Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/sqKoETBcFac-VGDGtJz3OLHTmHk.roa
File: sqKoETBcFac-VGDGtJz3OLHTmHk.roa (raw, json)
Hash identifier: u6ifDxz33bAlx3Np7O78Fz/K7FQyI17dhNCEocan+F0=
Subject key identifier: B2:A2:A8:11:30:5C:15:A7:3E:54:60:C6:B4:9C:F7:38:B1:D3:98:79
Certificate issuer: /CN=f143d13c7bbd2aa15f5677c139ac33c867879f2c
Certificate serial: 0193D995F55C7785A800CD5CE00FADA73035
Authority key identifier: F1:43:D1:3C:7B:BD:2A:A1:5F:56:77:C1:39:AC:33:C8:67:87:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UPRPHu9KqFfVnfBOawzyGeHnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/sqKoETBcFac-VGDGtJz3OLHTmHk.roa
Signing time: Wed 18 Dec 2024 11:45:03 +0000
ROA not before: Wed 18 Dec 2024 11:45:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56701
IP address blocks: 45.157.212.0/24 maxlen: 24
45.157.213.0/24 maxlen: 24
45.157.214.0/24 maxlen: 24
45.157.215.0/24 maxlen: 24
77.73.234.0/24 maxlen: 24
178.236.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:95:f5:5c:77:85:a8:00:cd:5c:e0:0f:ad:a7:30:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f143d13c7bbd2aa15f5677c139ac33c867879f2c
Validity
Not Before: Dec 18 11:45:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2a2a811305c15a73e5460c6b49cf738b1d39879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:eb:66:07:9f:c8:f5:9e:ef:60:35:31:cd:
2d:53:84:db:fa:bd:a1:3e:83:ef:49:8e:91:2d:85:
90:3f:20:2f:f5:52:3b:28:28:1d:1c:47:c7:bb:c8:
c6:a1:97:8f:03:77:08:2f:b1:63:27:8c:40:a5:b1:
fd:28:25:b7:0d:42:85:82:f0:e7:2c:e2:3d:08:42:
2d:45:69:d1:17:e2:96:92:7c:df:ec:90:c0:ad:7a:
9a:c8:e4:94:6f:c0:83:7e:9d:5b:15:f3:bf:6b:0e:
6d:57:fa:2e:17:d2:18:d6:dc:e3:60:77:1d:97:38:
b3:4f:db:b3:33:93:67:d0:c3:89:30:65:b0:f9:09:
9e:b4:f0:00:a4:58:85:64:15:52:f1:09:62:af:5a:
45:95:78:54:c2:74:9e:44:c2:b5:19:41:c2:31:c2:
a1:d0:db:e6:8d:54:b4:95:c8:f2:cd:70:9c:9b:db:
58:31:bf:9b:8d:57:ff:3a:aa:4e:59:9f:f9:b4:f4:
ff:65:c4:a4:57:61:2c:0c:64:ab:ec:45:53:e3:a3:
38:fb:dd:00:6a:81:36:36:d0:63:5a:6c:37:c8:a4:
ad:51:93:9c:1b:5f:da:f0:46:93:74:92:f4:97:66:
ee:3a:e4:bd:e4:a4:d4:db:2b:57:5a:f0:4b:7f:aa:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A2:A8:11:30:5C:15:A7:3E:54:60:C6:B4:9C:F7:38:B1:D3:98:79
X509v3 Authority Key Identifier:
keyid:F1:43:D1:3C:7B:BD:2A:A1:5F:56:77:C1:39:AC:33:C8:67:87:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UPRPHu9KqFfVnfBOawzyGeHnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/sqKoETBcFac-VGDGtJz3OLHTmHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/8UPRPHu9KqFfVnfBOawzyGeHnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.212.0/22
