Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7xbCWE_r2hZAKzbYwJeMg2K5s18.roa
File: 7xbCWE_r2hZAKzbYwJeMg2K5s18.roa (raw, json)
Hash identifier: K1a0UlCBqzg9R1Oo34QxOjHFkSqir2/lP/HFNYcT7X8=
Subject key identifier: EF:16:C2:58:4F:EB:DA:16:40:2B:36:D8:C0:97:8C:83:62:B9:B3:5F
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019422FBEB86F45F66A99C7600C3E402B58F
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7xbCWE_r2hZAKzbYwJeMg2K5s18.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215324
IP address blocks: 45.149.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 08:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:eb:86:f4:5f:66:a9:9c:76:00:c3:e4:02:b5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef16c2584febda16402b36d8c0978c8362b9b35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6f:68:66:d9:f7:b5:c9:ba:98:e0:2d:99:17:
fd:1f:ed:4d:d6:a8:8f:63:f9:b7:6e:aa:00:03:02:
58:1d:15:35:f2:69:e2:d2:e9:ee:7a:f6:7e:ac:a8:
af:9a:ee:e7:ac:c7:29:c3:91:d6:35:a0:f5:d6:ba:
89:c8:32:d5:8f:75:b6:f1:a8:56:15:f7:fa:75:f3:
0b:16:e2:c9:51:0f:e3:bc:9c:ad:4a:02:a0:08:af:
fa:d1:5c:16:46:d0:ee:5e:4b:58:57:86:35:b9:c3:
95:ad:c9:36:8d:7e:d6:6e:57:f7:35:06:dd:c7:90:
e5:7b:a2:d0:32:f0:5e:0a:23:f0:fa:51:4f:50:02:
a5:26:82:7b:9d:47:97:55:f7:83:af:0e:06:db:37:
41:df:20:70:51:85:04:f0:7c:7e:1c:47:76:74:04:
06:5f:08:6a:ae:fa:b7:4d:aa:a7:20:ab:2a:e4:65:
a1:af:b4:3f:8c:b3:b5:5c:05:3a:07:41:0a:c5:d8:
86:25:f5:89:e5:9b:7b:67:69:8e:69:2d:8d:ae:37:
fc:c5:79:cc:5b:97:78:4a:45:96:28:a7:c8:10:db:
57:b5:a1:1e:61:1c:16:47:ea:67:3e:12:af:03:f9:
8e:64:c1:95:ae:18:8f:be:0b:da:f8:ea:91:1d:3c:
c8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:16:C2:58:4F:EB:DA:16:40:2B:36:D8:C0:97:8C:83:62:B9:B3:5F
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7xbCWE_r2hZAKzbYwJeMg2K5s18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.4.0/24
Signature Algorithm: sha256WithRSAEncryption
02:89:02:5c:ed:89:8e:4c:d2:fb:d5:d4:a9:97:66:a4:a1:fa:
cf:88:eb:4b:02:65:96:56:67:55:b7:d3:bc:88:7c:7c:d6:b7:
ba:c8:58:ba:f2:a0:5d:4d:f6:48:09:1c:5d:54:c2:34:60:ef:
76:6d:c0:70:ce:71:dd:e7:5f:9a:68:cf:f2:92:80:1c:4a:bf:
23:36:e8:c9:02:6e:2b:94:fe:3f:a0:0f:7d:5e:b8:a5:c9:05:
c0:f7:5e:6a:e8:7a:ba:03:24:6c:d6:63:a6:fc:53:bb:33:17:
d4:8a:b8:d8:f5:c6:d3:8c:88:de:81:ef:85:29:8c:20:35:8d:
97:91:1c:40:80:d3:77:76:d6:cf:84:e3:f7:b2:b1:6e:90:60:
94:24:bb:00:ec:38:0d:d0:4a:8d:e9:a7:12:a5:54:88:87:5e:
e0:32:ec:e8:8c:32:5e:37:11:ce:2d:1b:ed:bf:7d:81:72:29:
bd:4c:4f:b8:ba:b8:b9:3c:ac:1b:0e:d7:da:82:d7:65:69:3f:
7b:b0:15:d5:1c:f9:1f:2d:94:c1:48:fa:d7:50:ed:b2:76:7c:
a2:c1:37:0e:e8:ef:bf:ed:47:3c:fd:03:dd:75:5c:03:af:ae:
a3:3f:26:b3:10:31:ca:cf:30:62:11:50:4f:27:cd:e6:f4:92:
89:27:42:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++uG9F9mqZx2AMPkArWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjE2YzI1ODRmZWJkYTE2NDAyYjM2ZDhjMDk3OGM4MzYyYjliMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW9oZtn3tcm6mOAtmRf9H+1N1qiP
Y/m3bqoAAwJYHRU18mni0unuevZ+rKivmu7nrMcpw5HWNaD11rqJyDLVj3W28ahW
Fff6dfMLFuLJUQ/jvJytSgKgCK/60VwWRtDuXktYV4Y1ucOVrck2jX7Wblf3NQbd
x5Dle6LQMvBeCiPw+lFPUAKlJoJ7nUeXVfeDrw4G2zdB3yBwUYUE8Hx+HEd2dAQG
Xwhqrvq3TaqnIKsq5GWhr7Q/jLO1XAU6B0EKxdiGJfWJ5Zt7Z2mOaS2Nrjf8xXnM
W5d4SkWWKKfIENtXtaEeYRwWR+pnPhKvA/mOZMGVrhiPvgva+OqRHTzIRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8WwlhP69oWQCs22MCXjINiubNfMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvN3hiQ1dFX3IyaFpBS3piWXdKZU1nMks1czE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUEMA0G
CSqGSIb3DQEBCwUAA4IBAQACiQJc7YmOTNL71dSpl2akofrPiOtLAmWWVmdVt9O8
iHx81re6yFi68qBdTfZICRxdVMI0YO92bcBwznHd51+aaM/ykoAcSr8jNujJAm4r
lP4/oA99XrilyQXA915q6Hq6AyRs1mOm/FO7MxfUirjY9cbTjIjege+FKYwgNY2X
kRxAgNN3dtbPhOP3srFukGCUJLsA7DgN0EqN6acSpVSIh17gMuzojDJeNxHOLRvt
v32Bcim9TE+4uri5PKwbDtfagtdlaT97sBXVHPkfLZTBSPrXUO2ydnyiwTcO6O+/
7Uc8/QPddVwDr66jPyazEDHKzzBiEVBPJ83m9JKJJ0J0
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:09 2025 by rpki-client