Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/uasE22S8x4oSlg2M_IKVpJnvcl8.roa
File: uasE22S8x4oSlg2M_IKVpJnvcl8.roa (raw, json)
Hash identifier: QtGQRWUZoL910hi+NOpgFAGpNAi6y8uuC7M4jDScYLM=
Subject key identifier: B9:AB:04:DB:64:BC:C7:8A:12:96:0D:8C:FC:82:95:A4:99:EF:72:5F
Certificate issuer: /CN=f97fdecadb3261334387cf091d02e0713b781d31
Certificate serial: 018CC348FD296E2CCBEC3C8B784E541D8D3B
Authority key identifier: F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/uasE22S8x4oSlg2M_IKVpJnvcl8.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51185
IP address blocks: 45.13.144.0/23 maxlen: 23
45.13.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fd:29:6e:2c:cb:ec:3c:8b:78:4e:54:1d:8d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97fdecadb3261334387cf091d02e0713b781d31
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9ab04db64bcc78a12960d8cfc8295a499ef725f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:19:19:5c:51:8b:11:8f:99:e6:b5:9a:13:c4:
c3:64:69:af:cb:81:1a:4c:eb:cd:7d:1b:28:72:73:
09:6b:db:1f:25:00:56:65:25:9a:5a:7d:f0:60:c6:
73:d1:56:ce:d8:8a:f8:9b:94:b8:02:fe:f9:16:f5:
5f:c7:48:8f:9f:f0:06:32:2a:27:90:80:9c:2d:80:
4a:6c:09:08:4d:64:a1:c8:7a:97:80:a4:7a:51:e8:
c7:a5:78:fb:d5:b5:69:56:ed:43:ee:b4:77:26:0d:
68:e9:73:d1:18:ca:13:4c:be:1d:b5:7f:24:4b:f1:
62:7a:2b:51:8c:41:59:90:01:f3:22:15:42:ec:e3:
12:94:01:e7:22:24:da:f7:1f:6b:92:39:db:54:a2:
bc:34:ba:67:08:bd:43:3b:3f:8a:5b:71:48:2f:ff:
04:e7:f0:68:48:5d:74:a2:ac:e1:b0:1a:8f:e9:41:
d3:05:91:20:2f:ac:db:7e:57:64:54:fa:05:68:10:
eb:35:64:25:45:98:51:a9:b7:43:0e:91:c3:d5:b5:
29:36:d1:52:57:7c:52:fb:00:d1:53:e5:24:c8:0f:
36:de:f2:c6:c9:3c:4b:08:2f:95:56:9e:76:d0:0b:
25:7c:a6:22:90:10:54:e0:97:5a:85:24:dc:2f:59:
04:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AB:04:DB:64:BC:C7:8A:12:96:0D:8C:FC:82:95:A4:99:EF:72:5F
X509v3 Authority Key Identifier:
keyid:F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/uasE22S8x4oSlg2M_IKVpJnvcl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/1-X_eytsyYTNDh88JHQLgcTt4HTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.144.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:7c:ed:08:0f:20:17:56:2f:57:ba:80:fc:d6:49:5d:76:d3:
a0:d1:fd:40:4f:70:c3:db:a2:df:29:cd:fc:fa:16:bb:8a:8d:
61:63:1f:39:e8:e9:b8:9d:91:a3:c2:29:c7:29:d5:45:00:c4:
9d:93:8c:4a:b9:18:00:70:15:de:2e:a6:d8:59:d8:1e:35:c1:
a1:28:94:82:f2:68:d7:71:7d:2e:5f:3a:4f:57:71:10:bc:84:
48:8d:54:9b:b2:cc:20:e4:ab:ec:6a:4c:9b:99:2d:ce:cc:f1:
73:21:2c:7c:ec:b5:d7:fd:6c:02:b7:dd:18:80:7d:26:c2:27:
3c:48:17:39:db:c8:3c:e6:c4:91:97:b1:29:ad:c5:ab:54:7e:
78:d6:08:4d:87:e2:c1:16:e6:da:ed:55:ae:64:27:05:ad:85:
ba:06:17:b8:9b:73:3c:cb:eb:b5:ec:0c:ee:73:35:e5:7d:28:
ad:2e:a3:c0:02:dd:b0:3e:74:22:05:d5:db:c5:67:80:12:0d:
4e:d8:e7:58:e6:f6:96:b2:4a:e2:e7:cb:20:4a:57:07:c5:8a:
f4:0d:bb:62:ab:44:77:70:94:47:39:8a:69:cd:1e:c0:cc:90:
e9:77:a0:e4:f6:90:46:24:ee:cd:fb:9e:66:a0:c0:58:21:81:
c6:cf:82:a7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDSP0pbizL7DyLeE5UHY07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2ZkZWNhZGIzMjYxMzM0Mzg3Y2YwOTFkMDJlMDcxM2I3
ODFkMzEwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFiMDRkYjY0YmNjNzhhMTI5NjBkOGNmYzgyOTVhNDk5ZWY3MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxkZXFGLEY+Z5rWaE8TDZGmvy4Ea
TOvNfRsocnMJa9sfJQBWZSWaWn3wYMZz0VbO2Ir4m5S4Av75FvVfx0iPn/AGMion
kICcLYBKbAkITWShyHqXgKR6UejHpXj71bVpVu1D7rR3Jg1o6XPRGMoTTL4dtX8k
S/FieitRjEFZkAHzIhVC7OMSlAHnIiTa9x9rkjnbVKK8NLpnCL1DOz+KW3FIL/8E
5/BoSF10oqzhsBqP6UHTBZEgL6zbfldkVPoFaBDrNWQlRZhRqbdDDpHD1bUpNtFS
V3xS+wDRU+UkyA823vLGyTxLCC+VVp520AslfKYikBBU4JdahSTcL1kEdwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLmrBNtkvMeKEpYNjPyClaSZ73JfMB8GA1UdIwQY
MBaAFPl/3srbMmEzQ4fPCR0C4HE7eB0xMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YX2V5dHN5WVRORGg4OEpIUUxnY1R0NEhURS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQz
LWViN2JmMmJkZGQwOC8xL3Vhc0UyMlM4eDRvU2xnMk1fSUtWcEpudmNsOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQzLWViN2JmMmJkZGQw
OC8xLzEtWF9leXRzeVlUTkRoODhKSFFMZ2NUdDRIVEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItDZAw
DQYJKoZIhvcNAQELBQADggEBACx87QgPIBdWL1e6gPzWSV1206DR/UBPcMPbot8p
zfz6FruKjWFjHzno6bidkaPCKccp1UUAxJ2TjEq5GABwFd4upthZ2B41waEolILy
aNdxfS5fOk9XcRC8hEiNVJuyzCDkq+xqTJuZLc7M8XMhLHzstdf9bAK33RiAfSbC
JzxIFznbyDzmxJGXsSmtxatUfnjWCE2H4sEW5trtVa5kJwWthboGF7ibczzL67Xs
DO5zNeV9KK0uo8AC3bA+dCIF1dvFZ4ASDU7Y51jm9paySuLnyyBKVwfFivQNu2Kr
RHdwlEc5imnNHsDMkOl3oOT2kEYk7s37nmagwFghgcbPgqc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:33 2025 by rpki-client