Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vkCuASlPIQYhvvG-J4vmgBfe0L8.roa
File: vkCuASlPIQYhvvG-J4vmgBfe0L8.roa (raw, json)
Hash identifier: W2iLF7ZYNIgPwTocWi9/YyA2QpCLfC5wq7OKWmjbYqY=
Subject key identifier: BE:40:AE:01:29:4F:21:06:21:BE:F1:BE:27:8B:E6:80:17:DE:D0:BF
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64ADFEF9689B7F1481BC3B903CEAE19
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vkCuASlPIQYhvvG-J4vmgBfe0L8.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58329
IP address blocks: 45.155.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:df:ef:96:89:b7:f1:48:1b:c3:b9:03:ce:ae:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be40ae01294f210621bef1be278be68017ded0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:eb:d2:01:fc:ec:12:2e:40:a4:a4:50:f7:2f:
da:16:59:50:c7:0b:84:30:51:e9:e6:9b:71:a7:34:
18:12:2c:40:38:af:ba:c4:a7:2f:f5:8b:7d:cb:d5:
5d:a5:3a:b4:fa:88:de:a6:ce:9f:e1:2a:a1:b1:60:
58:d4:c8:e7:02:4b:fc:ff:a9:41:07:7c:3c:24:e4:
b3:22:ed:40:ed:4d:ac:69:2d:50:e3:7e:13:a4:73:
96:84:ab:99:0c:85:a5:e4:2e:a9:97:b8:51:39:59:
5f:f6:a0:d5:88:7c:93:3d:08:2b:84:e1:dc:9e:a9:
9f:ee:96:a9:a6:f1:45:00:f2:32:a9:3f:9d:2a:84:
36:13:bd:2a:78:9e:5c:44:0d:0f:5c:c7:fb:a2:bf:
fb:7d:41:27:71:ac:7d:cb:5d:1a:1f:cb:20:f9:b2:
f3:a0:22:1c:87:dd:7c:c5:91:73:35:53:a5:be:46:
e1:78:7e:fb:3b:f1:a7:28:e5:7c:ce:34:dc:eb:52:
ef:b1:2e:99:0f:8e:fb:4f:60:b5:70:ef:c2:37:5a:
2e:98:e4:be:ed:c8:b8:87:32:43:12:ba:c1:5f:58:
29:b1:56:5d:e2:97:2b:fa:0b:a8:32:86:b9:1e:7c:
b1:a6:9d:a8:05:1b:4b:a7:f0:f7:dc:05:87:33:a4:
36:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:40:AE:01:29:4F:21:06:21:BE:F1:BE:27:8B:E6:80:17:DE:D0:BF
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vkCuASlPIQYhvvG-J4vmgBfe0L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.249.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a4:54:c4:51:9e:84:f9:5d:97:12:f7:a1:09:39:53:3b:f4:
e8:c9:c9:fa:d6:38:59:c8:36:84:cb:85:fa:20:8e:fe:a8:13:
ae:90:e3:da:63:f7:ed:87:f6:1d:7b:7d:31:bf:73:f6:2b:53:
2e:77:d3:24:ce:ad:c1:af:d5:77:a8:84:f9:1c:9b:31:b1:41:
58:ce:27:22:b7:3a:ca:42:59:34:9b:cd:be:d9:30:f1:c8:96:
12:9a:00:34:d9:bd:88:b3:b3:9b:39:a1:f2:58:fe:4d:f0:80:
29:c2:17:37:2c:cd:45:3e:31:ad:e4:3c:7e:af:6e:4d:f5:eb:
66:48:2b:48:c1:ae:6c:92:b6:09:ff:da:b9:00:61:d4:b4:ac:
ca:e7:21:94:eb:ef:4a:cc:fb:d9:8d:86:ff:39:fb:3b:70:96:
29:69:32:74:73:fc:5a:a4:83:09:19:ae:7f:54:f3:a8:33:3e:
e4:a8:bc:4d:0e:10:76:81:97:c7:1b:8c:14:28:f4:6d:8d:f9:
d5:82:87:35:ff:d3:04:38:4c:45:2a:ac:27:bc:3c:33:44:a7:
88:30:74:86:61:76:32:ea:73:a1:58:2e:d3:c7:c8:8d:8d:6d:
2a:00:cb:ff:92:94:d0:09:55:17:f1:4e:df:58:d4:ea:b0:9f:
4f:7b:71:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSt/vlom38Ugbw7kDzq4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQwYWUwMTI5NGYyMTA2MjFiZWYxYmUyNzhiZTY4MDE3ZGVkMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+vSAfzsEi5ApKRQ9y/aFllQxwuE
MFHp5ptxpzQYEixAOK+6xKcv9Yt9y9VdpTq0+ojeps6f4SqhsWBY1MjnAkv8/6lB
B3w8JOSzIu1A7U2saS1Q434TpHOWhKuZDIWl5C6pl7hROVlf9qDViHyTPQgrhOHc
nqmf7pappvFFAPIyqT+dKoQ2E70qeJ5cRA0PXMf7or/7fUEncax9y10aH8sg+bLz
oCIch918xZFzNVOlvkbheH77O/GnKOV8zjTc61LvsS6ZD477T2C1cO/CN1oumOS+
7ci4hzJDErrBX1gpsVZd4pcr+guoMoa5Hnyxpp2oBRtLp/D33AWHM6Q2VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5ArgEpTyEGIb7xvieL5oAX3tC/MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvdmtDdUFTbFBJUVlodnZHLUo0dm1nQmZlMEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZv5MA0G
CSqGSIb3DQEBCwUAA4IBAQBYpFTEUZ6E+V2XEvehCTlTO/Toycn61jhZyDaEy4X6
II7+qBOukOPaY/fth/Yde30xv3P2K1Mud9Mkzq3Br9V3qIT5HJsxsUFYzicitzrK
Qlk0m82+2TDxyJYSmgA02b2Is7ObOaHyWP5N8IApwhc3LM1FPjGt5Dx+r25N9etm
SCtIwa5skrYJ/9q5AGHUtKzK5yGU6+9KzPvZjYb/Ofs7cJYpaTJ0c/xapIMJGa5/
VPOoMz7kqLxNDhB2gZfHG4wUKPRtjfnVgoc1/9MEOExFKqwnvDwzRKeIMHSGYXYy
6nOhWC7Tx8iNjW0qAMv/kpTQCVUX8U7fWNTqsJ9Pe3G7
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:40 2025 by rpki-client