Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/SGecU02M8gsbiC7rIIwg9iBVrIs.roa
File: SGecU02M8gsbiC7rIIwg9iBVrIs.roa (raw, json)
Hash identifier: RrWVEAFlJvIh6FWqPhJWnCLV7k0D9j5G7dDFR3pNGqA=
Subject key identifier: 48:67:9C:53:4D:8C:F2:0B:1B:88:2E:EB:20:8C:20:F6:20:55:AC:8B
Certificate issuer: /CN=78688182b8f253c5cf946294786b7901435fc8c3
Certificate serial: 01941FFA23BB9F8C11C3BAFF7CEADA6FF0C3
Authority key identifier: 78:68:81:82:B8:F2:53:C5:CF:94:62:94:78:6B:79:01:43:5F:C8:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eGiBgrjyU8XPlGKUeGt5AUNfyMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/SGecU02M8gsbiC7rIIwg9iBVrIs.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199904
IP address blocks: 45.141.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 10:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:23:bb:9f:8c:11:c3:ba:ff:7c:ea:da:6f:f0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78688182b8f253c5cf946294786b7901435fc8c3
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48679c534d8cf20b1b882eeb208c20f62055ac8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d8:9e:9e:fa:a9:12:2a:da:6e:b4:d0:f2:b3:
fa:05:d6:d2:dc:5b:96:d4:94:f5:01:f0:f7:e0:79:
af:ab:8d:f2:a1:f6:bc:a8:82:1a:77:92:f7:9b:70:
9b:e3:8e:42:0b:ca:e6:09:c2:68:78:e4:8c:cf:68:
29:28:d9:ea:52:84:1a:b8:4c:65:33:aa:67:4e:3d:
ef:9e:d8:33:b7:ae:3d:93:3a:30:1b:f9:58:b2:8e:
11:8f:7b:b5:4a:c2:d3:f3:59:a3:4d:08:8b:93:a3:
84:04:1d:a9:f2:e8:5d:09:ec:95:48:1e:4b:0c:4f:
66:d9:83:26:17:d6:13:b7:37:11:59:a5:d9:a3:5d:
7c:35:43:d0:5b:e6:5e:ae:bf:27:c6:9b:c8:9e:25:
a5:64:e1:43:14:9b:8b:9e:43:21:db:67:4e:55:3e:
96:db:40:7c:39:00:1f:6a:5d:34:92:64:74:06:fa:
35:72:4c:33:f3:bb:06:51:4a:2c:9c:47:fe:23:f0:
74:fd:73:a7:59:d1:65:59:5f:16:8e:5c:3b:b9:5d:
33:68:6d:f6:7d:6e:0c:2f:46:eb:ee:f1:34:b5:69:
09:55:80:f9:0e:23:63:e4:75:29:b3:37:54:c8:45:
c1:ac:45:d8:e4:36:85:7f:04:0a:26:98:ad:e7:d6:
d5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:67:9C:53:4D:8C:F2:0B:1B:88:2E:EB:20:8C:20:F6:20:55:AC:8B
X509v3 Authority Key Identifier:
keyid:78:68:81:82:B8:F2:53:C5:CF:94:62:94:78:6B:79:01:43:5F:C8:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eGiBgrjyU8XPlGKUeGt5AUNfyMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/SGecU02M8gsbiC7rIIwg9iBVrIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/eGiBgrjyU8XPlGKUeGt5AUNfyMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:05:35:d1:4c:e9:6c:8a:a7:25:e0:16:94:e8:46:d2:ca:70:
