Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQ2_ahD0lT8VzvPYuJXGRcEppfs.roa
File: iQ2_ahD0lT8VzvPYuJXGRcEppfs.roa (raw, json)
Hash identifier: 4yWfZyozwkLyfab5W7MUuTYS4qVgQfL0gLpGS4mcH/c=
Subject key identifier: 89:0D:BF:6A:10:F4:95:3F:15:CE:F3:D8:B8:95:C6:45:C1:29:A5:FB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220151D2C66FDCAA3C55FFBA9D43D5B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQ2_ahD0lT8VzvPYuJXGRcEppfs.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 45.147.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:15:1d:2c:66:fd:ca:a3:c5:5f:fb:a9:d4:3d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=890dbf6a10f4953f15cef3d8b895c645c129a5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5c:6c:6f:38:57:95:55:a9:f0:0e:82:26:e3:
4c:85:9e:7f:15:d0:4f:a4:fc:ee:b5:1f:4e:14:3c:
22:47:94:22:1d:6d:a8:b8:14:2f:f0:7b:ef:ef:01:
3c:ee:d8:ca:7d:c9:8e:2a:90:aa:8b:33:65:7f:57:
f4:69:55:15:86:f3:fd:bf:28:2f:85:e8:7b:50:6d:
8e:6c:c2:62:e6:54:f2:a3:29:35:75:fc:1d:1d:78:
2c:56:21:e6:a6:fd:f3:c2:d0:a6:b4:78:c3:0a:f1:
ea:bd:8f:37:74:4c:27:f9:cb:e8:57:02:04:c9:e8:
07:5e:5f:e7:e1:21:27:be:88:21:23:9f:05:e4:89:
01:7f:79:30:b6:4f:c6:94:57:f5:a3:3d:f9:45:12:
9b:4d:33:04:73:67:b2:87:bf:88:d8:c7:d9:8c:10:
60:3f:69:ca:b0:7c:cb:ef:7b:e9:3c:32:c1:ee:fd:
c3:33:e3:db:d9:88:e7:19:1a:b8:38:b1:0e:6e:96:
ad:5b:ea:1b:72:1d:d1:dd:5c:96:e3:9e:bf:22:39:
aa:44:ba:20:fb:60:f0:e9:7f:c6:32:18:eb:5d:ed:
83:78:37:a2:d6:f5:30:c9:78:2e:3b:14:b4:a9:65:
99:24:74:36:e8:18:21:ae:ae:7b:73:14:57:31:76:
ee:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:BF:6A:10:F4:95:3F:15:CE:F3:D8:B8:95:C6:45:C1:29:A5:FB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQ2_ahD0lT8VzvPYuJXGRcEppfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.227.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a3:4a:ae:9b:c2:1f:ea:a2:a6:3d:e6:35:e8:6c:97:ea:06:
2c:84:06:78:20:d8:8b:12:d6:cd:34:1a:7d:96:73:73:0c:f4:
ec:fb:3d:12:35:30:ab:58:c5:1c:53:3e:ae:fc:b3:ff:f3:a8:
ad:19:54:f4:84:59:fe:16:c9:ca:4c:3a:bf:d3:ff:dd:2d:eb:
8f:0d:25:9c:66:78:57:de:f0:a6:33:3c:0a:e9:f5:8c:02:6e:
5d:34:b8:6e:c6:1c:5e:5a:27:72:f2:35:6a:b2:94:14:39:83:
a3:ea:cd:4a:69:14:d8:3d:16:06:e4:75:69:2c:71:25:2c:27:
04:f7:c9:8c:89:f3:af:a2:99:49:10:24:8a:e1:b4:a7:5f:8c:
13:7e:46:fa:71:03:0f:27:d3:90:dd:92:e9:c5:8c:ab:70:79:
70:ce:d8:8c:ac:35:68:af:b3:aa:47:5e:eb:36:a7:13:2a:ac:
d0:3a:a5:ba:95:ca:91:82:e5:8f:42:4f:2e:37:8d:c4:66:cf:
e7:18:59:5c:31:c4:34:de:ca:fa:bc:98:07:eb:fb:89:ca:ba:
be:44:3d:01:47:ae:e7:8c:53:23:98:62:8c:59:79:ce:81:8b:
ae:1c:20:f0:36:11:30:8f:34:be:b0:34:f0:2a:2d:1c:d5:0c:
4a:11:b2:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBUdLGb9yqPFX/up1D1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBkYmY2YTEwZjQ5NTNmMTVjZWYzZDhiODk1YzY0NWMxMjlhNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVxsbzhXlVWp8A6CJuNMhZ5/FdBP
pPzutR9OFDwiR5QiHW2ouBQv8Hvv7wE87tjKfcmOKpCqizNlf1f0aVUVhvP9vygv
heh7UG2ObMJi5lTyoyk1dfwdHXgsViHmpv3zwtCmtHjDCvHqvY83dEwn+cvoVwIE
yegHXl/n4SEnvoghI58F5IkBf3kwtk/GlFf1oz35RRKbTTMEc2eyh7+I2MfZjBBg
P2nKsHzL73vpPDLB7v3DM+Pb2YjnGRq4OLEObpatW+obch3R3VyW456/IjmqRLog
+2Dw6X/GMhjrXe2DeDei1vUwyXguOxS0qWWZJHQ26Bghrq57cxRXMXbuxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkNv2oQ9JU/Fc7z2LiVxkXBKaX7MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVEyX2FoRDBsVDhWenZQWXVKWEdSY0VwcGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZPjMA0G
CSqGSIb3DQEBCwUAA4IBAQCso0qum8If6qKmPeY16GyX6gYshAZ4INiLEtbNNBp9
lnNzDPTs+z0SNTCrWMUcUz6u/LP/86itGVT0hFn+FsnKTDq/0//dLeuPDSWcZnhX
3vCmMzwK6fWMAm5dNLhuxhxeWidy8jVqspQUOYOj6s1KaRTYPRYG5HVpLHElLCcE
98mMifOvoplJECSK4bSnX4wTfkb6cQMPJ9OQ3ZLpxYyrcHlwztiMrDVor7OqR17r
NqcTKqzQOqW6lcqRguWPQk8uN43EZs/nGFlcMcQ03sr6vJgH6/uJyrq+RD0BR67n
jFMjmGKMWXnOgYuuHCDwNhEwjzS+sDTwKi0c1QxKEbIC
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:26 2025 by rpki-client