Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/_1-OJT6O5glpz7TYnMK7YZJVqIs.roa
File: _1-OJT6O5glpz7TYnMK7YZJVqIs.roa (raw, json)
Hash identifier: OE9YEaLE3HZUNGp2ej9ZjT8C2EZMsbRGxPnoBN7zRrQ=
Subject key identifier: FF:5F:8E:25:3E:8E:E6:09:69:CF:B4:D8:9C:C2:BB:61:92:55:A8:8B
Certificate issuer: /CN=b3040c7f451c614d7eeba82c32a398e87de3b8c9
Certificate serial: 018CC2DAD6F45EDD5E4C435B705ED9BFA589
Authority key identifier: B3:04:0C:7F:45:1C:61:4D:7E:EB:A8:2C:32:A3:98:E8:7D:E3:B8:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swQMf0UcYU1-66gsMqOY6H3juMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/_1-OJT6O5glpz7TYnMK7YZJVqIs.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35122
IP address blocks: 45.146.140.0/22 maxlen: 22
85.255.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d6:f4:5e:dd:5e:4c:43:5b:70:5e:d9:bf:a5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3040c7f451c614d7eeba82c32a398e87de3b8c9
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff5f8e253e8ee60969cfb4d89cc2bb619255a88b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d4:d6:84:64:3c:e4:a2:60:32:a9:6e:7a:62:
00:fa:b2:0c:07:71:4b:d8:52:e9:51:a8:64:69:67:
2e:8c:d1:f8:e6:fe:6c:2f:79:74:2a:1b:a4:df:57:
93:1e:5a:08:33:ab:02:b4:30:39:0d:b4:d6:99:dd:
33:78:af:c4:2f:92:ff:cc:4a:37:b5:ce:61:82:d4:
6c:ff:2e:cc:b1:f8:d6:a1:a5:7c:b5:c4:a1:3a:01:
81:a2:0a:03:6a:82:59:6c:75:34:90:ae:92:72:e0:
c3:dd:06:e8:cf:39:7c:80:f8:61:65:2a:c2:ff:d6:
05:d7:6a:59:1e:5d:a9:c3:92:8c:c0:97:fd:29:fe:
a4:68:dd:00:74:6d:42:9e:cf:ce:24:c3:b5:72:d2:
9d:84:df:89:d9:8e:ed:e7:1a:a3:56:aa:a7:4c:10:
d3:2a:9c:85:50:db:52:4e:e0:b7:60:b1:82:88:47:
b4:ca:a7:83:cb:a5:20:29:db:9c:17:ec:8a:ef:22:
53:fd:f6:8d:1d:45:52:b7:ae:d4:db:fc:bc:d7:41:
f1:05:46:5f:78:51:f8:d3:82:38:53:64:98:b3:b1:
e3:3e:96:eb:a2:cb:97:77:a2:01:18:aa:46:b0:bd:
69:92:55:0a:e0:9e:d2:86:cb:7c:16:8b:58:59:95:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5F:8E:25:3E:8E:E6:09:69:CF:B4:D8:9C:C2:BB:61:92:55:A8:8B
X509v3 Authority Key Identifier:
keyid:B3:04:0C:7F:45:1C:61:4D:7E:EB:A8:2C:32:A3:98:E8:7D:E3:B8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swQMf0UcYU1-66gsMqOY6H3juMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/_1-OJT6O5glpz7TYnMK7YZJVqIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/swQMf0UcYU1-66gsMqOY6H3juMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.140.0/22
85.255.160.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:80:b7:f3:13:40:67:3f:74:b1:e7:5a:1a:26:e9:f1:ce:09:
64:8d:70:a3:44:5b:32:56:cc:53:7f:d4:b0:12:18:60:ca:d4:
22:df:f9:12:3e:06:a0:7a:45:d4:c1:1d:ad:ba:1a:6d:2f:28:
d1:ed:a9:17:39:98:4e:14:05:2e:f2:d3:a5:34:06:a6:4f:ab:
70:98:8e:f3:5f:03:ac:63:d7:24:53:d8:af:59:a3:5b:fa:36:
4f:96:bd:6b:73:81:6d:25:a1:a8:7c:1f:50:5e:23:cb:6d:06:
c6:1a:c0:35:32:5c:20:2b:bb:47:62:fa:ec:02:9a:af:b2:73:
46:98:d0:18:d3:9e:9d:39:5f:fb:92:42:f4:c3:0a:0b:64:c3:
57:20:74:a2:d8:c2:07:42:b3:93:1b:1f:66:f4:a8:c1:51:f7:
c3:78:42:e7:1e:36:f6:5d:da:5c:fa:91:50:28:4e:3c:be:93:
6e:9f:b7:23:15:98:4d:2a:ab:f2:08:42:cf:67:b1:4e:d5:74:
0c:ce:06:19:b6:d3:91:29:66:06:4c:bd:08:ab:29:6f:94:e5:
fc:36:72:57:be:25:d6:a8:54:ac:76:b0:bf:ec:ed:b2:39:ad:
2c:aa:35:22:be:37:da:d4:95:c6:14:bd:16:5d:9d:5f:70:c9:
5e:ce:35:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2tb0Xt1eTENbcF7Zv6WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDQwYzdmNDUxYzYxNGQ3ZWViYTgyYzMyYTM5OGU4N2Rl
M2I4YzkwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVmOGUyNTNlOGVlNjA5NjljZmI0ZDg5Y2MyYmI2MTkyNTVhODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdTWhGQ85KJgMqluemIA+rIMB3FL
2FLpUahkaWcujNH45v5sL3l0Khuk31eTHloIM6sCtDA5DbTWmd0zeK/EL5L/zEo3
tc5hgtRs/y7MsfjWoaV8tcShOgGBogoDaoJZbHU0kK6ScuDD3Qbozzl8gPhhZSrC
/9YF12pZHl2pw5KMwJf9Kf6kaN0AdG1Cns/OJMO1ctKdhN+J2Y7t5xqjVqqnTBDT
KpyFUNtSTuC3YLGCiEe0yqeDy6UgKducF+yK7yJT/faNHUVSt67U2/y810HxBUZf
eFH404I4U2SYs7HjPpbrosuXd6IBGKpGsL1pklUK4J7Shst8FotYWZXF4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP9fjiU+juYJac+02JzCu2GSVaiLMB8GA1UdIwQY
MBaAFLMEDH9FHGFNfuuoLDKjmOh947jJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dRTWYwVWNZVTEtNjZnc01xT1k2SDNqdU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NjZlNjctMTU0Ni00MTNjLWI2YTEt
NWE3OGJhNjA5MWMxLzEvXzEtT0pUNk81Z2xwejdUWW5NSzdZWkpWcUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NjZlNjctMTU0Ni00MTNjLWI2YTEtNWE3OGJhNjA5MWMx
LzEvc3dRTWYwVWNZVTEtNjZnc01xT1k2SDNqdU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZKMAwQE
Vf+gMA0GCSqGSIb3DQEBCwUAA4IBAQB/gLfzE0BnP3Sx51oaJunxzglkjXCjRFsy
VsxTf9SwEhhgytQi3/kSPgagekXUwR2tuhptLyjR7akXOZhOFAUu8tOlNAamT6tw
mI7zXwOsY9ckU9ivWaNb+jZPlr1rc4FtJaGofB9QXiPLbQbGGsA1MlwgK7tHYvrs
ApqvsnNGmNAY056dOV/7kkL0wwoLZMNXIHSi2MIHQrOTGx9m9KjBUffDeELnHjb2
Xdpc+pFQKE48vpNun7cjFZhNKqvyCELPZ7FO1XQMzgYZttORKWYGTL0IqylvlOX8
NnJXviXWqFSsdrC/7O2yOa0sqjUivjfa1JXGFL0WXZ1fcMlezjWL
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:41 2025 by rpki-client