Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/e9yz-t_JDiqrUdSWiwDLuLQTrrI.roa
File: e9yz-t_JDiqrUdSWiwDLuLQTrrI.roa (raw, json)
Hash identifier: TqcPSp/6WuokbgbKxyAl+3HLOESGyM4ZCn3aI5cllzY=
Subject key identifier: 7B:DC:B3:FA:DF:C9:0E:2A:AB:51:D4:96:8B:00:CB:B8:B4:13:AE:B2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 018DCFA27C2567774471E5707FA39B66DC89
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/e9yz-t_JDiqrUdSWiwDLuLQTrrI.roa
Signing time: Thu 22 Feb 2024 07:05:48 +0000
ROA not before: Thu 22 Feb 2024 07:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208033
IP address blocks: 45.158.204.0/22 maxlen: 22
45.158.206.0/23 maxlen: 23
2a0c:dc80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Mar 2024 12:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:a2:7c:25:67:77:44:71:e5:70:7f:a3:9b:66:dc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Feb 22 07:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bdcb3fadfc90e2aab51d4968b00cbb8b413aeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b9:bd:38:02:80:5e:5c:31:13:cb:f4:b7:56:
0e:0e:6a:37:bd:e8:92:5b:63:61:bb:4d:32:a9:9f:
10:c5:34:42:03:c4:a1:94:41:ef:e1:d3:3d:23:07:
60:b5:ea:97:74:99:79:04:b1:16:c1:3b:a5:97:cf:
98:3f:d2:17:4e:38:cd:c9:5c:ef:a2:5f:30:3d:a7:
01:60:a3:b3:90:96:ef:73:ef:9d:f1:d4:de:a7:c4:
2f:bc:eb:96:2b:12:0c:2d:c7:49:c6:a0:3a:f8:ef:
dd:a9:cd:a4:62:8b:35:e8:aa:40:ff:6e:1e:00:78:
fa:d7:d2:46:c8:ed:1b:cd:17:d2:c7:2e:ad:fd:0b:
4d:ae:e0:18:80:cd:26:de:43:af:38:80:b7:fa:c9:
43:fc:a9:c9:8d:0f:8f:69:d7:80:57:e1:55:39:9b:
2a:04:bd:84:29:b2:81:a4:d8:85:e1:a5:e7:6a:49:
00:35:11:76:5b:7d:05:68:2b:be:fe:a7:a0:89:b5:
78:f8:bb:8a:cf:b4:f5:f9:99:c5:aa:cd:6e:61:a6:
d1:c4:5a:df:d9:97:32:bb:bb:60:5d:36:0d:51:7d:
59:e3:94:50:af:9d:e8:57:64:19:1f:38:a0:87:79:
1e:c5:ce:70:29:0f:6d:bc:5e:ad:4c:01:ff:46:db:
3f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:DC:B3:FA:DF:C9:0E:2A:AB:51:D4:96:8B:00:CB:B8:B4:13:AE:B2
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/e9yz-t_JDiqrUdSWiwDLuLQTrrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.204.0/22
IPv6:
2a0c:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
17:5b:6b:a2:71:36:17:7d:33:03:b3:8d:c5:bb:86:ab:4c:dc:
48:37:91:81:5f:ca:af:6f:c2:06:0f:b0:cd:8b:f2:cc:36:c9:
64:70:b7:b1:6b:1f:68:98:65:51:f1:ac:04:1d:dc:53:41:3f:
0c:d9:2d:cc:7b:dd:c1:0b:c3:f6:84:3d:3b:18:2a:a6:52:8a:
d9:76:8f:75:60:52:d1:de:77:b0:74:e8:ca:e0:54:51:37:f1:
3d:14:31:73:62:de:bc:cb:73:54:18:0e:2c:76:aa:6b:0d:e6:
3d:0f:61:b0:5c:27:24:16:76:d7:81:ce:83:cf:36:ea:1c:e7:
9c:3a:80:91:36:62:a3:5a:73:b5:14:28:17:b7:f0:1b:c9:d6:
c1:a2:da:02:32:96:7d:03:43:b7:ba:5b:3d:2f:35:cc:4d:19:
da:43:8f:cc:d5:e4:ad:eb:ef:dc:49:1d:6d:44:2e:cc:d1:90:
32:3e:5d:a8:a5:89:18:c3:e5:68:ea:a9:72:55:39:fa:6c:cf:
0b:8c:3d:dd:fe:33:68:97:58:9b:26:12:12:35:01:87:d2:a1:
24:db:98:cf:d7:07:71:cb:23:e9:0b:da:8d:70:c5:c7:96:f1:
24:77:af:c6:16:30:36:e2:4b:69:3d:73:9c:97:54:71:12:3c:
f1:98:ed:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3PonwlZ3dEceVwf6ObZtyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjQwMjIyMDcwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmRjYjNmYWRmYzkwZTJhYWI1MWQ0OTY4YjAwY2JiOGI0MTNhZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLm9OAKAXlwxE8v0t1YODmo3veiS
W2Nhu00yqZ8QxTRCA8ShlEHv4dM9IwdgteqXdJl5BLEWwTull8+YP9IXTjjNyVzv
ol8wPacBYKOzkJbvc++d8dTep8QvvOuWKxIMLcdJxqA6+O/dqc2kYos16KpA/24e
AHj619JGyO0bzRfSxy6t/QtNruAYgM0m3kOvOIC3+slD/KnJjQ+PadeAV+FVOZsq
BL2EKbKBpNiF4aXnakkANRF2W30FaCu+/qegibV4+LuKz7T1+ZnFqs1uYabRxFrf
2Zcyu7tgXTYNUX1Z45RQr53oV2QZHzigh3kexc5wKQ9tvF6tTAH/Rts/PQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHvcs/rfyQ4qq1HUlosAy7i0E66yMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvZTl5ei10X0pEaXFyVWRTV2l3REx1TFFUcnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ7MMA0E
AgACMAcDBQAqDNyAMA0GCSqGSIb3DQEBCwUAA4IBAQAXW2uicTYXfTMDs43Fu4ar
TNxIN5GBX8qvb8IGD7DNi/LMNslkcLexax9omGVR8awEHdxTQT8M2S3Me93BC8P2
hD07GCqmUorZdo91YFLR3newdOjK4FRRN/E9FDFzYt68y3NUGA4sdqprDeY9D2Gw
XCckFnbXgc6DzzbqHOecOoCRNmKjWnO1FCgXt/AbydbBotoCMpZ9A0O3uls9LzXM
TRnaQ4/M1eSt6+/cSR1tRC7M0ZAyPl2opYkYw+Vo6qlyVTn6bM8LjD3d/jNol1ib
JhISNQGH0qEk25jP1wdxyyPpC9qNcMXHlvEkd6/GFjA24ktpPXOcl1RxEjzxmO0d
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:14:23 2025 by rpki-client