Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/YrCZYwRuulnrEVDNxwsXId-vzWc.roa
File: YrCZYwRuulnrEVDNxwsXId-vzWc.roa (raw, json)
Hash identifier: JqsaTILgSRVF3/529r6o0bKqldPKaofIUXqrGwXTtt0=
Subject key identifier: 62:B0:99:63:04:6E:BA:59:EB:11:50:CD:C7:0B:17:21:DF:AF:CD:67
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 019391F6CA1E29A61888C719DD8D2BFB2364
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/YrCZYwRuulnrEVDNxwsXId-vzWc.roa
Signing time: Wed 04 Dec 2024 13:58:10 +0000
ROA not before: Wed 04 Dec 2024 13:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207045
IP address blocks: 45.154.47.0/24 maxlen: 24
195.96.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:f6:ca:1e:29:a6:18:88:c7:19:dd:8d:2b:fb:23:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Dec 4 13:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62b09963046eba59eb1150cdc70b1721dfafcd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c1:03:e5:51:d8:42:c8:d2:5e:c6:83:e2:7b:
50:24:a0:e3:39:cd:e8:16:f3:9f:ca:f6:8f:e0:30:
93:54:be:c4:e9:d2:9a:e7:81:e1:16:ee:6a:11:74:
41:b5:75:2e:6a:ec:52:72:7e:ad:3a:4e:66:33:ae:
23:73:8b:47:b5:de:b7:df:8c:7d:d5:c4:dd:f8:6f:
75:b7:03:31:33:70:a0:53:4c:08:73:cb:1e:e0:c7:
76:d7:9e:73:eb:d8:17:db:5a:3f:47:eb:2c:0c:22:
24:5c:53:cf:c4:01:63:c1:56:5a:c7:8c:21:d6:dd:
8f:58:62:84:fd:dc:a3:b4:d1:2f:fc:b2:6b:68:45:
47:cd:d2:92:1f:f2:e3:ef:46:1e:67:98:61:ba:fb:
77:ff:bd:5b:3c:0f:e9:0c:4e:7b:3c:7a:c0:a7:d1:
62:73:a6:46:8e:69:86:99:22:cd:14:06:78:63:c3:
66:4a:0b:8f:56:a3:9c:a9:16:e8:1b:68:a5:0d:01:
f3:20:80:0f:f8:68:10:45:b5:6a:d0:9b:65:0d:90:
5a:5f:f0:9e:61:76:f9:e0:f2:03:b5:eb:b7:30:6a:
e9:a9:9f:32:e8:f3:e0:20:81:9c:78:0f:48:aa:36:
4e:18:22:80:96:8e:b7:08:6c:60:e5:b4:54:e9:b8:
48:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B0:99:63:04:6E:BA:59:EB:11:50:CD:C7:0B:17:21:DF:AF:CD:67
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/YrCZYwRuulnrEVDNxwsXId-vzWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.47.0/24
195.96.158.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a0:1f:e1:5a:49:9e:5d:81:1d:fa:42:ed:a6:99:e8:a0:08:
38:70:25:0e:89:eb:df:13:4e:67:2d:a7:10:82:aa:28:47:5a:
cf:0d:11:6b:29:20:16:0d:87:00:ff:cd:63:d0:d1:3c:ff:8c:
91:9d:0c:e0:07:16:34:94:dc:58:dd:0b:41:2f:75:00:7b:05:
99:f0:a9:5f:f6:eb:be:bd:ff:97:17:3c:cb:89:09:eb:b1:ac:
b1:55:53:e2:26:23:27:a9:74:4a:ca:64:1f:cf:c8:63:8f:f3:
51:95:dd:0f:0d:40:2c:e1:9b:7f:74:92:ca:09:a8:c5:9c:dd:
c7:fb:0b:2d:11:db:e0:72:df:55:39:57:c8:7b:ac:17:d2:cc:
c0:5c:9b:e8:d5:e0:53:40:0e:47:ab:e6:e1:54:da:53:a5:27:
ad:cc:f0:fd:39:a3:8a:33:b7:44:5d:4b:8d:8a:c8:e9:c0:f2:
53:3e:dc:5b:60:bd:e2:a5:7f:d8:83:94:56:75:bb:38:cb:97:
34:9b:1e:20:a8:ee:1a:a9:f1:89:d5:42:7c:4a:6c:e1:8b:e9:
fa:c7:19:ea:fe:9f:10:a9:87:a5:66:06:60:29:3d:2f:b6:ad:
de:bd:32:c1:50:38:c7:88:38:d5:8e:bf:37:c8:e3:93:64:e4:
79:de:e0:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOR9soeKaYYiMcZ3Y0r+yNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjQxMjA0MTM1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIwOTk2MzA0NmViYTU5ZWIxMTUwY2RjNzBiMTcyMWRmYWZjZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08ED5VHYQsjSXsaD4ntQJKDjOc3o
FvOfyvaP4DCTVL7E6dKa54HhFu5qEXRBtXUuauxScn6tOk5mM64jc4tHtd6334x9
1cTd+G91twMxM3CgU0wIc8se4Md2155z69gX21o/R+ssDCIkXFPPxAFjwVZax4wh
1t2PWGKE/dyjtNEv/LJraEVHzdKSH/Lj70YeZ5hhuvt3/71bPA/pDE57PHrAp9Fi
c6ZGjmmGmSLNFAZ4Y8NmSguPVqOcqRboG2ilDQHzIIAP+GgQRbVq0JtlDZBaX/Ce
YXb54PIDteu3MGrpqZ8y6PPgIIGceA9IqjZOGCKAlo63CGxg5bRU6bhI+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGKwmWMEbrpZ6xFQzccLFyHfr81nMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvWXJDWll3UnV1bG5yRVZETnh3c1hJZC12eldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZovAwQA
w2CeMA0GCSqGSIb3DQEBCwUAA4IBAQByoB/hWkmeXYEd+kLtppnooAg4cCUOievf
E05nLacQgqooR1rPDRFrKSAWDYcA/81j0NE8/4yRnQzgBxY0lNxY3QtBL3UAewWZ
8Klf9uu+vf+XFzzLiQnrsayxVVPiJiMnqXRKymQfz8hjj/NRld0PDUAs4Zt/dJLK
CajFnN3H+wstEdvgct9VOVfIe6wX0szAXJvo1eBTQA5Hq+bhVNpTpSetzPD9OaOK
M7dEXUuNisjpwPJTPtxbYL3ipX/Yg5RWdbs4y5c0mx4gqO4aqfGJ1UJ8Smzhi+n6
xxnq/p8QqYelZgZgKT0vtq3evTLBUDjHiDjVjr83yOOTZOR53uCT
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:47 2025 by rpki-client