Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/w73CGJzrQ3CT_WqdKzgaA-9iBpw.roa
File: w73CGJzrQ3CT_WqdKzgaA-9iBpw.roa (raw, json)
Hash identifier: CDvQd0gtNTAwpEBMdR8xZP0y3RhpF7Zt6HskLFzrTOU=
Subject key identifier: C3:BD:C2:18:9C:EB:43:70:93:FD:6A:9D:2B:38:1A:03:EF:62:06:9C
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369DEC0FE443E4446E6288465F7DFC8
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/w73CGJzrQ3CT_WqdKzgaA-9iBpw.roa
Signing time: Wed 01 Jan 2025 19:48:48 +0000
ROA not before: Wed 01 Jan 2025 19:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215632
IP address blocks: 45.137.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 12:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:de:c0:fe:44:3e:44:46:e6:28:84:65:f7:df:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3bdc2189ceb437093fd6a9d2b381a03ef62069c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d2:33:b9:c1:c2:32:bc:91:f1:d3:e9:ef:76:
ab:7c:58:a2:73:1f:77:50:76:a5:0d:41:22:c3:c1:
a7:47:2e:41:60:d7:0b:93:86:cb:6b:f0:18:4b:f9:
ed:73:f9:df:82:39:f6:8d:38:ab:83:2f:0a:54:70:
16:b9:82:a7:c7:40:8c:9c:d8:ae:90:71:55:5e:4d:
39:a8:9a:49:31:ca:47:b6:d2:77:e9:54:6e:a9:e7:
38:51:12:17:66:eb:98:57:f0:f1:f2:24:ab:cf:32:
b7:b4:08:e4:c1:54:d6:8c:d3:7f:58:76:a0:e3:c1:
6a:a3:86:b7:52:09:a1:bb:d3:26:5a:99:0d:9b:c2:
99:8c:d8:18:0e:24:8d:a5:f1:c0:7f:57:cd:2f:ed:
95:dc:a0:fb:f8:4d:16:72:86:94:86:3e:6e:1f:6b:
d5:5c:8a:7e:b3:4f:94:0a:9f:3f:0c:50:41:c9:7f:
29:93:2c:29:05:03:8a:20:26:73:e0:6f:fd:1c:d0:
f5:91:17:72:e0:ed:ac:95:8c:2e:f1:a0:04:9d:6f:
ca:62:51:4c:4a:2d:a9:36:ee:09:5e:7f:b0:ef:8c:
59:77:14:54:44:72:40:93:62:5b:29:da:65:4d:e2:
02:dc:78:75:fd:6d:0d:59:9a:53:a2:65:d1:c2:86:
42:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BD:C2:18:9C:EB:43:70:93:FD:6A:9D:2B:38:1A:03:EF:62:06:9C
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/w73CGJzrQ3CT_WqdKzgaA-9iBpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.154.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e5:72:fb:fc:37:60:78:f1:bb:38:09:57:37:ec:a8:0e:bc:
ea:5d:50:0a:01:f1:5c:1e:e2:ad:fc:be:db:32:20:8f:95:a3:
be:78:6b:a2:1d:f0:8b:6f:36:a2:d6:65:b4:1a:f9:4b:84:64:
46:da:7a:2e:78:f7:5d:24:28:b7:d5:5a:1a:5a:b4:bf:77:ce:
5a:8d:12:9d:37:49:17:99:f2:bd:1a:6a:a9:9e:01:04:36:e9:
4d:b2:40:e3:0f:ad:5b:84:14:2c:3a:cc:0d:c3:e0:24:5b:06:
2d:fe:b7:e2:bc:79:a3:b9:f2:16:f5:b4:e3:b8:2e:91:3c:24:
e1:49:3d:fa:bf:9e:eb:e0:45:3b:9f:8b:15:58:79:49:28:55:
79:3e:d3:13:ea:52:ef:07:01:9e:1d:fd:f5:a6:c9:25:92:fd:
54:99:c9:c4:4b:9e:e8:7b:12:bf:ba:b5:c9:3a:ba:33:eb:44:
fa:6c:fb:39:5c:b3:2f:31:91:e4:c9:0d:8f:e0:db:02:c2:78:
a6:64:e8:08:77:83:56:33:5e:67:a4:2d:9d:a8:93:c8:e5:fd:
21:f3:ab:12:7d:5d:a2:20:54:4e:32:d9:86:f5:0d:a0:e7:7a:
b8:32:bd:ec:cc:d5:cc:1e:e2:b4:ba:2b:54:09:6a:27:51:cf:
b9:32:43:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjad7A/kQ+REbmKIRl99/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JkYzIxODljZWI0MzcwOTNmZDZhOWQyYjM4MWEwM2VmNjIwNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dIzucHCMryR8dPp73arfFiicx93
UHalDUEiw8GnRy5BYNcLk4bLa/AYS/ntc/nfgjn2jTirgy8KVHAWuYKnx0CMnNiu
kHFVXk05qJpJMcpHttJ36VRuqec4URIXZuuYV/Dx8iSrzzK3tAjkwVTWjNN/WHag
48Fqo4a3Ugmhu9MmWpkNm8KZjNgYDiSNpfHAf1fNL+2V3KD7+E0WcoaUhj5uH2vV
XIp+s0+UCp8/DFBByX8pkywpBQOKICZz4G/9HND1kRdy4O2slYwu8aAEnW/KYlFM
Si2pNu4JXn+w74xZdxRURHJAk2JbKdplTeIC3Hh1/W0NWZpTomXRwoZCIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMO9whic60Nwk/1qnSs4GgPvYgacMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvdzczQ0dKenJRM0NUX1dxZEt6Z2FBLTlpQnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYmaMA0G
CSqGSIb3DQEBCwUAA4IBAQAS5XL7/DdgePG7OAlXN+yoDrzqXVAKAfFcHuKt/L7b
MiCPlaO+eGuiHfCLbzai1mW0GvlLhGRG2nouePddJCi31VoaWrS/d85ajRKdN0kX
mfK9GmqpngEENulNskDjD61bhBQsOswNw+AkWwYt/rfivHmjufIW9bTjuC6RPCTh
ST36v57r4EU7n4sVWHlJKFV5PtMT6lLvBwGeHf31psklkv1UmcnES57oexK/urXJ
Oroz60T6bPs5XLMvMZHkyQ2P4NsCwnimZOgId4NWM15npC2dqJPI5f0h86sSfV2i
IFROMtmG9Q2g53q4Mr3szNXMHuK0uitUCWonUc+5MkOE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:19 2025 by rpki-client