Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Hzv13n0Yaql9dZr0PQgGRVjkkfk.roa
File: Hzv13n0Yaql9dZr0PQgGRVjkkfk.roa (raw, json)
Hash identifier: JlmUldQ6D42HkrIU64iT2EGSeFzIpGoQa4bcEH48lHo=
Subject key identifier: 1F:3B:F5:DE:7D:18:6A:A9:7D:75:9A:F4:3D:08:06:45:58:E4:91:F9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220560AD43C2B85A44AD0DF937B59D8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Hzv13n0Yaql9dZr0PQgGRVjkkfk.roa
Signing time: Wed 01 Jan 2025 13:48:51 +0000
ROA not before: Wed 01 Jan 2025 13:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215151
IP address blocks: 45.131.132.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 10:25:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:56:0a:d4:3c:2b:85:a4:4a:d0:df:93:7b:59:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f3bf5de7d186aa97d759af43d08064558e491f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:41:01:e7:c9:d4:57:94:ba:b9:4e:60:e4:e4:
bc:40:8e:2e:d2:b0:96:e9:1d:88:df:ca:a5:0a:db:
a8:77:e2:12:ef:b1:dd:8e:fc:04:5b:16:d6:e9:42:
f3:2d:bb:1b:d5:bc:c8:35:d7:2e:40:89:2e:17:74:
6b:ed:7c:5d:98:f6:2e:a2:6e:81:3d:f9:e6:66:6b:
43:37:9e:2c:fa:3d:53:42:7f:27:8a:76:5b:0c:a0:
2f:d0:62:5d:99:84:f1:fb:6c:12:0a:6d:7c:b5:09:
a4:57:e3:0a:e4:3e:0c:f9:98:26:5a:ef:d3:98:a0:
fb:85:fa:e9:e3:80:de:9c:80:99:0f:17:bd:7c:9c:
84:ce:76:27:f2:d2:dc:51:09:22:a7:b5:6c:58:8b:
0a:39:fb:7a:22:79:6a:15:63:14:04:0a:b6:2b:65:
39:6d:01:70:e9:81:0a:8c:41:a0:26:57:63:c7:46:
54:ac:08:ba:81:13:d6:e0:7a:85:b0:83:a3:d6:05:
72:6c:47:0e:a9:bb:c7:5d:dc:8a:1d:d6:e8:d2:68:
cb:e3:ae:eb:38:c2:10:c3:a2:bd:28:49:c5:f7:76:
52:c3:55:46:5f:fe:9b:ab:9f:c4:22:dd:80:2a:c0:
df:f2:c0:e1:c5:02:55:1f:e8:71:7c:86:1f:df:a1:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:F5:DE:7D:18:6A:A9:7D:75:9A:F4:3D:08:06:45:58:E4:91:F9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Hzv13n0Yaql9dZr0PQgGRVjkkfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.132.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:f2:f2:ba:2d:bd:2b:4c:09:8c:d9:09:18:91:87:58:2c:44:
07:b1:cd:1c:39:7e:bc:d2:30:74:90:b6:7b:6d:ca:3c:d9:e2:
87:eb:5b:36:00:22:4c:49:a2:e7:56:31:07:64:e0:8d:61:50:
7a:f5:cd:28:25:6e:02:53:3d:9d:a5:bd:f1:2e:2b:2b:5f:b2:
63:09:28:69:11:70:39:13:63:9a:5b:dd:b5:e1:c3:e1:89:e9:
1e:67:9c:46:10:8f:40:e8:74:c9:49:e8:d0:4a:98:a0:00:50:
c2:44:d7:e2:19:6c:0f:bd:00:a0:b4:da:a1:bf:23:fc:8c:88:
6e:0f:d9:38:1c:ed:c2:b5:e8:a7:a2:86:0b:f6:9a:b3:38:e5:
6a:60:85:eb:d1:df:8b:9c:ec:b4:82:f7:50:4a:1d:c4:ef:12:
25:f8:a0:59:38:ac:54:e1:2f:4c:dd:20:29:b7:3f:86:98:de:
74:62:04:10:49:a0:72:d6:87:9e:51:ce:e9:b8:1d:7f:9c:07:
4a:54:4f:00:e8:02:d7:84:66:83:64:0d:50:01:9b:42:68:85:
70:c1:7f:5b:b4:08:0d:5f:5b:e3:09:cc:7f:61:5e:17:4c:9a:
91:65:bc:38:f3:43:eb:44:2e:7f:11:9a:8d:a4:43:51:fd:6b:
6d:e9:a3:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIFYK1DwrhaRK0N+Te1nYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNiZjVkZTdkMTg2YWE5N2Q3NTlhZjQzZDA4MDY0NTU4ZTQ5MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0EB58nUV5S6uU5g5OS8QI4u0rCW
6R2I38qlCtuod+IS77HdjvwEWxbW6ULzLbsb1bzINdcuQIkuF3Rr7XxdmPYuom6B
PfnmZmtDN54s+j1TQn8ninZbDKAv0GJdmYTx+2wSCm18tQmkV+MK5D4M+ZgmWu/T
mKD7hfrp44DenICZDxe9fJyEznYn8tLcUQkip7VsWIsKOft6InlqFWMUBAq2K2U5
bQFw6YEKjEGgJldjx0ZUrAi6gRPW4HqFsIOj1gVybEcOqbvHXdyKHdbo0mjL467r
OMIQw6K9KEnF93ZSw1VGX/6bq5/EIt2AKsDf8sDhxQJVH+hxfIYf36HIBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB879d59GGqpfXWa9D0IBkVY5JH5MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSHp2MTNuMFlhcWw5ZFpyMFBRZ0dSVmpra2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYOEMA0G
CSqGSIb3DQEBCwUAA4IBAQCd8vK6Lb0rTAmM2QkYkYdYLEQHsc0cOX680jB0kLZ7
bco82eKH61s2ACJMSaLnVjEHZOCNYVB69c0oJW4CUz2dpb3xLisrX7JjCShpEXA5
E2OaW9214cPhiekeZ5xGEI9A6HTJSejQSpigAFDCRNfiGWwPvQCgtNqhvyP8jIhu
D9k4HO3CteinooYL9pqzOOVqYIXr0d+LnOy0gvdQSh3E7xIl+KBZOKxU4S9M3SAp
tz+GmN50YgQQSaBy1oeeUc7puB1/nAdKVE8A6ALXhGaDZA1QAZtCaIVwwX9btAgN
X1vjCcx/YV4XTJqRZbw480PrRC5/EZqNpENR/Wtt6aOi
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:34:39 2025 by rpki-client