Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/y8iYUkz9jYdwVRZT0iWOVSwV90w.roa
File: y8iYUkz9jYdwVRZT0iWOVSwV90w.roa (raw, json)
Hash identifier: sUx5I10tcOWbV7uFCL8OG8lSTWDQ6gTCWxg/sFAiDSo=
Subject key identifier: CB:C8:98:52:4C:FD:8D:87:70:55:16:53:D2:25:8E:55:2C:15:F7:4C
Certificate issuer: /CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Certificate serial: 018CC2DB63EE71142C33FA638CD87E0D1CC1
Authority key identifier: 25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/y8iYUkz9jYdwVRZT0iWOVSwV90w.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.143.132.0/24 maxlen: 24
45.143.133.0/24 maxlen: 24
45.143.134.0/24 maxlen: 24
45.143.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:63:ee:71:14:2c:33:fa:63:8c:d8:7e:0d:1c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbc898524cfd8d8770551653d2258e552c15f74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d0:a1:d4:9c:2d:21:a7:6b:b0:c2:16:60:32:
e3:5b:00:ca:0f:f3:c1:73:9a:6d:37:38:cf:31:2a:
6f:62:5c:12:bd:d8:2a:c6:30:28:e9:96:fc:b6:1d:
c7:c4:8d:90:f2:a7:44:90:ad:59:5c:49:96:a8:0c:
ea:52:86:39:54:57:d8:ea:34:4c:95:3f:54:f1:4e:
ff:01:18:8e:cb:35:4b:89:a4:b6:84:83:93:8e:4d:
5c:ee:1a:8f:c5:76:43:7b:7e:d0:58:ce:a9:a9:2e:
f2:5a:8e:16:0e:3c:32:9d:65:da:86:b6:1e:0b:7e:
8b:4d:99:f1:22:90:d8:d1:d4:a5:ee:c3:3f:5e:15:
ed:b9:50:8e:6d:a4:fe:fd:51:53:12:6d:02:26:47:
c2:94:86:a8:ab:b2:87:fd:8b:af:52:fe:95:b4:16:
da:97:fb:3e:4a:6c:78:04:d2:30:51:c8:53:f4:f3:
5c:ab:39:37:5e:69:d9:84:91:f2:86:26:e4:01:f9:
72:3b:59:97:28:34:26:dc:7c:84:82:fe:02:a7:3d:
f1:3e:e5:f4:b3:31:49:01:25:e0:a1:3e:13:bf:ec:
04:41:c6:fa:9f:d0:43:c2:ad:1e:70:70:e2:dd:4f:
07:86:7d:f9:fe:84:09:18:06:6c:1e:df:24:41:1a:
0f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C8:98:52:4C:FD:8D:87:70:55:16:53:D2:25:8E:55:2C:15:F7:4C
X509v3 Authority Key Identifier:
keyid:25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/y8iYUkz9jYdwVRZT0iWOVSwV90w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/JQ599DyC0SChPTyGXx8G9JZEseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.132.0/22
Signature Algorithm: sha256WithRSAEncryption
28:8f:52:5d:31:3c:87:6d:8f:8f:b9:51:fe:98:0f:66:ee:a8:
01:40:8f:7d:13:e4:a8:b9:3d:96:77:36:37:dc:64:25:02:ec:
92:96:ef:56:be:43:6b:78:15:f2:27:84:1e:90:a6:fe:6a:49:
d4:18:ad:44:9e:94:aa:73:15:a5:c1:f8:c4:e9:1f:bb:50:86:
cf:85:18:c2:c9:59:34:26:33:ba:a4:1c:c7:4e:89:d7:e0:c7:
2c:51:0a:5d:eb:ac:b9:85:c3:48:31:03:8d:78:b8:8e:69:20:
1b:0d:9a:96:5e:65:6e:35:31:90:1c:9c:b3:b5:53:92:01:bb:
b8:82:f0:54:ad:f0:06:c9:58:92:db:22:6f:a9:a7:b3:c2:24:
13:9c:aa:b1:d1:9a:b1:2e:8a:1d:a9:0e:be:39:d5:7f:44:7d:
09:2b:12:db:d9:00:0d:5d:0f:88:0b:29:a3:31:e5:ae:64:d7:
9a:01:4b:0a:cb:b8:93:a1:0e:98:be:27:b0:7c:6f:c6:73:ff:
f8:3e:e7:8e:95:77:62:93:0d:b2:cd:b8:b3:ed:72:27:1f:1e:
9c:3d:38:cd:52:62:27:f7:1c:8b:79:51:06:91:c9:46:47:21:
68:81:e8:42:04:f5:8a:7f:be:5b:ae:24:81:ee:6d:68:09:2d:
57:09:29:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22PucRQsM/pjjNh+DRzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGU3ZGY0M2M4MmQxMjBhMTNkM2M4NjVmMWYwNmY0OTY0
NGIxZTEwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM4OTg1MjRjZmQ4ZDg3NzA1NTE2NTNkMjI1OGU1NTJjMTVmNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNCh1JwtIadrsMIWYDLjWwDKD/PB
c5ptNzjPMSpvYlwSvdgqxjAo6Zb8th3HxI2Q8qdEkK1ZXEmWqAzqUoY5VFfY6jRM
lT9U8U7/ARiOyzVLiaS2hIOTjk1c7hqPxXZDe37QWM6pqS7yWo4WDjwynWXahrYe
C36LTZnxIpDY0dSl7sM/XhXtuVCObaT+/VFTEm0CJkfClIaoq7KH/YuvUv6VtBba
l/s+Smx4BNIwUchT9PNcqzk3XmnZhJHyhibkAflyO1mXKDQm3HyEgv4Cpz3xPuX0
szFJASXgoT4Tv+wEQcb6n9BDwq0ecHDi3U8Hhn35/oQJGAZsHt8kQRoPkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvImFJM/Y2HcFUWU9IljlUsFfdMMB8GA1UdIwQY
MBaAFCUOffQ8gtEgoT08hl8fBvSWRLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYt
NGE5YmIyZmU3MzMxLzEveThpWVVrejlqWWR3VlJaVDBpV09WU3dWOTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMx
LzEvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY+EMA0G
CSqGSIb3DQEBCwUAA4IBAQAoj1JdMTyHbY+PuVH+mA9m7qgBQI99E+SouT2WdzY3
3GQlAuySlu9WvkNreBXyJ4QekKb+aknUGK1EnpSqcxWlwfjE6R+7UIbPhRjCyVk0
JjO6pBzHTonX4McsUQpd66y5hcNIMQONeLiOaSAbDZqWXmVuNTGQHJyztVOSAbu4
gvBUrfAGyViS2yJvqaezwiQTnKqx0ZqxLoodqQ6+OdV/RH0JKxLb2QANXQ+ICymj
MeWuZNeaAUsKy7iToQ6YviewfG/Gc//4PueOlXdikw2yzbiz7XInHx6cPTjNUmIn
9xyLeVEGkclGRyFogehCBPWKf75briSB7m1oCS1XCSnR
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:52 2025 by rpki-client