Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/oLM-KVTmtqr49x97BDujxuksMmw.roa
File: oLM-KVTmtqr49x97BDujxuksMmw.roa (raw, json)
Hash identifier: 6Nd5hDaTrJRTuxetaEhPDLzUMFG+D23dQNzuRVxPGUk=
Subject key identifier: A0:B3:3E:29:54:E6:B6:AA:F8:F7:1F:7B:04:3B:A3:C6:E9:2C:32:6C
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 0191A87199A38C3142548392813AB3992AED
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/oLM-KVTmtqr49x97BDujxuksMmw.roa
Signing time: Sat 31 Aug 2024 12:38:22 +0000
ROA not before: Sat 31 Aug 2024 12:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46105
IP address blocks: 45.85.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a8:71:99:a3:8c:31:42:54:83:92:81:3a:b3:99:2a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Aug 31 12:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0b33e2954e6b6aaf8f71f7b043ba3c6e92c326c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:62:03:07:df:cc:17:19:d4:44:32:35:66:29:
3d:3f:1d:3a:89:cb:00:8f:de:30:4e:53:e2:e9:dd:
b8:d7:71:ff:16:ab:f6:76:91:db:68:d2:ee:b3:d7:
ee:b1:36:4f:96:d9:63:79:67:50:34:bb:3f:f1:07:
1b:62:49:cf:97:bc:21:84:f0:28:fe:ff:d3:6e:72:
3e:b2:40:3a:37:16:6a:12:9c:ed:9c:42:37:fb:a5:
35:d4:d7:81:73:19:90:a0:b0:56:cc:d3:85:ee:77:
54:f9:60:97:dc:ea:d6:43:2d:ee:0a:cd:26:30:a0:
49:67:15:1d:a4:19:a9:19:75:7b:8f:44:90:94:6d:
f6:a2:33:03:d1:7b:0d:b9:cc:c3:e9:4c:d1:68:c2:
07:47:9e:65:76:fb:fc:c6:25:ec:0b:e0:9b:a6:f2:
d7:fc:c0:b4:8c:f1:a4:ed:03:c1:13:ed:c5:58:74:
a9:3a:9b:44:50:28:17:02:1c:bc:ab:3d:78:52:6e:
56:19:47:47:f5:c6:c1:ac:76:47:06:26:ca:07:6f:
f4:41:7d:a0:e8:55:1e:b8:b2:c6:e3:19:dd:d7:63:
84:0e:7c:59:7f:b6:1e:7c:7d:ff:70:34:dc:3b:3a:
f6:47:94:db:25:06:31:e8:91:e0:55:26:aa:c4:f9:
86:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B3:3E:29:54:E6:B6:AA:F8:F7:1F:7B:04:3B:A3:C6:E9:2C:32:6C
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/oLM-KVTmtqr49x97BDujxuksMmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.15.0/24
Signature Algorithm: sha256WithRSAEncryption
29:31:09:4c:3f:b5:c6:97:76:d1:5f:96:bd:7b:80:52:e5:96:
b4:f4:c4:da:17:7e:0f:8f:f0:52:0d:7a:fc:e7:7d:eb:32:a7:
e8:4d:2e:03:3a:91:a1:ad:5e:22:c9:37:3c:a0:13:63:0f:3a:
c1:90:4d:76:33:70:17:46:7d:a0:77:0a:59:c9:13:ce:6d:66:
87:fc:4e:83:12:4b:94:a2:18:fe:94:d3:1f:81:bd:6a:18:71:
6d:84:dc:c6:ee:2f:ab:24:be:2d:45:d6:ab:8f:96:3f:af:bd:
7f:9d:be:a5:46:dc:85:fd:75:5f:3b:5a:79:43:33:bc:24:2d:
e3:e6:c5:f4:e0:3a:d3:c6:9f:39:f0:52:ad:06:75:32:d6:de:
b9:10:00:bb:02:62:22:b1:0c:72:a7:b1:70:12:77:80:38:23:
56:10:dc:aa:c6:a6:08:21:7c:11:11:86:32:02:a2:d3:8f:e0:
f9:75:67:86:fb:bd:a7:9e:36:13:91:f4:e0:aa:54:d9:fa:f6:
41:20:7a:ae:0d:d9:3b:ec:19:58:36:5a:fb:44:83:c9:c7:e5:
de:3a:ee:ae:36:f7:ae:c1:d6:41:e5:3f:03:ad:e4:5b:09:34:
03:d6:24:c9:1f:cf:26:03:83:eb:ce:af:ed:63:10:a8:f5:72:
d3:5a:61:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGocZmjjDFCVIOSgTqzmSrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjQwODMxMTIzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIzM2UyOTU0ZTZiNmFhZjhmNzFmN2IwNDNiYTNjNmU5MmMzMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mIDB9/MFxnURDI1Zik9Px06icsA
j94wTlPi6d2413H/Fqv2dpHbaNLus9fusTZPltljeWdQNLs/8QcbYknPl7whhPAo
/v/TbnI+skA6NxZqEpztnEI3+6U11NeBcxmQoLBWzNOF7ndU+WCX3OrWQy3uCs0m
MKBJZxUdpBmpGXV7j0SQlG32ojMD0XsNuczD6UzRaMIHR55ldvv8xiXsC+CbpvLX
/MC0jPGk7QPBE+3FWHSpOptEUCgXAhy8qz14Um5WGUdH9cbBrHZHBibKB2/0QX2g
6FUeuLLG4xnd12OEDnxZf7YefH3/cDTcOzr2R5TbJQYx6JHgVSaqxPmGCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCzPilU5raq+PcfewQ7o8bpLDJsMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvb0xNLUtWVG10cXI0OXg5N0JEdWp4dWtzTW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVUPMA0G
CSqGSIb3DQEBCwUAA4IBAQApMQlMP7XGl3bRX5a9e4BS5Za09MTaF34Pj/BSDXr8
533rMqfoTS4DOpGhrV4iyTc8oBNjDzrBkE12M3AXRn2gdwpZyRPObWaH/E6DEkuU
ohj+lNMfgb1qGHFthNzG7i+rJL4tRdarj5Y/r71/nb6lRtyF/XVfO1p5QzO8JC3j
5sX04DrTxp858FKtBnUy1t65EAC7AmIisQxyp7FwEneAOCNWENyqxqYIIXwREYYy
AqLTj+D5dWeG+72nnjYTkfTgqlTZ+vZBIHquDdk77BlYNlr7RIPJx+XeOu6uNveu
wdZB5T8DreRbCTQD1iTJH88mA4Przq/tYxCo9XLTWmE7
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:46 2025 by rpki-client