Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/hKxRHcDzhC2IM07uB70p4o8hHn4.roa
File: hKxRHcDzhC2IM07uB70p4o8hHn4.roa (raw, json)
Hash identifier: kq6FMj3mveUu3gSufYev+NdGDgK92RwcjMeQklH3IJ8=
Subject key identifier: 84:AC:51:1D:C0:F3:84:2D:88:33:4E:EE:07:BD:29:E2:8F:21:1E:7E
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018CC7947C13312D8B274779C7883F615FFE
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/hKxRHcDzhC2IM07uB70p4o8hHn4.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.145.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7c:13:31:2d:8b:27:47:79:c7:88:3f:61:5f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84ac511dc0f3842d88334eee07bd29e28f211e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a0:76:55:ba:b7:a8:36:32:02:be:f0:e5:19:
33:2c:90:84:12:88:68:0f:ea:d4:88:6d:c5:3e:1a:
2f:3a:bd:f3:e5:76:c7:a2:69:87:9a:9e:54:19:8e:
17:d1:ce:76:19:4d:67:d5:65:31:ed:53:35:89:fe:
ae:86:96:c4:73:1a:c1:76:a7:9d:13:ba:a5:8a:6a:
c7:9c:84:87:9c:43:b4:87:97:6d:c1:19:71:46:fe:
29:a4:c6:c3:a3:ed:5a:c1:40:40:a9:ca:4d:2a:76:
54:eb:1f:59:9f:55:37:95:c8:59:08:ef:eb:1e:cc:
68:0b:59:63:2f:cb:11:2f:8d:ac:59:8a:e0:3d:c3:
a1:a4:b9:9a:9b:23:b2:ff:92:dd:0a:5d:d7:6c:54:
85:35:da:33:62:c0:c6:42:e2:56:f0:69:6e:ca:c9:
3f:d2:dc:cd:e2:ee:8d:62:ba:c3:2f:8c:24:e7:16:
bc:39:1e:df:30:23:38:ad:e8:7b:62:2c:57:77:d1:
ed:2f:c8:ef:7b:de:14:bf:73:1e:58:a8:e2:51:06:
75:43:08:89:fb:bb:6c:b8:4b:86:a3:0a:87:a1:63:
ea:be:6b:da:c3:f7:86:84:ef:a6:0f:6e:56:d8:f2:
a5:6f:b0:4f:95:74:8b:b7:90:20:82:cf:93:ba:58:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AC:51:1D:C0:F3:84:2D:88:33:4E:EE:07:BD:29:E2:8F:21:1E:7E
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/hKxRHcDzhC2IM07uB70p4o8hHn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.152.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:ae:82:70:2d:02:bd:27:d1:33:0f:8f:ab:d2:b8:42:31:69:
24:ee:64:00:9b:04:bf:50:09:e8:3c:0a:50:00:5e:90:67:61:
26:1d:57:ff:6f:c9:c7:c9:a2:59:3c:3a:28:30:9a:f8:4e:46:
09:40:94:54:af:91:0a:bf:a5:2f:c8:3b:5c:70:0a:f0:c6:a5:
43:6f:bf:18:82:81:05:64:67:16:e8:8c:90:a9:c5:91:3a:6a:
be:35:48:87:12:03:57:8a:f0:fa:5d:3d:c1:0f:9d:39:14:23:
2f:ef:13:f3:39:53:95:64:03:eb:3d:c8:b8:fb:74:bb:e1:49:
1e:5b:35:e4:ee:4e:71:a2:f6:8b:ee:7c:d1:dc:4f:30:f0:fa:
5b:4c:e3:2f:25:f6:56:05:e7:14:60:0d:0f:02:c5:35:44:fe:
e9:e8:41:0e:48:53:b9:a5:09:cd:23:1b:b2:07:e8:2a:9e:61:
c2:e2:e5:85:61:e3:10:c7:28:a3:ad:2d:de:3c:0d:42:31:65:
52:f9:cc:86:c4:a4:63:00:11:64:f7:2e:cc:86:47:f9:f3:eb:
3d:87:d5:66:4d:f6:8e:f5:db:ce:a5:42:19:cd:b0:5e:b3:d0:
63:0f:0c:45:b1:78:38:3d:1e:09:cb:2f:8d:f6:5b:a3:da:f9:
7f:2a:53:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHwTMS2LJ0d5x4g/YV/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFjNTExZGMwZjM4NDJkODgzMzRlZWUwN2JkMjllMjhmMjExZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKB2Vbq3qDYyAr7w5RkzLJCEEoho
D+rUiG3FPhovOr3z5XbHommHmp5UGY4X0c52GU1n1WUx7VM1if6uhpbEcxrBdqed
E7qlimrHnISHnEO0h5dtwRlxRv4ppMbDo+1awUBAqcpNKnZU6x9Zn1U3lchZCO/r
HsxoC1ljL8sRL42sWYrgPcOhpLmamyOy/5LdCl3XbFSFNdozYsDGQuJW8Gluysk/
0tzN4u6NYrrDL4wk5xa8OR7fMCM4reh7YixXd9HtL8jve94Uv3MeWKjiUQZ1QwiJ
+7tsuEuGowqHoWPqvmvaw/eGhO+mD25W2PKlb7BPlXSLt5Aggs+TuljZBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISsUR3A84QtiDNO7ge9KeKPIR5+MB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvaEt4UkhjRHpoQzJJTTA3dUI3MHA0bzhoSG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGYMA0G
CSqGSIb3DQEBCwUAA4IBAQBtroJwLQK9J9EzD4+r0rhCMWkk7mQAmwS/UAnoPApQ
AF6QZ2EmHVf/b8nHyaJZPDooMJr4TkYJQJRUr5EKv6UvyDtccArwxqVDb78YgoEF
ZGcW6IyQqcWROmq+NUiHEgNXivD6XT3BD505FCMv7xPzOVOVZAPrPci4+3S74Uke
WzXk7k5xovaL7nzR3E8w8PpbTOMvJfZWBecUYA0PAsU1RP7p6EEOSFO5pQnNIxuy
B+gqnmHC4uWFYeMQxyijrS3ePA1CMWVS+cyGxKRjABFk9y7Mhkf58+s9h9VmTfaO
9dvOpUIZzbBes9BjDwxFsXg4PR4Jyy+N9luj2vl/KlP9
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:37 2025 by rpki-client