Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/U7gwjkbM4mzQCSoz3kn4jYw6LjE.roa
File: U7gwjkbM4mzQCSoz3kn4jYw6LjE.roa (raw, json)
Hash identifier: 7JXxxMk9fMtyBkjauYdm6BaAvi6wxYXbTJzfBLp0UWI=
Subject key identifier: 53:B8:30:8E:46:CC:E2:6C:D0:09:2A:33:DE:49:F8:8D:8C:3A:2E:31
Certificate issuer: /CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Certificate serial: 0190C15DE49A57D1F894DB632DBC525E4127
Authority key identifier: 23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/U7gwjkbM4mzQCSoz3kn4jYw6LjE.roa
Signing time: Wed 17 Jul 2024 15:44:34 +0000
ROA not before: Wed 17 Jul 2024 15:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51519
IP address blocks: 45.132.232.0/22 maxlen: 22
45.132.235.0/24 maxlen: 24
2a0e:73c0::/29 maxlen: 29
2a0e:73c2:64::/48 maxlen: 48
2a0e:73c2:65::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:5d:e4:9a:57:d1:f8:94:db:63:2d:bc:52:5e:41:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Validity
Not Before: Jul 17 15:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53b8308e46cce26cd0092a33de49f88d8c3a2e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:0e:2d:07:1d:2a:f6:95:7d:9e:4a:cd:75:
17:bd:9c:5d:51:f3:9f:b9:cd:73:07:90:b0:50:ee:
d8:c7:8f:56:ef:9d:8f:92:de:f7:e1:13:d9:ba:a1:
68:ab:77:84:e3:93:c4:ba:f2:4a:f1:f4:3d:2e:af:
a7:7c:21:20:15:3d:5a:b2:38:c5:44:f8:95:28:3e:
7f:ab:9c:0e:9f:34:50:fb:75:7a:59:00:df:5e:cd:
ed:0a:32:ff:db:c2:83:52:e3:a5:a9:8c:5b:8f:7b:
c4:21:e0:1b:65:32:21:b9:32:f8:17:a2:fb:ff:c3:
f1:49:c3:72:3a:54:c1:d6:03:44:1b:b3:09:f8:7b:
b6:51:84:e5:d8:be:0a:78:68:cd:29:bb:52:74:4e:
d1:05:cc:2a:a6:9c:a3:dc:c4:98:83:0e:00:d6:8b:
23:4d:06:e9:7c:d0:4d:2e:ec:81:d2:2f:fb:9a:c7:
f2:5e:63:3e:9e:7c:73:8f:6b:d0:80:ec:fd:6c:ec:
7d:ba:48:0e:08:6d:6c:75:7a:7a:3f:3b:09:97:e1:
0b:17:62:d6:0b:29:8a:5a:b0:f1:d2:e2:28:50:24:
dd:74:87:dc:c3:6b:65:05:e6:4b:18:63:6b:92:47:
b6:bf:c0:14:12:01:f2:1f:9a:54:6a:91:14:13:f3:
1a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B8:30:8E:46:CC:E2:6C:D0:09:2A:33:DE:49:F8:8D:8C:3A:2E:31
X509v3 Authority Key Identifier:
keyid:23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/U7gwjkbM4mzQCSoz3kn4jYw6LjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.232.0/22
IPv6:
2a0e:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:f5:37:e0:80:ab:1a:82:cc:fb:f0:9e:e6:52:b4:bc:74:87:
b2:3b:4d:6a:24:ae:0d:8e:21:fe:35:a9:f7:97:dc:26:5f:2e:
