Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/1Fnr0igaYlSw8FZjPtlW8SFvWNc.roa
File: 1Fnr0igaYlSw8FZjPtlW8SFvWNc.roa (raw, json)
Hash identifier: GwqNXkSR8wUqBZW/uMIQ0/9h1Llak31QpykVhUMU3Ig=
Subject key identifier: D4:59:EB:D2:28:1A:62:54:B0:F0:56:63:3E:D9:56:F1:21:6F:58:D7
Certificate issuer: /CN=234e9f75c7326f765c8966c2edc00a982a5ea7f0
Certificate serial: 01932D2613854828A849D0DB893AEC68647B
Authority key identifier: 23:4E:9F:75:C7:32:6F:76:5C:89:66:C2:ED:C0:0A:98:2A:5E:A7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I06fdccyb3ZciWbC7cAKmCpep_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/1Fnr0igaYlSw8FZjPtlW8SFvWNc.roa
Signing time: Fri 15 Nov 2024 00:08:10 +0000
ROA not before: Fri 15 Nov 2024 00:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208131
IP address blocks: 45.157.148.0/24 maxlen: 24
45.157.149.0/24 maxlen: 24
45.157.150.0/24 maxlen: 24
45.157.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2d:26:13:85:48:28:a8:49:d0:db:89:3a:ec:68:64:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234e9f75c7326f765c8966c2edc00a982a5ea7f0
Validity
Not Before: Nov 15 00:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d459ebd2281a6254b0f056633ed956f1216f58d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:07:00:a4:03:5a:eb:9f:7a:cd:a7:cd:aa:a8:
9e:11:32:0d:bb:99:2a:3e:0d:1f:2c:4f:a3:2b:fb:
5f:02:79:7a:ed:6f:55:ee:64:2c:0d:06:94:b8:b0:
9c:7b:4d:ea:2d:80:dd:48:68:32:e2:5b:20:0e:1e:
4e:39:af:9a:96:6d:5f:5d:ed:1b:5d:5f:c2:f1:2c:
7b:81:6f:f1:5e:12:18:84:9b:8f:8d:16:c5:53:e4:
3c:1c:62:36:a7:f3:89:32:6d:41:ca:0e:4b:51:65:
2e:53:3e:f3:6b:26:3c:b5:cc:07:f7:46:0d:6f:3e:
d8:55:96:0e:5b:0f:8c:03:bb:25:f8:58:f7:22:9e:
df:30:74:50:44:20:dd:d1:7e:ac:54:98:7c:41:97:
de:04:00:1f:09:7d:e2:41:f3:3c:07:59:6b:62:18:
c0:3e:58:da:85:8e:59:65:37:b0:77:4f:69:a9:85:
81:af:d3:9e:df:ef:c3:3e:37:14:e0:f9:32:88:c6:
08:80:a2:4a:f9:d3:ce:ab:bd:3b:8a:9a:80:9e:1a:
1a:58:0e:c8:46:5c:b6:4f:f7:9d:1b:67:d3:a1:c6:
3c:9b:98:8e:82:a2:ed:dd:36:69:33:85:85:28:1e:
27:6c:dc:e0:ad:63:e4:fa:7d:0b:ff:27:81:d6:ce:
cf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:59:EB:D2:28:1A:62:54:B0:F0:56:63:3E:D9:56:F1:21:6F:58:D7
X509v3 Authority Key Identifier:
keyid:23:4E:9F:75:C7:32:6F:76:5C:89:66:C2:ED:C0:0A:98:2A:5E:A7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I06fdccyb3ZciWbC7cAKmCpep_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/1Fnr0igaYlSw8FZjPtlW8SFvWNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/I06fdccyb3ZciWbC7cAKmCpep_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:ce:e3:1d:48:11:b7:33:31:50:5d:f9:da:81:99:68:c7:3e:
