Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HdfkDhgGac67tTsGITqFiynDi_4.roa
File: HdfkDhgGac67tTsGITqFiynDi_4.roa (raw, json)
Hash identifier: BkWT70EPU87XsGq5rMOa0IXXEcFHoBON+F7j0KJ8Onk=
Subject key identifier: 1D:D7:E4:0E:18:06:69:CE:BB:B5:3B:06:21:3A:85:8B:29:C3:8B:FE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA41B8ED9A8FA4B70AB057AF00572
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HdfkDhgGac67tTsGITqFiynDi_4.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200784
IP address blocks: 45.132.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a4:1b:8e:d9:a8:fa:4b:70:ab:05:7a:f0:05:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd7e40e180669cebbb53b06213a858b29c38bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5d:8c:d6:6b:ba:28:7b:e7:b6:74:05:37:c4:
33:1c:5e:1c:ca:76:89:8f:fd:07:24:e3:3f:06:b3:
cd:7d:ff:01:1d:3b:da:c8:d5:d2:eb:e8:5b:9d:d0:
c6:76:88:b1:a9:f0:2d:fe:d8:44:a6:a9:13:67:53:
3b:40:49:95:94:f0:54:5b:63:1e:fa:3f:0f:8c:f7:
fa:1b:5f:e6:ea:72:a6:36:00:7d:63:be:2e:1d:af:
45:94:c8:99:50:6e:c6:14:00:6e:85:12:dc:f7:2a:
04:64:c7:7c:29:e1:d2:ab:64:35:ac:56:65:de:a0:
99:6d:b1:14:1e:f7:a7:b3:54:f2:46:5b:b2:70:9e:
2c:9a:d8:ea:a1:25:dc:56:b9:f5:10:7b:0a:0e:f9:
1e:55:c3:a1:a1:7d:85:be:25:44:19:65:4f:6d:8a:
ab:5f:ab:9b:8b:a3:62:ad:3a:ea:3b:2f:2c:8c:2e:
05:20:98:b2:8c:71:b4:98:74:31:71:9f:2f:cc:9a:
33:8a:4c:3e:8f:89:a1:66:e6:7f:d0:0c:c8:25:c1:
1f:ed:c9:7a:0c:73:d9:e2:3d:08:9e:42:4e:ea:40:
55:9b:66:ef:3c:09:f9:d5:ec:c6:e0:96:8f:98:de:
13:39:2c:ac:e8:64:98:fe:be:55:23:d1:bc:5f:25:
f0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D7:E4:0E:18:06:69:CE:BB:B5:3B:06:21:3A:85:8B:29:C3:8B:FE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HdfkDhgGac67tTsGITqFiynDi_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:67:32:3d:58:27:62:88:f3:1d:46:32:8e:8d:b0:1e:77:4c:
b4:15:08:8b:ea:f2:49:9c:67:51:70:ce:d9:af:bb:5c:4a:70:
c4:f7:e3:de:cd:5c:72:73:30:d4:92:b6:ee:b3:3e:62:0f:f4:
27:7f:74:ea:7d:12:f6:7e:23:e6:68:b6:b7:30:66:5e:42:27:
e3:cc:fc:d3:5b:16:19:5f:09:cb:b5:81:28:b0:a5:b5:28:66:
79:f3:71:b1:22:40:70:2c:49:a0:4e:14:e2:a1:6f:69:af:b3:
39:95:77:ec:83:8c:75:e5:42:e8:23:d3:7c:01:2b:4d:34:27:
bd:83:a9:d1:57:00:53:e8:43:ec:00:e4:3d:27:98:d6:15:a6:
15:ea:f0:a4:8d:b4:fb:64:3e:d8:ba:d6:9a:d6:06:fc:59:32:
08:cc:2f:a2:36:21:7c:76:a1:da:4f:39:de:35:22:69:da:13:
50:02:52:f5:eb:f1:8b:a0:5c:78:ea:19:ad:fc:a2:65:4d:a3:
65:05:38:62:63:95:18:be:70:ed:ce:ee:24:29:57:b4:67:1e:
c1:aa:4a:9d:e1:14:15:e3:4c:b1:09:06:6f:ec:29:32:10:7b:
5d:0e:92:c5:bb:30:de:b9:b3:7a:be:a8:be:44:b0:9b:90:dd:
86:41:f7:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI36Qbjtmo+ktwqwV68AVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ3ZTQwZTE4MDY2OWNlYmJiNTNiMDYyMTNhODU4YjI5YzM4YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx12M1mu6KHvntnQFN8QzHF4cynaJ
j/0HJOM/BrPNff8BHTvayNXS6+hbndDGdoixqfAt/thEpqkTZ1M7QEmVlPBUW2Me
+j8PjPf6G1/m6nKmNgB9Y74uHa9FlMiZUG7GFABuhRLc9yoEZMd8KeHSq2Q1rFZl
3qCZbbEUHvens1TyRluycJ4smtjqoSXcVrn1EHsKDvkeVcOhoX2FviVEGWVPbYqr
X6ubi6NirTrqOy8sjC4FIJiyjHG0mHQxcZ8vzJozikw+j4mhZuZ/0AzIJcEf7cl6
DHPZ4j0InkJO6kBVm2bvPAn51ezG4JaPmN4TOSys6GSY/r5VI9G8XyXwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3X5A4YBmnOu7U7BiE6hYspw4v+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSGRma0RoZ0dhYzY3dFRzR0lUcUZpeW5EaV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYT/MA0G
CSqGSIb3DQEBCwUAA4IBAQBuZzI9WCdiiPMdRjKOjbAed0y0FQiL6vJJnGdRcM7Z
r7tcSnDE9+PezVxyczDUkrbusz5iD/Qnf3TqfRL2fiPmaLa3MGZeQifjzPzTWxYZ
XwnLtYEosKW1KGZ583GxIkBwLEmgThTioW9pr7M5lXfsg4x15ULoI9N8AStNNCe9
g6nRVwBT6EPsAOQ9J5jWFaYV6vCkjbT7ZD7Yutaa1gb8WTIIzC+iNiF8dqHaTzne
NSJp2hNQAlL16/GLoFx46hmt/KJlTaNlBThiY5UYvnDtzu4kKVe0Zx7Bqkqd4RQV
40yxCQZv7CkyEHtdDpLFuzDeubN6vqi+RLCbkN2GQfcd
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:50 2025 by rpki-client