Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/j5SRqvG9WpVu6vV3ga10hT0bqtU.roa
File: j5SRqvG9WpVu6vV3ga10hT0bqtU.roa (raw, json)
Hash identifier: c9XUXyIHqd9Crsw3T+NKSuLPs+z7D1klADF2VW2gEgM=
Subject key identifier: 8F:94:91:AA:F1:BD:5A:95:6E:EA:F5:77:81:AD:74:85:3D:1B:AA:D5
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 018CC4253B8F64C3CA5DEC3BC4796D2A5575
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/j5SRqvG9WpVu6vV3ga10hT0bqtU.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.154.19.0/24 maxlen: 24
45.154.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3b:8f:64:c3:ca:5d:ec:3b:c4:79:6d:2a:55:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f9491aaf1bd5a956eeaf57781ad74853d1baad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cf:d8:b0:a3:f7:75:05:8f:52:12:79:ff:08:
37:74:3c:d2:63:0a:31:a7:7d:44:3b:dc:24:ea:a7:
1e:d9:02:10:dc:bd:05:df:35:bb:63:b7:a0:fb:cd:
c5:c6:c6:1e:82:55:31:46:81:4d:85:4b:c4:54:44:
5f:a9:2f:c9:1d:a6:bd:0e:b5:ef:86:6b:43:4a:9a:
26:99:d6:c1:10:c4:91:69:88:e6:d9:43:45:10:be:
c3:b0:d3:5c:5a:58:d4:84:0e:ca:ed:09:a6:4b:4a:
52:22:4d:7c:50:da:c4:2d:14:5e:b3:17:a6:30:f5:
10:7c:9c:63:e2:96:ff:ad:9a:cb:91:d1:4b:31:1c:
ee:93:d1:5c:2b:5a:2d:38:eb:10:75:77:9f:97:93:
ac:af:58:d9:df:a6:3d:07:88:71:3f:91:78:04:ac:
2a:1e:8c:29:a9:a2:a3:8b:d4:2e:6e:17:f5:36:3d:
b5:43:3d:fe:19:af:9b:cf:eb:78:21:e9:22:97:be:
49:cd:b1:df:7b:22:a9:13:97:f7:d6:2e:1b:c1:18:
36:5f:98:17:01:a0:31:4e:a3:d6:e3:e0:e4:15:2a:
60:4e:61:3e:5c:fc:e9:35:a8:21:fb:97:2e:17:8a:
72:6f:94:68:05:fc:8f:76:57:2b:a9:4f:16:cd:f8:
3e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:94:91:AA:F1:BD:5A:95:6E:EA:F5:77:81:AD:74:85:3D:1B:AA:D5
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/j5SRqvG9WpVu6vV3ga10hT0bqtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.18.0/23
Signature Algorithm: sha256WithRSAEncryption
15:ab:a9:50:03:8d:b1:4c:56:f6:ad:48:24:28:53:2a:90:a3:
1d:37:23:d5:ba:84:f8:c4:06:48:1e:3c:77:1d:d3:4e:26:d7:
db:1a:d1:66:11:67:40:43:6c:68:1e:8d:9a:d2:2c:a4:ce:ad:
f0:00:7b:04:8e:c4:c5:c4:04:6a:61:39:5a:7e:d5:8e:69:9d:
19:97:5b:34:45:d4:78:bf:56:21:88:53:3f:10:5c:cd:60:ff:
d0:2f:40:f7:68:50:1a:61:97:f2:ce:7f:f5:4b:0d:a3:d7:84:
64:d4:ae:f2:d9:b4:44:40:17:18:61:87:6a:d0:c9:6e:37:38:
a8:d3:99:ef:34:62:ab:c7:6b:65:7d:76:5d:77:d3:5f:00:10:
3d:08:0b:92:26:59:07:53:3a:f0:e1:28:ba:64:9b:00:76:e9:
2c:ee:68:f5:af:b9:ca:1c:e9:fb:0e:7e:dd:26:0b:97:08:b8:
d1:14:7c:36:63:94:39:32:da:88:00:cc:70:da:fa:dc:c2:3c:
ed:ea:3e:78:48:0b:f4:6d:45:05:c4:05:80:8e:2b:e0:ee:11:
a2:74:52:f0:79:43:9e:3a:39:c3:09:b4:95:20:83:91:e4:2f:
47:56:e0:ce:65:8d:dc:23:4f:c6:66:01:cc:79:6c:dc:bf:45:
ce:5e:39:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJTuPZMPKXew7xHltKlV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzhlYzZiMGI5NjlhYTIyMjhmMTI1ZWRhYTQxOWJhY2Ri
YmYyNWIwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk0OTFhYWYxYmQ1YTk1NmVlYWY1Nzc4MWFkNzQ4NTNkMWJhYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM/YsKP3dQWPUhJ5/wg3dDzSYwox
p31EO9wk6qce2QIQ3L0F3zW7Y7eg+83FxsYeglUxRoFNhUvEVERfqS/JHaa9DrXv
hmtDSpommdbBEMSRaYjm2UNFEL7DsNNcWljUhA7K7QmmS0pSIk18UNrELRResxem
MPUQfJxj4pb/rZrLkdFLMRzuk9FcK1otOOsQdXefl5Osr1jZ36Y9B4hxP5F4BKwq
HowpqaKji9Qubhf1Nj21Qz3+Ga+bz+t4Iekil75JzbHfeyKpE5f31i4bwRg2X5gX
AaAxTqPW4+DkFSpgTmE+XPzpNagh+5cuF4pyb5RoBfyPdlcrqU8Wzfg+4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+UkarxvVqVbur1d4GtdIU9G6rVMB8GA1UdIwQY
MBaAFN947GsLlpqiIo8SXtqkGbrNu/JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTIt
N2U4YzU1MjZkZTdlLzEvajVTUnF2RzlXcFZ1NnZWM2dhMTBoVDBicXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTItN2U4YzU1MjZkZTdl
LzEvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZoSMA0G
CSqGSIb3DQEBCwUAA4IBAQAVq6lQA42xTFb2rUgkKFMqkKMdNyPVuoT4xAZIHjx3
HdNOJtfbGtFmEWdAQ2xoHo2a0iykzq3wAHsEjsTFxARqYTlaftWOaZ0Zl1s0RdR4
v1YhiFM/EFzNYP/QL0D3aFAaYZfyzn/1Sw2j14Rk1K7y2bREQBcYYYdq0MluNzio
05nvNGKrx2tlfXZdd9NfABA9CAuSJlkHUzrw4Si6ZJsAduks7mj1r7nKHOn7Dn7d
JguXCLjRFHw2Y5Q5MtqIAMxw2vrcwjzt6j54SAv0bUUFxAWAjivg7hGidFLweUOe
OjnDCbSVIIOR5C9HVuDOZY3cI0/GZgHMeWzcv0XOXjnQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:06:55 2025 by rpki-client