Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MtORRkj6KzBYdubYDseSTdp0h1I.roa
File: MtORRkj6KzBYdubYDseSTdp0h1I.roa (raw, json)
Hash identifier: BKam7PcrRKZE7SE6qK2CoqqGToCrXa4T9X6XMC+0n8I=
Subject key identifier: 32:D3:91:46:48:FA:2B:30:58:76:E6:D8:0E:C7:92:4D:DA:74:87:52
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018CC6B918CC1294560EEA829BD3CFF68236
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MtORRkj6KzBYdubYDseSTdp0h1I.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.156.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:18:cc:12:94:56:0e:ea:82:9b:d3:cf:f6:82:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32d3914648fa2b305876e6d80ec7924dda748752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:48:c1:6d:f7:8f:1a:e7:77:f2:f0:19:a0:
c7:3a:91:c5:7f:d8:5a:a6:8c:9a:70:23:21:5f:de:
7c:58:2c:54:87:e1:89:d8:e0:12:ba:cd:12:60:09:
01:9e:11:34:9c:c4:da:3d:a3:ed:9b:3e:7d:31:99:
ba:98:e4:45:8a:2e:43:99:b2:d1:d9:0b:9e:93:99:
92:9e:9b:52:05:26:f7:14:be:c7:34:c1:46:de:db:
dd:3a:72:99:bf:65:21:d7:fa:93:4f:5f:95:84:e0:
80:06:45:eb:25:86:75:32:77:37:3b:e8:e8:2c:a1:
fd:3b:e5:21:f8:db:d8:d1:1b:c1:ed:2c:5b:0d:2b:
5d:69:a6:a0:0b:8e:b5:d1:fc:72:f2:8e:bb:c7:a2:
44:99:fe:18:16:ba:6b:5c:1c:54:53:9f:df:14:24:
60:4a:d4:c8:b4:ce:e4:ba:75:9b:47:8d:57:f7:53:
ea:45:ac:22:14:81:32:21:03:25:3e:72:57:60:0c:
56:36:4c:2e:a5:e8:5a:c1:e6:1a:a8:35:d9:01:8b:
f1:ef:65:8b:13:c9:bd:9a:99:4a:57:ab:31:03:a1:
46:a8:41:37:21:01:97:a7:9e:b0:94:db:72:cc:a9:
70:ef:c8:e2:f6:ea:27:b6:e8:d8:04:19:27:b8:18:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D3:91:46:48:FA:2B:30:58:76:E6:D8:0E:C7:92:4D:DA:74:87:52
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MtORRkj6KzBYdubYDseSTdp0h1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.147.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:55:dd:1c:11:46:94:f2:1d:c6:3a:e6:66:92:fc:61:ac:4e:
da:a3:06:a5:23:16:1c:b7:26:5d:4f:66:8b:93:e1:52:50:19:
b3:bd:8d:18:9e:db:3c:08:74:9b:b2:1f:f0:8c:a2:6a:1c:7c:
81:29:6d:f7:a7:d6:6d:07:87:8a:55:d0:aa:47:71:19:02:dc:
b9:3d:55:32:d5:55:c3:58:4f:17:95:e1:61:ef:06:2d:6a:2a:
14:25:1e:5d:97:3d:53:5e:b2:6e:9a:8d:f5:4a:81:62:d6:45:
77:3f:d2:52:ed:ed:f1:65:ee:de:3a:a7:fb:51:ab:6f:8d:0f:
50:94:7d:cb:c6:51:96:53:1b:e3:cc:17:a8:7d:07:8b:33:bf:
3d:98:da:71:47:16:3e:c5:82:ce:cb:98:51:bc:11:e1:f4:30:
a1:22:1c:f5:32:2f:47:e0:63:bf:48:f4:a2:45:8e:0c:9f:31:
e8:bd:39:a5:e6:57:01:ae:f3:20:15:0f:cc:b5:04:0a:e6:b6:
bc:8c:d4:40:6e:78:bf:86:b9:cc:21:7f:b7:6b:07:81:fb:98:
e6:29:62:d5:ba:f9:90:80:70:d9:52:a1:6e:1f:cd:89:44:9e:
6e:ad:9c:9b:4d:a9:29:54:0e:42:e9:ec:e4:14:d5:ef:d6:a7:
58:0e:88:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuRjMEpRWDuqCm9PP9oI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQzOTE0NjQ4ZmEyYjMwNTg3NmU2ZDgwZWM3OTI0ZGRhNzQ4NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHpIwW33jxrnd/LwGaDHOpHFf9ha
poyacCMhX958WCxUh+GJ2OASus0SYAkBnhE0nMTaPaPtmz59MZm6mORFii5DmbLR
2Quek5mSnptSBSb3FL7HNMFG3tvdOnKZv2Uh1/qTT1+VhOCABkXrJYZ1Mnc3O+jo
LKH9O+Uh+NvY0RvB7SxbDStdaaagC4610fxy8o67x6JEmf4YFrprXBxUU5/fFCRg
StTItM7kunWbR41X91PqRawiFIEyIQMlPnJXYAxWNkwupehaweYaqDXZAYvx72WL
E8m9mplKV6sxA6FGqEE3IQGXp56wlNtyzKlw78ji9uontujYBBknuBjB7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLTkUZI+iswWHbm2A7Hkk3adIdSMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvTXRPUlJrajZLekJZZHViWURzZVNUZHAwaDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyTMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Vd0cEUaU8h3GOuZmkvxhrE7aowalIxYctyZdT2aL
k+FSUBmzvY0Ynts8CHSbsh/wjKJqHHyBKW33p9ZtB4eKVdCqR3EZAty5PVUy1VXD
WE8XleFh7wYtaioUJR5dlz1TXrJumo31SoFi1kV3P9JS7e3xZe7eOqf7UatvjQ9Q
lH3LxlGWUxvjzBeofQeLM789mNpxRxY+xYLOy5hRvBHh9DChIhz1Mi9H4GO/SPSi
RY4MnzHovTml5lcBrvMgFQ/MtQQK5ra8jNRAbni/hrnMIX+3aweB+5jmKWLVuvmQ
gHDZUqFuH82JRJ5urZybTakpVA5C6ezkFNXv1qdYDogA
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:24:07 2025 by rpki-client