Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wGF3mgsGLYCvdPhsJT0DTKKMIrY.roa
File: wGF3mgsGLYCvdPhsJT0DTKKMIrY.roa (raw, json)
Hash identifier: ZhW5sOIGARZMuRsTMccyjXQRhjGfDJoCKdRb5hSL4ao=
Subject key identifier: C0:61:77:9A:0B:06:2D:80:AF:74:F8:6C:25:3D:03:4C:A2:8C:22:B6
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0193B4BD909CD8F31E0EDEB6303BB605DEF4
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wGF3mgsGLYCvdPhsJT0DTKKMIrY.roa
Signing time: Wed 11 Dec 2024 08:02:22 +0000
ROA not before: Wed 11 Dec 2024 08:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 45.157.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b4:bd:90:9c:d8:f3:1e:0e:de:b6:30:3b:b6:05:de:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Dec 11 08:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c061779a0b062d80af74f86c253d034ca28c22b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1a:b0:f0:6d:46:82:71:f4:54:ab:f0:56:96:
6b:4c:6d:06:0a:da:6e:04:6d:23:55:fd:41:f0:a0:
55:61:99:ae:04:e2:b7:54:d8:e3:04:26:73:82:2e:
8f:c6:90:16:a4:2e:0c:1b:01:d8:74:11:ed:ee:21:
49:af:10:fb:3c:95:c2:c3:c3:76:24:f2:02:bd:9a:
bb:5f:c3:d4:32:32:4f:b5:30:4e:6d:44:a9:eb:9f:
57:41:a6:9e:d6:5a:eb:53:be:fa:61:98:0a:93:f9:
a3:ea:22:52:15:f1:e0:c4:2e:8e:90:72:67:03:38:
06:e6:e5:38:5b:01:56:99:ab:11:79:57:61:8f:7f:
03:5a:2e:b4:9e:74:fc:04:f9:77:c1:f7:a9:52:36:
7b:44:b9:25:ec:9a:32:66:4c:70:80:53:4c:a1:97:
f5:77:e0:69:71:74:c5:81:d7:4a:bd:6f:1d:56:b4:
61:3d:f2:39:e6:82:81:04:23:c5:6d:f1:84:7e:b6:
1a:62:25:26:68:c5:6c:58:3f:6b:47:7b:4e:12:30:
90:90:66:fb:85:b5:f5:cd:c7:5a:5e:95:01:04:e9:
fc:25:17:39:01:09:6f:58:fb:ba:98:c5:43:01:c8:
c5:e4:2f:c4:53:d0:2d:1f:dc:36:03:08:74:76:16:
b8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:61:77:9A:0B:06:2D:80:AF:74:F8:6C:25:3D:03:4C:A2:8C:22:B6
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wGF3mgsGLYCvdPhsJT0DTKKMIrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.158.0/23
Signature Algorithm: sha256WithRSAEncryption
19:19:dc:ac:2d:4a:4a:55:c1:df:08:79:d6:a9:32:a9:68:10:
a4:a9:bb:a9:60:ff:11:f5:8e:e8:a8:cb:b1:a5:5f:a1:14:d5:
b6:77:9d:57:bb:46:22:a8:14:d3:1c:1a:06:07:14:bc:aa:9f:
41:cc:31:d6:ce:e4:0d:a7:e4:15:0b:74:7f:2a:aa:3a:a7:2e:
cd:99:d7:30:0f:fc:d2:e9:dd:7a:2a:c8:e7:cf:01:03:fa:d1:
5a:8c:77:a9:aa:e1:03:44:bc:d6:e5:e9:1d:e9:29:3d:61:94:
6d:33:28:ec:be:45:96:98:1f:f0:4e:5b:ce:a1:30:22:43:bf:
bc:4e:c4:8e:64:45:15:7e:1e:ec:55:63:20:45:7d:20:0a:ba:
81:68:1f:10:63:6d:12:10:3c:8b:c5:c4:69:5a:4a:76:11:4a:
31:89:42:b6:4b:ce:9e:62:28:ad:64:39:2a:1d:1f:db:af:39:
8d:4d:0f:dc:67:48:8e:34:46:95:a7:4f:26:14:4d:3e:a0:ff:
f5:be:4b:0f:9d:6f:16:e7:4c:05:c1:b4:13:09:6d:b7:a3:5c:
58:03:63:b9:4b:94:bf:1d:e7:7c:3c:dd:b5:0d:a0:c7:12:a4:
e6:cf:8b:5b:4f:7f:63:cd:1e:ea:f2:ab:b1:80:5b:69:55:b0:
57:b7:df:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO0vZCc2PMeDt62MDu2Bd70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjQxMjExMDgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDYxNzc5YTBiMDYyZDgwYWY3NGY4NmMyNTNkMDM0Y2EyOGMyMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBqw8G1GgnH0VKvwVpZrTG0GCtpu
BG0jVf1B8KBVYZmuBOK3VNjjBCZzgi6PxpAWpC4MGwHYdBHt7iFJrxD7PJXCw8N2
JPICvZq7X8PUMjJPtTBObUSp659XQaae1lrrU776YZgKk/mj6iJSFfHgxC6OkHJn
AzgG5uU4WwFWmasReVdhj38DWi60nnT8BPl3wfepUjZ7RLkl7JoyZkxwgFNMoZf1
d+BpcXTFgddKvW8dVrRhPfI55oKBBCPFbfGEfrYaYiUmaMVsWD9rR3tOEjCQkGb7
hbX1zcdaXpUBBOn8JRc5AQlvWPu6mMVDAcjF5C/EU9AtH9w2Awh0dha4JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBhd5oLBi2Ar3T4bCU9A0yijCK2MB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvd0dGM21nc0dMWUN2ZFBoc0pUMERUS0tNSXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ2eMA0G
CSqGSIb3DQEBCwUAA4IBAQAZGdysLUpKVcHfCHnWqTKpaBCkqbupYP8R9Y7oqMux
pV+hFNW2d51Xu0YiqBTTHBoGBxS8qp9BzDHWzuQNp+QVC3R/Kqo6py7NmdcwD/zS
6d16KsjnzwED+tFajHepquEDRLzW5ekd6Sk9YZRtMyjsvkWWmB/wTlvOoTAiQ7+8
TsSOZEUVfh7sVWMgRX0gCrqBaB8QY20SEDyLxcRpWkp2EUoxiUK2S86eYiitZDkq
HR/brzmNTQ/cZ0iONEaVp08mFE0+oP/1vksPnW8W50wFwbQTCW23o1xYA2O5S5S/
Hed8PN21DaDHEqTmz4tbT39jzR7q8quxgFtpVbBXt98W
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:29:33 2025 by rpki-client