Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vdISIhBFsaStwtd-mmC6LLeogLs.roa
File: vdISIhBFsaStwtd-mmC6LLeogLs.roa (raw, json)
Hash identifier: WbMyYwmnm5+Q29lCfq/yWzpIbeuzR1QdQPml/8f3vbw=
Subject key identifier: BD:D2:12:22:10:45:B1:A4:AD:C2:D7:7E:9A:60:BA:2C:B7:A8:80:BB
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 019355ABEA32690B97E0EC248DC6D79C5519
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vdISIhBFsaStwtd-mmC6LLeogLs.roa
Signing time: Fri 22 Nov 2024 20:59:10 +0000
ROA not before: Fri 22 Nov 2024 20:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44160
IP address blocks: 45.143.158.0/23 maxlen: 23
2a02:210::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:ab:ea:32:69:0b:97:e0:ec:24:8d:c6:d7:9c:55:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Nov 22 20:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdd212221045b1a4adc2d77e9a60ba2cb7a880bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:96:ef:d0:be:1f:96:2e:f9:9a:12:3d:40:
ea:b0:e9:cb:04:04:de:3b:da:af:ba:f3:23:b7:36:
dd:2f:14:93:46:36:a2:d4:59:49:aa:ed:e1:a5:13:
89:23:9e:ba:f5:20:6b:54:60:ad:92:4c:9a:05:1f:
43:50:c5:1d:db:9a:fb:fe:51:ef:a7:d0:eb:06:ac:
47:e7:ee:a4:af:87:31:9a:3c:b2:d0:a1:a6:21:a9:
56:a7:51:f4:74:b2:d8:ab:95:10:33:49:6f:3b:72:
1d:98:37:87:13:b2:7c:62:ee:6b:75:2a:8c:96:3d:
27:05:b7:4d:77:84:68:60:84:1a:79:1d:67:17:d9:
47:7b:a7:2c:d6:9e:6f:72:3f:d7:cf:65:23:71:56:
fb:90:78:92:41:01:46:ca:d5:77:03:6a:f8:4d:05:
c8:b1:3d:6c:12:94:29:9d:2c:c1:19:3c:17:e6:77:
53:08:70:8d:54:e2:ba:32:c2:32:86:75:c1:1b:c4:
e9:73:a3:f5:50:24:87:29:9f:15:29:d8:60:ea:11:
9a:bf:90:85:91:68:ca:77:8b:e5:d2:df:74:c4:1d:
84:48:9e:a3:db:75:d6:a1:bd:f9:12:0c:98:0d:ec:
76:47:9f:87:3f:c9:04:3d:45:db:3c:ba:9f:df:38:
34:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D2:12:22:10:45:B1:A4:AD:C2:D7:7E:9A:60:BA:2C:B7:A8:80:BB
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vdISIhBFsaStwtd-mmC6LLeogLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.158.0/23
IPv6:
2a02:210::/32
Signature Algorithm: sha256WithRSAEncryption
5e:38:b1:81:a5:f0:a6:36:0e:57:20:0b:9f:5b:4b:dd:99:ca:
c3:7f:36:ee:19:6f:be:0f:be:71:16:90:d1:4c:a7:23:c1:0a:
a7:51:5c:fd:32:9f:99:b9:c4:74:26:4e:9a:f3:55:7a:a0:ce:
dc:eb:75:e2:ee:b3:00:f3:79:5a:97:97:60:db:2d:fe:aa:07:
7a:88:51:e4:39:4b:81:91:7e:1c:ee:f1:47:c7:9d:9b:0e:3e:
9d:a8:19:87:e2:43:94:e9:f7:63:3e:df:be:57:58:b8:70:3d:
6b:b9:27:1b:6f:d6:b4:6b:21:ce:33:2c:b3:42:40:c7:f7:9b:
4a:a9:38:fa:c1:1c:2d:01:9d:b4:9c:3d:a3:96:ce:e4:9d:d5:
4a:9c:63:dc:7a:38:7d:ed:86:86:81:d6:a2:af:b8:f8:6a:ee:
57:75:b3:14:1d:6a:7c:0e:0a:c1:8a:d0:1c:ec:d0:85:72:59:
1b:e6:f9:b4:3e:08:94:95:c5:90:d3:b0:e3:7c:06:ea:71:1b:
f6:96:2b:09:cd:98:ac:89:72:19:7e:cb:2c:fd:3e:0d:a8:73:
da:dd:db:8b:06:af:ea:15:d7:7a:7f:fc:f0:72:f7:6a:35:12:
77:af:e6:60:58:8c:65:16:6d:14:1e:06:02:9b:67:f5:d2:f7:
01:79:51:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNVq+oyaQuX4OwkjcbXnFUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQxMTIyMjA1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQyMTIyMjEwNDViMWE0YWRjMmQ3N2U5YTYwYmEyY2I3YTg4MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uGW79C+H5Yu+ZoSPUDqsOnLBATe
O9qvuvMjtzbdLxSTRjai1FlJqu3hpROJI5669SBrVGCtkkyaBR9DUMUd25r7/lHv
p9DrBqxH5+6kr4cxmjyy0KGmIalWp1H0dLLYq5UQM0lvO3IdmDeHE7J8Yu5rdSqM
lj0nBbdNd4RoYIQaeR1nF9lHe6cs1p5vcj/Xz2UjcVb7kHiSQQFGytV3A2r4TQXI
sT1sEpQpnSzBGTwX5ndTCHCNVOK6MsIyhnXBG8Tpc6P1UCSHKZ8VKdhg6hGav5CF
kWjKd4vl0t90xB2ESJ6j23XWob35EgyYDex2R5+HP8kEPUXbPLqf3zg0twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL3SEiIQRbGkrcLXfppguiy3qIC7MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvdmRJU0loQkZzYVN0d3RkLW1tQzZMTGVvZ0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLY+eMA0E
AgACMAcDBQAqAgIQMA0GCSqGSIb3DQEBCwUAA4IBAQBeOLGBpfCmNg5XIAufW0vd
mcrDfzbuGW++D75xFpDRTKcjwQqnUVz9Mp+ZucR0Jk6a81V6oM7c63Xi7rMA83la
l5dg2y3+qgd6iFHkOUuBkX4c7vFHx52bDj6dqBmH4kOU6fdjPt++V1i4cD1ruScb
b9a0ayHOMyyzQkDH95tKqTj6wRwtAZ20nD2jls7kndVKnGPcejh97YaGgdair7j4
au5XdbMUHWp8DgrBitAc7NCFclkb5vm0PgiUlcWQ07DjfAbqcRv2lisJzZisiXIZ
fsss/T4NqHPa3duLBq/qFdd6f/zwcvdqNRJ3r+ZgWIxlFm0UHgYCm2f10vcBeVFE
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:57 2025 by rpki-client