35:58:b7:01:79:65:54:c3:fb:98:89:ce:cf:6b:66:f7:9d:e8:
32:dc:0a:44:68:f2:79:4c:64:f4:b5:37:9d:38:b4:f8:2b:1c:
ba:f3:f1:37:7a:97:9a:3e:87:88:ee:d7:62:aa:e2:12:99:52:
5f:8e:76:79:88:30:bd:74:44:f7:4c:1b:77:c6:73:74:c0:90:
9d:24:cd:d3:04:44:7a:c1:59:ba:df:e2:78:cb:37:a7:4a:0a:
80:1b:0f:c4:dd:1f:eb:25:9f:2c:81:13:a8:08:18:7d:29:f2:
27:e6:a3:c7:3d:66:3e:95:86:5f:36:76:0a:2c:29:af:38:e3:
1b:16:9f:87:3a:2e:12:41:9d:35:76:76:3c:f4:a4:85:4d:8e:
b3:54:12:89:92:e9:e0:88:c8:c9:d0:77:81:80:a5:b0:5f:b5:
5a:2a:37:3f:d9:df:67:28:4b:67:eb:38:8a:2a:4a:e2:3d:88:
18:25:4d:46:da:71:a6:19:5b:da:fc:28:d6:23:9a:90:2a:3c:
a2:1a:91:c1:48:ff:72:38:79:a7:5e:49:3a:74:96:72:c6:09:
a6:ba:b9:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDBXeSaV9H4lNtjLbxSXkEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjZlZWVhZGQ0YzBlZTU1YjM1OTRhNTk2ZTY3MjIwODE5
YzE4ZDUwHhcNMjQwNzE3MTU0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I4MzA4ZTQ2Y2NlMjZjZDAwOTJhMzNkZTQ5Zjg4ZDhjM2EyZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAcOLQcdKvaVfZ5KzXUXvZxdUfOf
uc1zB5CwUO7Yx49W752Pkt734RPZuqFoq3eE45PEuvJK8fQ9Lq+nfCEgFT1asjjF
RPiVKD5/q5wOnzRQ+3V6WQDfXs3tCjL/28KDUuOlqYxbj3vEIeAbZTIhuTL4F6L7
/8PxScNyOlTB1gNEG7MJ+Hu2UYTl2L4KeGjNKbtSdE7RBcwqppyj3MSYgw4A1osj
TQbpfNBNLuyB0i/7msfyXmM+nnxzj2vQgOz9bOx9ukgOCG1sdXp6PzsJl+ELF2LW
CymKWrDx0uIoUCTddIfcw2tlBeZLGGNrkke2v8AUEgHyH5pUapEUE/MaKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFO4MI5GzOJs0AkqM95J+I2MOi4xMB8GA1UdIwQY
MBaAFCMm7urdTA7lWzWUpZbmciCBnBjVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlidTZ0MU1EdVZiTlpTbGx1WnlJSUdjR05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9hNTk4MGQtNjVmNC00NTczLTk3NTkt
MzM0MTU5NjdjMjEzLzEvVTdnd2prYk00bXpRQ1NvejNrbjRqWXc2TGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9hNTk4MGQtNjVmNC00NTczLTk3NTktMzM0MTU5NjdjMjEz
LzEvSXlidTZ0MU1EdVZiTlpTbGx1WnlJSUdjR05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYToMA0E
AgACMAcDBQMqDnPAMA0GCSqGSIb3DQEBCwUAA4IBAQAB9TfggKsagsz78J7mUrS8
dIeyO01qJK4NjiH+Nan3l9wmXy41WLcBeWVUw/uYic7Pa2b3negy3ApEaPJ5TGT0
tTedOLT4Kxy68/E3epeaPoeI7tdiquISmVJfjnZ5iDC9dET3TBt3xnN0wJCdJM3T
BER6wVm63+J4yzenSgqAGw/E3R/rJZ8sgROoCBh9KfIn5qPHPWY+lYZfNnYKLCmv
OOMbFp+HOi4SQZ01dnY89KSFTY6zVBKJkungiMjJ0HeBgKWwX7VaKjc/2d9nKEtn
6ziKKkriPYgYJU1G2nGmGVva/CjWI5qQKjyiGpHBSP9yOHmnXkk6dJZyxgmmurla
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:57 2025 by rpki-client