000
ROA not before: Wed 10 Apr 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212256
IP address blocks: 45.132.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:91:ea:4b:74:2a:58:d2:45:e7:8e:07:5d:a4:8f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3490424c688ff519fb9e204d8f1588553455b151
Validity
Not Before: Apr 10 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b40e12f5d70072490ead38e3dc9227dca1046b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:36:aa:fe:e1:a3:5b:78:32:70:41:05:20:ab:
23:ec:31:76:b5:38:18:a7:1b:90:16:e4:b5:17:01:
cf:93:0e:2e:7b:3e:f3:1d:bc:b9:9d:f0:8a:c9:09:
db:3b:5d:8c:e3:20:62:4a:2b:33:63:73:02:68:d5:
e3:85:a3:a5:da:e3:fa:0b:0a:99:09:0c:b2:19:65:
48:cd:80:5c:bb:87:e7:bf:d8:d4:9f:e5:40:80:07:
38:02:c0:78:55:fe:2d:11:c7:82:c3:58:de:5f:93:
eb:13:12:ad:91:4f:2d:ed:2a:b5:09:50:31:e8:66:
c2:b4:4e:4b:0b:02:3e:21:fe:44:d2:ee:39:71:87:
d8:a9:00:d3:7f:5a:70:2a:76:46:e5:58:c2:8e:0c:
0a:be:79:3b:af:55:f6:03:62:8f:7f:2f:ab:2f:e1:
29:5d:35:f2:19:2e:c4:78:aa:df:fe:7f:bf:8f:7a:
f3:b0:b6:83:3a:70:a0:9b:e8:b6:cd:6a:42:4d:a9:
a8:34:b5:df:35:a4:4d:80:22:ba:10:89:16:af:58:
7f:d4:c1:7b:da:ef:80:74:32:4c:82:b8:68:06:eb:
1b:01:ef:ca:dd:aa:ff:bd:a9:bd:29:85:6e:6b:7e:
5d:ab:4b:19:73:a5:cf:bc:6b:41:76:ed:3e:e6:88:
40:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:40:E1:2F:5D:70:07:24:90:EA:D3:8E:3D:C9:22:7D:CA:10:46:B7
X509v3 Authority Key Identifier:
keyid:34:90:42:4C:68:8F:F5:19:FB:9E:20:4D:8F:15:88:55:34:55:B1:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJBCTGiP9Rn7niBNjxWIVTRVsVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ee2d10-ebb0-41ba-9981-3f06829e0f5c/1/C0DhL11wBySQ6tOOPckifcoQRrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ee2d10-ebb0-41ba-9981-3f06829e0f5c/1/NJBCTGiP9Rn7niBNjxWIVTRVsVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:d9:8c:c7:ef:7d:e7:3e:77:b0:57:db:be:07:40:cf:56:da:
12:7f:b9:23:80:1f:c8:62:aa:38:a7:9c:e4:61:dd:d0:78:8e:
09:04:c2:12:7e:01:cf:ba:fa:e6:bf:b4:39:28:51:68:67:89:
a8:ec:e3:0e:35:48:29:9c:c2:e6:fb:22:7c:c7:1b:61:2d:0f:
f8:c2:71:95:26:b2:68:0e:9a:b3:98:04:53:38:f5:14:63:95:
b0:4e:c4:a5:eb:32:e0:91:74:92:49:7a:55:4c:09:29:a8:9c:
8b:40:fa:3c:14:85:30:db:f0:a3:d1:a8:73:8a:54:f8:5d:b8:
d8:d9:9b:96:64:ed:84:e4:c4:91:dd:ea:2f:49:b3:6f:15:11:
51:38:2a:23:f5:2f:8d:c8:6a:39:92:78:0a:da:9e:64:61:ec:
7a:b6:7e:58:41:41:5d:41:4f:59:a1:62:57:5e:e5:2b:12:e0:
0c:1c:a6:6f:a2:b8:8e:c5:e8:21:d1:2e:49:28:94:51:88:65:
1c:d0:8d:43:ab:20:1d:dc:e1:f8:e6:47:14:f5:62:90:5d:ad:
03:2a:b1:60:3b:4e:a3:ad:b6:66:ee:a8:95:7a:92:cc:4d:7b:
1b:10:2e:6f:4d:b0:50:8b:95:22:b6:cb:93:e8:ea:c3:70:ab:
56:0c:ae:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7HkepLdCpY0kXnjgddpI/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTA0MjRjNjg4ZmY1MTlmYjllMjA0ZDhmMTU4ODU1MzQ1
NWIxNTEwHhcNMjQwNDEwMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQwZTEyZjVkNzAwNzI0OTBlYWQzOGUzZGM5MjI3ZGNhMTA0NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDaq/uGjW3gycEEFIKsj7DF2tTgY
pxuQFuS1FwHPkw4uez7zHby5nfCKyQnbO12M4yBiSiszY3MCaNXjhaOl2uP6CwqZ
CQyyGWVIzYBcu4fnv9jUn+VAgAc4AsB4Vf4tEceCw1jeX5PrExKtkU8t7Sq1CVAx
6GbCtE5LCwI+If5E0u45cYfYqQDTf1pwKnZG5VjCjgwKvnk7r1X2A2KPfy+rL+Ep
XTXyGS7EeKrf/n+/j3rzsLaDOnCgm+i2zWpCTamoNLXfNaRNgCK6EIkWr1h/1MF7
2u+AdDJMgrhoBusbAe/K3ar/vam9KYVua35dq0sZc6XPvGtBdu0+5ohAGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtA4S9dcAckkOrTjj3JIn3KEEa3MB8GA1UdIwQY
MBaAFDSQQkxoj/UZ+54gTY8ViFU0VbFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpCQ1RHaVA5Um43bmlCTmp4V0lWVFJWc1ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lZTJkMTAtZWJiMC00MWJhLTk5ODEt
M2YwNjgyOWUwZjVjLzEvQzBEaEwxMXdCeVNRNnRPT1Bja2lmY29RUnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lZTJkMTAtZWJiMC00MWJhLTk5ODEtM2YwNjgyOWUwZjVj
LzEvTkpCQ1RHaVA5Um43bmlCTmp4V0lWVFJWc1ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYTUMA0G
CSqGSIb3DQEBCwUAA4IBAQCg2YzH733nPnewV9u+B0DPVtoSf7kjgB/IYqo4p5zk
Yd3QeI4JBMISfgHPuvrmv7Q5KFFoZ4mo7OMONUgpnMLm+yJ8xxthLQ/4wnGVJrJo
DpqzmARTOPUUY5WwTsSl6zLgkXSSSXpVTAkpqJyLQPo8FIUw2/Cj0ahzilT4XbjY
2ZuWZO2E5MSR3eovSbNvFRFROCoj9S+NyGo5kngK2p5kYex6tn5YQUFdQU9ZoWJX
XuUrEuAMHKZvoriOxegh0S5JKJRRiGUc0I1DqyAd3OH45kcU9WKQXa0DKrFgO06j
rbZm7qiVepLMTXsbEC5vTbBQi5UitsuT6OrDcKtWDK6K
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:21 2025 by rpki-client