fa:18:36:3a:cc:61:be:81:55:86:16:b7:64:ca:e7:d6:7c:e4:
d9:26:43:54:76:4c:07:ff:61:75:8f:d4:eb:48:c9:b6:dd:29:
2a:a0:99:a8:b2:5a:74:db:b7:21:5a:3c:bf:82:de:1c:93:f8:
93:ce:3a:5f:1c:27:f7:07:de:60:c7:eb:55:33:d4:fb:df:f9:
dd:9c:53:0f:8f:fc:ac:63:7f:06:4f:80:61:3b:5a:42:91:50:
d0:92:b6:b5:d0:5a:4c:17:6b:cc:cb:b2:40:bc:1e:e7:93:f8:
fe:12:2d:f3:04:f7:0f:04:0a:97:0f:8d:5b:54:06:ec:86:a3:
a4:c0:db:24:a1:57:fd:b3:bc:f3:5e:ce:6c:f5:01:37:0b:de:
61:15:36:92:bd:a3:30:13:06:69:3c:4a:e0:7b:76:d4:56:53:
fd:81:9b:98:29:40:6a:45:cf:a2:09:28:ef:85:bb:62:74:f2:
b9:ae:18:43:58:df:45:ca:78:8d:94:25:43:21:fe:67:9e:62:
59:cf:2d:43:18:93:bc:e7:b4:0e:4c:ca:5e:14:52:97:81:41:
aa:f6:62:9c:e6:14:b3:16:84:ea:c7:de:d0:d7:f6:49:af:8a:
85:d5:08:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMtJhOFSCioSdDbiTrsaGR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGU5Zjc1YzczMjZmNzY1Yzg5NjZjMmVkYzAwYTk4MmE1
ZWE3ZjAwHhcNMjQxMTE1MDAwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU5ZWJkMjI4MWE2MjU0YjBmMDU2NjMzZWQ5NTZmMTIxNmY1OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgcApANa6596zafNqqieETINu5kq
Pg0fLE+jK/tfAnl67W9V7mQsDQaUuLCce03qLYDdSGgy4lsgDh5OOa+alm1fXe0b
XV/C8Sx7gW/xXhIYhJuPjRbFU+Q8HGI2p/OJMm1Byg5LUWUuUz7zayY8tcwH90YN
bz7YVZYOWw+MA7sl+Fj3Ip7fMHRQRCDd0X6sVJh8QZfeBAAfCX3iQfM8B1lrYhjA
PljahY5ZZTewd09pqYWBr9Oe3+/DPjcU4PkyiMYIgKJK+dPOq707ipqAnhoaWA7I
Rly2T/edG2fTocY8m5iOgqLt3TZpM4WFKB4nbNzgrWPk+n0L/yeB1s7PhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRZ69IoGmJUsPBWYz7ZVvEhb1jXMB8GA1UdIwQY
MBaAFCNOn3XHMm92XIlmwu3ACpgqXqfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTA2ZmRjY3liM1pjaVdiQzdjQUttQ3BlcF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82MzVhMGQtOTIxZi00NzExLWI3ZDQt
NzdkZWUyZDc5YWU0LzEvMUZucjBpZ2FZbFN3OEZaalB0bFc4U0Z2V05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82MzVhMGQtOTIxZi00NzExLWI3ZDQtNzdkZWUyZDc5YWU0
LzEvSTA2ZmRjY3liM1pjaVdiQzdjQUttQ3BlcF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ2UMA0G
CSqGSIb3DQEBCwUAA4IBAQC4zuMdSBG3MzFQXfnagZloxz76GDY6zGG+gVWGFrdk
yufWfOTZJkNUdkwH/2F1j9TrSMm23SkqoJmoslp027chWjy/gt4ck/iTzjpfHCf3
B95gx+tVM9T73/ndnFMPj/ysY38GT4BhO1pCkVDQkra10FpMF2vMy7JAvB7nk/j+
Ei3zBPcPBAqXD41bVAbshqOkwNskoVf9s7zzXs5s9QE3C95hFTaSvaMwEwZpPErg
e3bUVlP9gZuYKUBqRc+iCSjvhbtidPK5rhhDWN9FyniNlCVDIf5nnmJZzy1DGJO8
57QOTMpeFFKXgUGq9mKc5hSzFoTqx97Q1/ZJr4qF1Qhr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:12 2025 by rpki-client