77.73.234.0/24
178.236.29.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7e:6e:04:c5:da:ef:72:9b:4c:8f:fb:bf:c5:bc:43:84:89:
cf:7f:f4:8f:1d:db:53:c0:21:39:b0:9a:89:9b:f9:a4:c6:a7:
63:7f:0e:08:e2:f4:17:6e:3e:e0:49:bc:69:51:5b:7f:33:fb:
9d:ab:bf:16:df:41:e1:4e:00:e6:30:56:08:25:12:7e:be:3f:
73:17:24:fd:d5:c7:c4:41:f4:07:8b:87:44:2a:06:35:e0:22:
f9:b3:56:29:f9:ed:ae:3c:49:92:1c:a4:46:71:9b:f7:94:25:
26:64:c2:b6:63:10:e3:03:eb:e1:83:3c:3a:c4:f0:8a:a4:84:
1d:fe:64:8a:15:ea:b3:77:20:27:fe:f8:fc:1c:77:3a:da:64:
a4:bc:f0:0d:a6:44:db:f1:10:a5:b0:e8:2e:74:76:1f:7f:e1:
7c:61:86:94:0f:67:0b:88:fb:bd:43:37:34:bd:69:17:54:17:
ba:fc:f0:f9:b6:2a:2c:8e:d5:b4:7f:17:35:2a:7e:e6:1c:63:
f7:76:12:a5:e1:3a:f4:b0:d8:3c:22:38:61:17:f4:9d:02:ab:
2b:81:c5:d2:32:27:72:e7:18:d7:49:05:61:a7:8d:4b:6e:e5:
ab:97:52:c1:74:5f:fb:f1:1a:fe:db:e6:58:58:ee:54:6d:8e:
cd:3f:67:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPZlfVcd4WoAM1c4A+tpzA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDNkMTNjN2JiZDJhYTE1ZjU2NzdjMTM5YWMzM2M4Njc4
NzlmMmMwHhcNMjQxMjE4MTE0NTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmEyYTgxMTMwNWMxNWE3M2U1NDYwYzZiNDljZjczOGIxZDM5ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYbrZgefyPWe72A1Mc0tU4Tb+r2h
PoPvSY6RLYWQPyAv9VI7KCgdHEfHu8jGoZePA3cIL7FjJ4xApbH9KCW3DUKFgvDn
LOI9CEItRWnRF+KWknzf7JDArXqayOSUb8CDfp1bFfO/aw5tV/ouF9IY1tzjYHcd
lzizT9uzM5Nn0MOJMGWw+QmetPAApFiFZBVS8Qlir1pFlXhUwnSeRMK1GUHCMcKh
0NvmjVS0lcjyzXCcm9tYMb+bjVf/OqpOWZ/5tPT/ZcSkV2EsDGSr7EVT46M4+90A
aoE2NtBjWmw3yKStUZOcG1/a8EaTdJL0l2buOuS95KTU2ytXWvBLf6pyfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLKiqBEwXBWnPlRgxrSc9zix05h5MB8GA1UdIwQY
MBaAFPFD0Tx7vSqhX1Z3wTmsM8hnh58sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVQUlBIdTlLcUZmVm5mQk9hd3p5R2VIbnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MzU5Y2UtYmJkNC00MjUzLTk0NjQt
YTE0NmExYjAxZjhmLzEvc3FLb0VUQmNGYWMtVkdER3RKejNPTEhUbUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MzU5Y2UtYmJkNC00MjUzLTk0NjQtYTE0NmExYjAxZjhm
LzEvOFVQUlBIdTlLcUZmVm5mQk9hd3p5R2VIbnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZ3UAwQA
TUnqAwQAsuwdMA0GCSqGSIb3DQEBCwUAA4IBAQAwfm4ExdrvcptMj/u/xbxDhInP
f/SPHdtTwCE5sJqJm/mkxqdjfw4I4vQXbj7gSbxpUVt/M/udq78W30HhTgDmMFYI
JRJ+vj9zFyT91cfEQfQHi4dEKgY14CL5s1Yp+e2uPEmSHKRGcZv3lCUmZMK2YxDj
A+vhgzw6xPCKpIQd/mSKFeqzdyAn/vj8HHc62mSkvPANpkTb8RClsOgudHYff+F8
YYaUD2cLiPu9Qzc0vWkXVBe6/PD5tiosjtW0fxc1Kn7mHGP3dhKl4Tr0sNg8Ijhh
F/SdAqsrgcXSMidy5xjXSQVhp41LbuWrl1LBdF/78Rr+2+ZYWO5UbY7NP2dd
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:28 2025 by rpki-client