Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/g2CIbSKROLRoNq8oodVj83iO-zs.roa
File: g2CIbSKROLRoNq8oodVj83iO-zs.roa (raw, json)
Hash identifier: nYnKLzWmnGWJTmYPF4oGIT4FLM4SV6zdCf/IC9qfPK4=
Subject key identifier: 83:60:88:6D:22:91:38:B4:68:36:AF:28:A1:D5:63:F3:78:8E:FB:3B
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 019423D7A3B159463A55450D9B0BB4B51876
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/g2CIbSKROLRoNq8oodVj83iO-zs.roa
Signing time: Wed 01 Jan 2025 21:48:42 +0000
ROA not before: Wed 01 Jan 2025 21:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.156.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 12:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a3:b1:59:46:3a:55:45:0d:9b:0b:b4:b5:18:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 21:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8360886d229138b46836af28a1d563f3788efb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:36:36:47:3d:29:82:74:b6:26:09:83:5c:42:
0a:41:af:05:43:b3:4b:51:ef:38:53:6c:40:c2:4e:
13:ff:ee:32:af:16:04:76:f5:fe:a1:37:62:d5:fb:
9f:8f:90:71:87:33:92:b1:03:8d:0f:39:ba:ae:f8:
df:c0:5d:db:df:92:4a:f2:ba:26:67:f3:12:7b:90:
6b:37:c6:f9:ed:ab:82:e0:2e:eb:7e:d7:8e:5f:0b:
a3:aa:76:e0:97:1f:f9:de:65:40:04:b3:5c:f6:9b:
e0:0f:9b:23:42:55:04:78:df:89:2a:5a:09:20:ec:
96:67:b7:32:36:49:e5:c2:8a:91:14:4f:71:6f:f2:
e0:63:ca:e3:73:fe:fa:ca:0c:fe:c7:60:57:5e:cb:
4f:c9:a0:21:d6:40:6a:28:3f:b3:80:e3:11:e0:29:
23:5f:cf:05:ff:f8:5d:55:88:b6:d4:72:c4:43:db:
0e:bd:d4:ac:37:19:57:dd:df:e3:bd:86:60:f5:9d:
e8:6f:4d:92:39:42:09:d6:02:14:8f:9e:ab:2f:be:
04:ce:1a:e2:a7:59:b2:0b:aa:8e:77:b4:46:37:d7:
06:85:57:3b:b7:27:4f:8b:e9:6f:f1:a6:c8:d0:c2:
fc:89:fb:ab:2d:74:9f:c7:85:a7:f2:ff:1d:d2:98:
2c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:60:88:6D:22:91:38:B4:68:36:AF:28:A1:D5:63:F3:78:8E:FB:3B
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/g2CIbSKROLRoNq8oodVj83iO-zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.147.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:99:6d:15:8e:8d:36:4a:b3:ff:b3:7c:6c:7e:bd:91:da:b3:
64:19:0f:7c:40:5e:1d:57:c5:af:a2:1c:c2:5a:93:65:c6:1b:
a6:8e:f8:be:52:10:01:35:6d:af:c1:3c:01:9e:0c:82:7f:6c:
30:22:68:c2:aa:50:c0:a4:5e:b7:b6:c6:dc:98:45:2c:84:b5:
f1:ec:3c:a3:e5:54:51:25:1a:e3:b0:ec:65:0d:02:af:43:8e:
5d:94:c8:f5:bd:33:c2:0a:e3:06:e8:0e:84:bb:41:2f:bf:be:
8e:c0:30:f3:9f:e5:7b:7f:85:00:12:8e:91:c2:3a:2f:58:6e:
1e:c1:0f:26:55:58:65:7b:b9:94:d5:2b:60:fd:dd:c5:82:c3:
c3:b1:9f:9c:5d:e7:33:df:5e:23:dc:a9:f8:45:ea:28:f2:9b:
92:b0:fc:65:ed:5c:6b:46:fb:e1:25:5c:41:3e:24:92:a7:ae:
94:20:80:6d:01:84:5a:ff:e4:41:5c:93:73:f0:0c:07:22:3b:
0d:e2:7d:29:52:50:33:4a:22:b2:48:0c:f1:09:81:ec:3e:4e:
06:7b:cb:7d:28:f9:99:ab:8e:49:58:ca:24:9a:fc:ef:07:22:
2a:09:17:21:48:b6:d1:64:6b:9c:94:53:d4:1e:2d:92:e6:38:
f3:68:e6:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj16OxWUY6VUUNmwu0tRh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjUwMTAxMjE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzYwODg2ZDIyOTEzOGI0NjgzNmFmMjhhMWQ1NjNmMzc4OGVmYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zY2Rz0pgnS2JgmDXEIKQa8FQ7NL
Ue84U2xAwk4T/+4yrxYEdvX+oTdi1fufj5BxhzOSsQONDzm6rvjfwF3b35JK8rom
Z/MSe5BrN8b57auC4C7rfteOXwujqnbglx/53mVABLNc9pvgD5sjQlUEeN+JKloJ
IOyWZ7cyNknlwoqRFE9xb/LgY8rjc/76ygz+x2BXXstPyaAh1kBqKD+zgOMR4Ckj
X88F//hdVYi21HLEQ9sOvdSsNxlX3d/jvYZg9Z3ob02SOUIJ1gIUj56rL74Ezhri
p1myC6qOd7RGN9cGhVc7tydPi+lv8abI0ML8ifurLXSfx4Wn8v8d0pgs+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINgiG0ikTi0aDavKKHVY/N4jvs7MB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvZzJDSWJTS1JPTFJvTnE4b29kVmo4M2lPLXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyTMA0G
CSqGSIb3DQEBCwUAA4IBAQCwmW0Vjo02SrP/s3xsfr2R2rNkGQ98QF4dV8WvohzC
WpNlxhumjvi+UhABNW2vwTwBngyCf2wwImjCqlDApF63tsbcmEUshLXx7Dyj5VRR
JRrjsOxlDQKvQ45dlMj1vTPCCuMG6A6Eu0Evv76OwDDzn+V7f4UAEo6RwjovWG4e
wQ8mVVhle7mU1Stg/d3FgsPDsZ+cXecz314j3Kn4Reoo8puSsPxl7VxrRvvhJVxB
PiSSp66UIIBtAYRa/+RBXJNz8AwHIjsN4n0pUlAzSiKySAzxCYHsPk4Ge8t9KPmZ
q45JWMokmvzvByIqCRchSLbRZGuclFPUHi2S5jjzaObW
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:09:49 2025 by rpki-client