Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/TE3cmJCNAO_NcAq1R6Quq6CmcCQ.roa
File: TE3cmJCNAO_NcAq1R6Quq6CmcCQ.roa (raw, json)
Hash identifier: o7ddhSb3rsha9ohbabzQ2f21vlRvSCRKgtkCi32aLPo=
Subject key identifier: 4C:4D:DC:98:90:8D:00:EF:CD:70:0A:B5:47:A4:2E:AB:A0:A6:70:24
Certificate issuer: /CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Certificate serial: 018CC56E4B9DF645B96905796E4F19D285AB
Authority key identifier: C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/TE3cmJCNAO_NcAq1R6Quq6CmcCQ.roa
Signing time: Mon 01 Jan 2024 14:29:48 +0000
ROA not before: Mon 01 Jan 2024 14:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.149.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4b:9d:f6:45:b9:69:05:79:6e:4f:19:d2:85:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Validity
Not Before: Jan 1 14:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c4ddc98908d00efcd700ab547a42eaba0a67024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ed:f0:75:10:20:6e:d5:0a:00:2b:c7:a4:da:
c0:a8:be:23:a4:30:e8:a8:15:94:db:3e:3b:26:7b:
ed:9a:a8:23:46:43:ae:4e:0c:4c:ea:c8:ae:0a:b9:
0e:77:21:ed:5f:2f:d8:b0:85:20:18:92:66:c6:3b:
6f:a2:ef:f1:da:23:ca:cf:86:08:f4:88:5b:dd:e4:
5a:fe:88:e1:9a:db:09:8c:59:af:3a:40:0a:17:17:
b5:ca:9e:03:d4:17:70:45:ba:71:66:10:ac:16:2d:
ba:40:4a:af:14:16:df:ba:7e:d6:1c:50:c9:76:a8:
6f:27:f1:a4:6e:3e:1d:c8:4b:a0:75:31:ca:88:29:
fb:1c:53:79:9c:a7:f8:7f:d1:59:1d:b1:bb:ab:0f:
64:c5:aa:1d:36:2b:b7:f4:78:80:2c:f4:7f:70:43:
de:c1:76:51:ff:74:c8:20:6d:12:8a:3d:03:26:b7:
9f:b6:81:3f:23:75:b1:62:8c:08:1f:90:e8:02:15:
da:b0:9b:de:46:14:25:11:00:67:dc:23:b0:8b:28:
0e:c9:53:8f:42:10:3d:88:ae:10:85:14:90:34:88:
08:11:95:dc:45:67:95:af:5b:0a:85:69:08:18:82:
aa:8f:3d:bd:e7:0a:7c:8d:4f:7f:84:97:1e:01:09:
66:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4D:DC:98:90:8D:00:EF:CD:70:0A:B5:47:A4:2E:AB:A0:A6:70:24
X509v3 Authority Key Identifier:
keyid:C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/TE3cmJCNAO_NcAq1R6Quq6CmcCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/xK3VunZitzHdCLz4c48TXZOu1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.108.0/22
Signature Algorithm: sha256WithRSAEncryption
43:0a:ea:43:3c:6c:9b:cd:cb:68:4b:2d:0b:5e:da:7c:8c:6c:
10:06:d3:e5:c4:c4:f8:c5:49:35:59:93:53:15:a2:fe:1d:f4:
ce:02:2e:86:3f:e7:26:73:a1:ad:4e:a9:39:a2:e9:fa:44:4e:
d8:6a:56:0b:9a:57:13:e0:0c:96:37:73:dc:63:28:cd:06:71:
49:4a:35:15:39:92:e2:64:c1:6e:80:25:1a:a7:1a:61:af:79:
2d:19:92:61:69:31:aa:e4:94:d7:82:6d:e8:3d:9c:dc:1d:91:
e0:dd:e6:bf:ef:bc:e1:d0:22:ac:2f:9e:00:bb:93:27:87:9b:
1e:2f:b1:90:5c:ca:26:f0:ab:7e:1b:2a:4e:e4:29:a7:92:89:
c9:96:62:55:f0:19:96:4b:a8:ee:58:bb:7b:cd:ea:cf:ac:de:
f5:b2:b3:00:ff:25:55:85:f9:b7:f0:7c:46:4d:4f:25:3b:9b:
2a:47:bb:a4:c4:52:fc:cc:05:fb:cd:de:a6:23:57:83:6e:cf:
11:d7:d6:36:b2:a7:0d:9d:e4:5b:77:7f:0c:59:ac:ed:e2:c0:
bb:1f:35:5c:3d:32:f8:59:83:06:44:b9:a5:24:71:52:81:7d:
cf:7f:b2:08:8d:e3:81:67:93:8b:ad:d6:81:9a:c9:54:80:f5:
c3:41:27:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbkud9kW5aQV5bk8Z0oWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YWRkNWJhNzY2MmI3MzFkZDA4YmNmODczOGYxMzVkOTNh
ZWQ0NTEwHhcNMjQwMTAxMTQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzRkZGM5ODkwOGQwMGVmY2Q3MDBhYjU0N2E0MmVhYmEwYTY3MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju3wdRAgbtUKACvHpNrAqL4jpDDo
qBWU2z47JnvtmqgjRkOuTgxM6siuCrkOdyHtXy/YsIUgGJJmxjtvou/x2iPKz4YI
9Ihb3eRa/ojhmtsJjFmvOkAKFxe1yp4D1BdwRbpxZhCsFi26QEqvFBbfun7WHFDJ
dqhvJ/Gkbj4dyEugdTHKiCn7HFN5nKf4f9FZHbG7qw9kxaodNiu39HiALPR/cEPe
wXZR/3TIIG0Sij0DJreftoE/I3WxYowIH5DoAhXasJveRhQlEQBn3COwiygOyVOP
QhA9iK4QhRSQNIgIEZXcRWeVr1sKhWkIGIKqjz295wp8jU9/hJceAQlmrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExN3JiQjQDvzXAKtUekLqugpnAkMB8GA1UdIwQY
MBaAFMSt1bp2Yrcx3Qi8+HOPE12TrtRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEszVnVuWml0ekhkQ0x6NGM0OFRYWk91MUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8zNDZhMjMtMTE4MS00YTgwLTlmNTUt
ZGQ3ZDQ3Y2Y1YzE4LzEvVEUzY21KQ05BT19OY0FxMVI2UXVxNkNtY0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8zNDZhMjMtMTE4MS00YTgwLTlmNTUtZGQ3ZDQ3Y2Y1YzE4
LzEveEszVnVuWml0ekhkQ0x6NGM0OFRYWk91MUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZVsMA0G
CSqGSIb3DQEBCwUAA4IBAQBDCupDPGybzctoSy0LXtp8jGwQBtPlxMT4xUk1WZNT
FaL+HfTOAi6GP+cmc6GtTqk5oun6RE7YalYLmlcT4AyWN3PcYyjNBnFJSjUVOZLi
ZMFugCUapxphr3ktGZJhaTGq5JTXgm3oPZzcHZHg3ea/77zh0CKsL54Au5Mnh5se
L7GQXMom8Kt+GypO5CmnkonJlmJV8BmWS6juWLt7zerPrN71srMA/yVVhfm38HxG
TU8lO5sqR7ukxFL8zAX7zd6mI1eDbs8R19Y2sqcNneRbd38MWazt4sC7HzVcPTL4
WYMGRLmlJHFSgX3Pf7IIjeOBZ5OLrdaBmslUgPXDQScT
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:29 2025 by rpki-client