Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/1NiIYIWDATABnd0GoW-p1qU3zEM.roa
File: 1NiIYIWDATABnd0GoW-p1qU3zEM.roa (raw, json)
Hash identifier: 3B+ulLYgR8HE5i3kohWDewukmW+Ooi8/aaPMCin2Koo=
Subject key identifier: D4:D8:88:60:85:83:01:30:01:9D:DD:06:A1:6F:A9:D6:A5:37:CC:43
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0194228DD2CDF56931CA48924129F5FAFF1E
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/1NiIYIWDATABnd0GoW-p1qU3zEM.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152700
IP address blocks: 45.157.137.0/24 maxlen: 24
185.217.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d2:cd:f5:69:31:ca:48:92:41:29:f5:fa:ff:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4d8886085830130019ddd06a16fa9d6a537cc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4a:b2:47:8f:36:74:4d:a0:10:7e:6d:17:a7:
b4:74:ab:a8:89:b9:80:61:9e:48:95:df:84:ce:9f:
66:86:3d:29:d2:a2:cb:06:fd:63:e8:90:d6:b3:09:
47:1a:b0:e3:cb:b5:9c:1a:b2:c6:f9:d3:3f:5b:eb:
32:e9:1f:f0:44:cd:40:ba:0c:c0:9d:02:5e:06:03:
f7:77:a8:3e:3b:bb:e6:13:1d:aa:61:d9:ca:89:56:
41:d6:cd:69:d5:0d:07:02:2a:34:ad:fe:dd:6f:6a:
82:5b:f1:bd:0b:4f:63:d8:84:b1:18:09:70:3f:55:
b2:dc:b3:f3:e2:6e:b6:a0:5d:bf:d5:7a:1a:22:21:
2b:75:77:12:e5:08:47:2f:c1:b2:96:d3:24:26:e5:
1d:87:ca:d0:32:ff:06:7f:7c:03:19:e9:ff:2c:59:
76:04:48:e4:d0:5d:20:00:68:ca:77:5a:4a:94:ea:
ed:c4:7d:8a:9a:19:61:e7:c7:27:16:ea:ad:f3:0e:
77:5f:c2:3b:af:be:ac:d0:67:c8:32:ec:dd:92:38:
18:5e:33:3f:06:d6:db:71:b3:53:f3:aa:b7:36:b2:
8e:11:c2:e7:0f:ed:ed:82:06:aa:e8:77:76:e8:82:
ab:a9:bc:90:55:d8:4e:a3:a3:ab:d5:5c:20:01:74:
d5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D8:88:60:85:83:01:30:01:9D:DD:06:A1:6F:A9:D6:A5:37:CC:43
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/1NiIYIWDATABnd0GoW-p1qU3zEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.137.0/24
185.217.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:45:88:62:2d:c7:97:5a:8a:ff:ec:c8:0c:b2:b5:41:66:96:
2c:e6:8d:85:d5:fb:c6:40:df:56:c2:5d:52:31:cf:9b:9f:0e:
40:be:19:bd:55:24:aa:de:0f:f1:ea:47:e5:96:e5:a7:e6:16:
d3:87:5b:fe:f9:2a:ac:9e:ae:07:36:f6:ed:6c:52:6c:1a:59:
5b:78:5d:2e:b7:b6:e5:2a:67:0c:8e:b3:93:86:b9:9c:0c:84:
48:c7:9e:be:d6:49:5c:15:41:e8:4d:44:16:d2:5a:1d:8d:ed:
66:a5:16:fb:17:dd:f9:0e:aa:c7:76:28:ec:af:9e:c5:c9:8f:
bf:7c:5b:59:5d:1c:c1:a1:1c:f7:58:2b:4f:d4:22:54:cf:bb:
1b:6c:e9:10:19:1d:7f:36:34:94:21:b5:ae:c7:80:22:72:7b:
53:06:6f:d1:e3:71:7e:68:d6:52:bd:18:a2:9b:86:0f:33:10:
eb:1d:72:17:e3:f5:40:9d:89:f8:72:52:80:34:45:0f:5d:d5:
c0:1b:9a:27:a7:5c:7b:91:d5:af:4d:c7:fc:1c:68:0f:4e:fc:
a6:19:8c:26:5b:61:be:ff:aa:fe:7c:1e:69:72:eb:56:ff:ee:
b8:df:25:3a:f3:f0:01:00:07:20:95:fe:15:aa:c7:d0:db:7e:
01:78:ea:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijdLN9WkxykiSQSn1+v8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ4ODg2MDg1ODMwMTMwMDE5ZGRkMDZhMTZmYTlkNmE1MzdjYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0qyR482dE2gEH5tF6e0dKuoibmA
YZ5Ild+Ezp9mhj0p0qLLBv1j6JDWswlHGrDjy7WcGrLG+dM/W+sy6R/wRM1AugzA
nQJeBgP3d6g+O7vmEx2qYdnKiVZB1s1p1Q0HAio0rf7db2qCW/G9C09j2ISxGAlw
P1Wy3LPz4m62oF2/1XoaIiErdXcS5QhHL8GyltMkJuUdh8rQMv8Gf3wDGen/LFl2
BEjk0F0gAGjKd1pKlOrtxH2Kmhlh58cnFuqt8w53X8I7r76s0GfIMuzdkjgYXjM/
BtbbcbNT86q3NrKOEcLnD+3tggaq6Hd26IKrqbyQVdhOo6Or1VwgAXTVywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTYiGCFgwEwAZ3dBqFvqdalN8xDMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvMU5pSVlJV0RBVEFCbmQwR29XLXAxcVUzekVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ2JAwQA
udnCMA0GCSqGSIb3DQEBCwUAA4IBAQAKRYhiLceXWor/7MgMsrVBZpYs5o2F1fvG
QN9Wwl1SMc+bnw5Avhm9VSSq3g/x6kflluWn5hbTh1v++Sqsnq4HNvbtbFJsGllb
eF0ut7blKmcMjrOThrmcDIRIx56+1klcFUHoTUQW0lodje1mpRb7F935DqrHdijs
r57FyY+/fFtZXRzBoRz3WCtP1CJUz7sbbOkQGR1/NjSUIbWux4AicntTBm/R43F+
aNZSvRiim4YPMxDrHXIX4/VAnYn4clKANEUPXdXAG5onp1x7kdWvTcf8HGgPTvym
GYwmW2G+/6r+fB5pcutW/+643yU68/ABAAcglf4VqsfQ234BeOq4
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:48 2025 by rpki-client