Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/kvVLilfrj-E7QapOgIFBIMURhHE.roa
File: kvVLilfrj-E7QapOgIFBIMURhHE.roa (raw, json)
Hash identifier: 0le2TnF9Gm+njvmT82JZhfr15RvaK/uDvd2Y5cCv3gE=
Subject key identifier: 92:F5:4B:8A:57:EB:8F:E1:3B:41:AA:4E:80:81:41:20:C5:11:84:71
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 0193CA206CE9C4CABD051DE08B57C9335284
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/kvVLilfrj-E7QapOgIFBIMURhHE.roa
Signing time: Sun 15 Dec 2024 11:42:22 +0000
ROA not before: Sun 15 Dec 2024 11:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60029
IP address blocks: 45.152.120.0/24 maxlen: 24
45.152.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ca:20:6c:e9:c4:ca:bd:05:1d:e0:8b:57:c9:33:52:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Dec 15 11:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92f54b8a57eb8fe13b41aa4e80814120c5118471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ba:65:e6:ec:49:8e:80:6e:2f:b7:5d:60:d2:
54:65:8f:b9:e3:49:85:cc:ff:88:dd:6e:b4:22:5d:
98:ba:cb:e3:0b:18:2d:92:a7:fb:bf:e0:a1:a8:de:
21:1e:12:d6:b0:c1:26:9e:17:c9:d0:c1:7b:58:e4:
cd:62:3f:24:94:3f:26:64:9c:4f:4f:9d:0c:95:90:
ce:29:90:41:5d:a8:f6:2a:31:35:5b:6b:09:9f:bf:
7f:1f:d8:b4:b3:7d:c7:18:02:d9:70:06:0e:04:35:
85:48:f3:c7:11:51:3c:62:c3:44:26:08:7e:d8:5e:
5c:ac:57:b2:6e:02:25:5a:93:a9:d2:cb:a1:38:75:
e3:b6:43:85:a9:c7:ca:b8:48:64:dd:a5:46:01:9f:
0d:76:e2:cb:bc:c7:42:91:26:8f:84:19:2c:3f:e1:
ff:88:69:4c:99:7f:6d:9c:3b:3b:96:61:73:95:5b:
0a:43:e5:aa:e5:42:11:2b:f2:08:ab:77:7c:53:f4:
ab:4e:1b:6f:95:10:8d:95:63:d2:38:7b:45:1f:ed:
84:83:44:a0:ef:27:35:40:c7:5e:33:17:8d:fc:90:
c8:1d:f2:c3:99:e6:4f:11:19:76:ab:c4:74:53:a5:
22:d8:d2:5a:fc:7f:3a:9e:0d:6f:47:06:32:9b:37:
0f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F5:4B:8A:57:EB:8F:E1:3B:41:AA:4E:80:81:41:20:C5:11:84:71
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/kvVLilfrj-E7QapOgIFBIMURhHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.120.0/23
Signature Algorithm: sha256WithRSAEncryption
94:54:34:b0:b2:7d:ac:53:79:b3:13:e6:54:8e:b2:77:56:d6:
ca:73:21:7a:99:46:65:0d:62:77:58:86:8a:e5:ed:3a:a7:c4:
e0:04:b2:df:5b:9c:44:2f:79:3d:6c:3c:32:7c:96:2c:a7:08:
21:67:26:dc:9a:4c:f1:86:04:b6:45:3c:ac:15:df:74:56:8f:
41:a9:c8:8e:ad:88:40:41:a3:53:9b:ed:76:da:10:68:6a:49:
09:5a:98:60:af:68:a7:ec:e9:d2:8d:af:ca:0f:68:b9:db:c0:
b8:12:18:fc:61:01:36:65:f7:e9:3e:8f:0e:76:d2:31:f2:dd:
09:b4:e5:c6:d1:a3:58:9d:5a:ce:39:05:28:c5:d8:68:db:3c:
1c:67:23:48:61:bb:87:41:a3:fd:79:1d:c6:ab:bc:26:96:1f:
fb:25:b0:98:b0:8e:1d:ae:26:96:a5:90:bb:bb:2c:39:5c:1b:
6c:6e:97:dd:3e:17:ae:57:ff:1c:df:8e:4e:01:ef:d1:ce:7e:
6d:f7:bd:0c:6c:be:89:6c:16:af:49:0d:51:70:e1:d6:bc:c3:
c6:03:8d:27:90:cf:85:1a:ab:ac:c9:7d:e5:d8:ba:72:e8:d3:
e5:24:c4:0a:55:44:af:a7:e4:55:70:eb:76:5f:de:eb:a5:10:
0d:1d:7e:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPKIGzpxMq9BR3gi1fJM1KEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjQxMjE1MTE0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY1NGI4YTU3ZWI4ZmUxM2I0MWFhNGU4MDgxNDEyMGM1MTE4NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrpl5uxJjoBuL7ddYNJUZY+540mF
zP+I3W60Il2YusvjCxgtkqf7v+ChqN4hHhLWsMEmnhfJ0MF7WOTNYj8klD8mZJxP
T50MlZDOKZBBXaj2KjE1W2sJn79/H9i0s33HGALZcAYOBDWFSPPHEVE8YsNEJgh+
2F5crFeybgIlWpOp0suhOHXjtkOFqcfKuEhk3aVGAZ8NduLLvMdCkSaPhBksP+H/
iGlMmX9tnDs7lmFzlVsKQ+Wq5UIRK/IIq3d8U/SrThtvlRCNlWPSOHtFH+2Eg0Sg
7yc1QMdeMxeN/JDIHfLDmeZPERl2q8R0U6Ui2NJa/H86ng1vRwYymzcPqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJL1S4pX64/hO0GqToCBQSDFEYRxMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEva3ZWTGlsZnJqLUU3UWFwT2dJRkJJTVVSaEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCUVDSwsn2sU3mzE+ZUjrJ3VtbKcyF6mUZlDWJ3WIaK
5e06p8TgBLLfW5xEL3k9bDwyfJYspwghZybcmkzxhgS2RTysFd90Vo9BqciOrYhA
QaNTm+122hBoakkJWphgr2in7OnSja/KD2i528C4Ehj8YQE2ZffpPo8OdtIx8t0J
tOXG0aNYnVrOOQUoxdho2zwcZyNIYbuHQaP9eR3Gq7wmlh/7JbCYsI4driaWpZC7
uyw5XBtsbpfdPheuV/8c345OAe/Rzn5t970MbL6JbBavSQ1RcOHWvMPGA40nkM+F
GqusyX3l2Lpy6NPlJMQKVUSvp+RVcOt2X97rpRANHX7y
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:23:59 2025 by rpki-client