Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/oXjm0DNen0jgUp68De2a-G8hDxE.roa
File: oXjm0DNen0jgUp68De2a-G8hDxE.roa (raw, json)
Hash identifier: OfFbNr5Vq3HJMn6E+72n4BkAGALkI1RDG/ffnbLVGd8=
Subject key identifier: A1:78:E6:D0:33:5E:9F:48:E0:52:9E:BC:0D:ED:9A:F8:6F:21:0F:11
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 019174641878D4F48D2CA8E1A73D9EBD9D5E
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/oXjm0DNen0jgUp68De2a-G8hDxE.roa
Signing time: Wed 21 Aug 2024 10:03:22 +0000
ROA not before: Wed 21 Aug 2024 10:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 45.157.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:64:18:78:d4:f4:8d:2c:a8:e1:a7:3d:9e:bd:9d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Aug 21 10:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a178e6d0335e9f48e0529ebc0ded9af86f210f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:92:da:bd:c8:ce:36:8a:2c:03:70:b9:2d:
69:8c:85:77:e4:38:74:80:9e:28:8a:88:0e:a7:34:
f0:8a:fc:fa:74:4d:4a:08:50:91:b0:dc:38:6d:38:
94:e9:f8:bf:87:d9:d2:72:24:c6:c3:fe:6a:65:f6:
45:2f:a1:cd:2d:f7:39:8c:51:3a:ca:2a:7c:f5:29:
99:fd:ce:70:fb:17:8f:32:c8:b8:05:84:f1:a4:ea:
c0:35:a2:e1:33:68:6b:bc:35:62:01:71:ad:d3:12:
04:df:a1:c7:e3:bc:20:8e:06:42:5d:84:c4:2d:9f:
1a:db:e7:2f:48:9f:6c:e4:2f:52:4c:92:84:88:8a:
ff:9b:74:60:07:cc:94:ab:18:32:c1:f8:9b:bd:3d:
30:51:1e:a5:ec:31:c7:95:8b:5a:cc:53:e2:05:b9:
85:e6:d6:c1:bf:80:48:02:bb:64:d6:8f:d7:a8:0d:
4f:49:46:d8:0a:d4:97:fd:68:56:a4:76:40:bf:c6:
3d:25:ab:e7:68:39:83:37:97:81:2f:21:3b:1c:08:
a2:e5:70:7a:3a:8d:e8:64:72:9b:a9:75:f2:87:38:
35:cf:a8:9b:e3:55:9a:4a:f8:48:f6:a8:d8:2e:b2:
fe:61:94:a5:c6:91:c1:a9:64:08:60:47:4b:58:1a:
dd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:78:E6:D0:33:5E:9F:48:E0:52:9E:BC:0D:ED:9A:F8:6F:21:0F:11
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/oXjm0DNen0jgUp68De2a-G8hDxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:5f:20:cd:1c:6d:32:91:53:ac:02:b1:28:5e:55:3e:a3:2f:
ea:73:dd:2b:20:fe:de:98:0e:55:a3:6a:4f:e9:67:0b:75:ee:
95:98:8e:da:13:6b:e9:07:66:df:c1:4a:a9:68:3a:67:df:73:
ec:19:2f:89:8a:08:a4:68:75:f2:24:90:f6:1a:00:a2:27:67:
2c:99:d8:5e:41:51:98:68:64:25:ec:c6:48:48:4e:09:04:98:
c6:6a:47:8e:8c:04:7d:6f:b4:52:b3:e0:00:f7:3b:ac:35:15:
cf:1a:ca:37:c3:75:28:77:55:a3:20:3e:5e:85:e6:e1:e1:1c:
91:43:5e:ab:fc:0a:be:ca:e4:92:53:42:89:62:68:2d:e9:8a:
e7:de:41:a4:d8:db:5d:52:74:35:6f:0f:01:1d:fa:43:b1:95:
98:c9:88:4f:4d:17:ee:5a:fc:b3:0e:bc:bd:49:55:39:24:ed:
75:ab:3a:c1:bb:0a:3c:ee:53:9a:96:12:f5:c3:ac:7b:a4:39:
bd:50:9c:a7:f9:82:d5:ba:99:96:79:14:a7:58:cb:fa:56:d9:
00:dd:0f:1c:4e:bf:80:49:6f:5b:f4:32:71:9e:e6:8e:c4:ab:
b7:a4:47:1c:9f:7b:21:b5:c4:fc:4f:a1:09:3d:9a:c8:33:1b:
df:84:34:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF0ZBh41PSNLKjhpz2evZ1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjQwODIxMTAwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc4ZTZkMDMzNWU5ZjQ4ZTA1MjllYmMwZGVkOWFmODZmMjEwZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmOS2r3IzjaKLANwuS1pjIV35Dh0
gJ4oiogOpzTwivz6dE1KCFCRsNw4bTiU6fi/h9nSciTGw/5qZfZFL6HNLfc5jFE6
yip89SmZ/c5w+xePMsi4BYTxpOrANaLhM2hrvDViAXGt0xIE36HH47wgjgZCXYTE
LZ8a2+cvSJ9s5C9STJKEiIr/m3RgB8yUqxgywfibvT0wUR6l7DHHlYtazFPiBbmF
5tbBv4BIArtk1o/XqA1PSUbYCtSX/WhWpHZAv8Y9JavnaDmDN5eBLyE7HAii5XB6
Oo3oZHKbqXXyhzg1z6ib41WaSvhI9qjYLrL+YZSlxpHBqWQIYEdLWBrdqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKF45tAzXp9I4FKevA3tmvhvIQ8RMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvb1hqbTBETmVuMGpnVXA2OERlMmEtRzhoRHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0LMA0G
CSqGSIb3DQEBCwUAA4IBAQBPXyDNHG0ykVOsArEoXlU+oy/qc90rIP7emA5Vo2pP
6WcLde6VmI7aE2vpB2bfwUqpaDpn33PsGS+JigikaHXyJJD2GgCiJ2csmdheQVGY
aGQl7MZISE4JBJjGakeOjAR9b7RSs+AA9zusNRXPGso3w3Uod1WjID5ehebh4RyR
Q16r/Aq+yuSSU0KJYmgt6Yrn3kGk2NtdUnQ1bw8BHfpDsZWYyYhPTRfuWvyzDry9
SVU5JO11qzrBuwo87lOalhL1w6x7pDm9UJyn+YLVupmWeRSnWMv6VtkA3Q8cTr+A
SW9b9DJxnuaOxKu3pEccn3shtcT8T6EJPZrIMxvfhDSt
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:47 2025 by rpki-client