33:aa:88:c2:a2:7d:0d:22:d6:a1:9c:a7:d7:46:2a:5b:fa:be:
16:1a:41:91:a6:85:b3:bf:a1:9d:02:ed:c8:f4:d6:4f:7d:7f:
b3:75:d9:2b:29:50:ab:b6:38:e7:98:41:ec:60:85:4f:71:76:
d4:9a:54:06:f6:ba:5b:21:6b:2d:ef:41:bd:95:ba:c3:c8:fc:
2d:4a:b5:40:98:62:6a:b5:d6:07:59:f7:c0:b8:64:da:dc:ea:
0f:10:8c:a7:73:cf:d2:e4:f0:e4:6e:85:b1:5f:04:63:7a:55:
b6:59:6b:b1:df:31:71:38:f9:dc:9c:6a:49:03:2e:f3:03:43:
f0:dc:f7:a7:13:05:87:ff:05:6b:fc:3e:04:97:de:50:66:f3:
b0:87:7e:6c:48:0e:56:6a:36:d5:f3:39:d4:27:16:d8:af:f7:
e7:55:99:58:21:4f:be:04:5e:ca:a3:99:4c:1d:4c:2e:5f:bc:
a2:97:12:33:ff:52:a5:bb:50:bb:f9:99:a1:74:eb:b2:21:b2:
33:b9:b9:96:fc:d1:de:3d:8c:f8:d6:9a:3f:53:79:34:ce:11:
b7:63:41:35:43:2f:ec:8a:da:cc:0c:c1:36:21:ca:2b:36:ae:
68:90:b9:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iO7n4wRw7r/fOrab/DDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4Njg4MTgyYjhmMjUzYzVjZjk0NjI5NDc4NmI3OTAxNDM1
ZmM4YzMwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY3OWM1MzRkOGNmMjBiMWI4ODJlZWIyMDhjMjBmNjIwNTVhYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9ienvqpEirabrTQ8rP6BdbS3FuW
1JT1AfD34Hmvq43yofa8qIIad5L3m3Cb445CC8rmCcJoeOSMz2gpKNnqUoQauExl
M6pnTj3vntgzt649kzowG/lYso4Rj3u1SsLT81mjTQiLk6OEBB2p8uhdCeyVSB5L
DE9m2YMmF9YTtzcRWaXZo118NUPQW+Zerr8nxpvIniWlZOFDFJuLnkMh22dOVT6W
20B8OQAfal00kmR0Bvo1ckwz87sGUUosnEf+I/B0/XOnWdFlWV8Wjlw7uV0zaG32
fW4ML0br7vE0tWkJVYD5DiNj5HUpszdUyEXBrEXY5DaFfwQKJpit59bV9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhnnFNNjPILG4gu6yCMIPYgVayLMB8GA1UdIwQY
MBaAFHhogYK48lPFz5RilHhreQFDX8jDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUdpQmdyanlVOFhQbEdLVWVHdDVBVU5meU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yZGZkYjYtN2E0ZC00M2MzLTg3MGYt
Yzg2YzJmYzZjNjFiLzEvU0dlY1UwMk04Z3NiaUM3cklJd2c5aUJWcklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yZGZkYjYtN2E0ZC00M2MzLTg3MGYtYzg2YzJmYzZjNjFi
LzEvZUdpQmdyanlVOFhQbEdLVWVHdDVBVU5meU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY3AMA0G
CSqGSIb3DQEBCwUAA4IBAQB8BTXRTOlsiqcl4BaU6EbSynAzqojCon0NItahnKfX
Ripb+r4WGkGRpoWzv6GdAu3I9NZPfX+zddkrKVCrtjjnmEHsYIVPcXbUmlQG9rpb
IWst70G9lbrDyPwtSrVAmGJqtdYHWffAuGTa3OoPEIync8/S5PDkboWxXwRjelW2
WWux3zFxOPncnGpJAy7zA0Pw3PenEwWH/wVr/D4El95QZvOwh35sSA5WajbV8znU
JxbYr/fnVZlYIU++BF7Ko5lMHUwuX7yilxIz/1Klu1C7+ZmhdOuyIbIzubmW/NHe
PYz41po/U3k0zhG3Y0E1Qy/sitrMDME2IcorNq5okLmo
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:25:20 2025 by rpki-client