Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/dBTOeIbMR4b4IXfZwE_6lVly5Vs.roa
File: dBTOeIbMR4b4IXfZwE_6lVly5Vs.roa (raw, json)
Hash identifier: oFz93Lz/Uyody77EhXJZnGF6aitn0DLrRz8+cy58TR0=
Subject key identifier: 74:14:CE:78:86:CC:47:86:F8:21:77:D9:C0:4F:FA:95:59:72:E5:5B
Certificate issuer: /CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Certificate serial: 018CC50056DB271765BA83DDF7667DF253BD
Authority key identifier: 84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/dBTOeIbMR4b4IXfZwE_6lVly5Vs.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202480
IP address blocks: 185.45.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 21:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:56:db:27:17:65:ba:83:dd:f7:66:7d:f2:53:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7414ce7886cc4786f82177d9c04ffa955972e55b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:61:ee:32:5c:dd:6e:17:bb:b8:98:68:c2:07:
b9:cf:23:97:ca:d9:6d:42:72:dd:60:52:a9:8f:e4:
f2:d4:eb:0e:0a:c6:a2:33:19:77:9c:ba:02:9f:bc:
03:26:2b:d8:f5:5d:96:96:cc:8f:8b:49:41:25:35:
65:77:2c:46:d8:71:35:eb:e1:dc:db:8c:3d:12:70:
4a:25:40:7e:f2:0f:9f:85:31:6e:0d:86:c9:7a:e7:
97:a0:5c:c1:f2:40:63:3b:94:0c:34:f6:b8:9e:f7:
63:ae:fb:5a:58:68:fe:ab:32:86:09:4a:50:f8:dc:
0d:97:52:23:a2:64:2c:7e:fa:08:50:e0:7a:2c:dd:
c5:b2:d2:07:58:8b:15:f2:77:ad:91:ac:f6:18:ce:
e7:76:9c:38:5c:97:93:ce:2e:64:c9:70:c8:87:b8:
8f:be:74:2c:b9:b4:9c:9b:e3:73:00:c4:ad:5e:47:
16:18:51:9a:d8:2b:f1:d0:51:b1:c6:d1:3c:9c:c6:
e2:21:eb:2d:44:e3:8a:9d:ee:53:0c:9a:ca:ba:71:
c6:33:9e:42:c3:7b:8a:81:5f:70:4a:03:39:3c:e0:
41:44:b7:37:af:76:b6:e1:74:f7:4a:47:1a:4a:09:
75:fa:fd:35:a5:b7:93:22:2b:f5:07:83:5a:77:c3:
51:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:14:CE:78:86:CC:47:86:F8:21:77:D9:C0:4F:FA:95:59:72:E5:5B
X509v3 Authority Key Identifier:
keyid:84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/dBTOeIbMR4b4IXfZwE_6lVly5Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.143.0/24
Signature Algorithm: sha256WithRSAEncryption
47:49:4b:a5:23:f6:bc:2e:50:dd:02:ee:f0:33:46:00:c3:f1:
ec:5b:59:74:45:3e:a0:57:2d:b2:fd:d9:5b:7f:ba:38:3c:37:
05:27:82:26:b5:fa:39:51:93:70:45:f4:98:12:98:82:b5:b9:
09:db:2c:87:ca:56:f2:a3:b6:36:36:2d:82:43:af:64:18:22:
52:bd:ad:bf:4f:1f:3b:83:2c:94:c4:6d:af:89:13:95:71:b2:
6f:83:01:bc:15:d9:65:ae:1b:5b:3c:22:a1:07:5e:70:34:53:
ce:a4:53:79:b3:d0:2b:03:bc:07:ed:1d:36:9d:32:a3:bb:23:
09:d3:d0:18:7e:d0:de:a0:b8:89:80:09:44:97:3e:c3:7e:d0:
1b:88:60:ce:05:8b:06:0f:2b:f7:d9:00:d4:e4:e9:3d:f0:8f:
65:dc:78:89:e1:1f:4f:73:20:6f:54:1d:e1:26:a2:ae:c7:d7:
c2:4b:68:fb:e1:93:ab:39:b4:c0:64:56:ea:c2:5f:89:11:38:
f3:4e:cb:05:09:fa:7e:be:80:ce:02:55:81:42:a9:2b:b6:7e:
9d:f7:3f:47:7a:cc:7a:87:d3:fe:a8:8f:f2:66:c4:e3:9c:e0:
9a:a6:e7:b6:8a:1a:16:f1:be:7d:a1:6b:53:0c:57:ad:e3:8a:
b4:07:6c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAFbbJxdluoPd92Z98lO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2JlODYzOWY0MDM5OTkzYzFmNmU3ODc5ZjQ3MjllNDdk
YzM3YWUwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE0Y2U3ODg2Y2M0Nzg2ZjgyMTc3ZDljMDRmZmE5NTU5NzJlNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWHuMlzdbhe7uJhowge5zyOXytlt
QnLdYFKpj+Ty1OsOCsaiMxl3nLoCn7wDJivY9V2WlsyPi0lBJTVldyxG2HE16+Hc
24w9EnBKJUB+8g+fhTFuDYbJeueXoFzB8kBjO5QMNPa4nvdjrvtaWGj+qzKGCUpQ
+NwNl1IjomQsfvoIUOB6LN3FstIHWIsV8netkaz2GM7ndpw4XJeTzi5kyXDIh7iP
vnQsubScm+NzAMStXkcWGFGa2Cvx0FGxxtE8nMbiIestROOKne5TDJrKunHGM55C
w3uKgV9wSgM5POBBRLc3r3a24XT3SkcaSgl1+v01pbeTIiv1B4Nad8NRswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQUzniGzEeG+CF32cBP+pVZcuVbMB8GA1UdIwQY
MBaAFIQ76GOfQDmZPB9ueHn0cp5H3DeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2Mt
Nzc4ODc0OGY2N2NiLzEvZEJUT2VJYk1SNGI0SVhmWndFXzZsVmx5NVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2MtNzc4ODc0OGY2N2Ni
LzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS2PMA0G
CSqGSIb3DQEBCwUAA4IBAQBHSUulI/a8LlDdAu7wM0YAw/HsW1l0RT6gVy2y/dlb
f7o4PDcFJ4Imtfo5UZNwRfSYEpiCtbkJ2yyHylbyo7Y2Ni2CQ69kGCJSva2/Tx87
gyyUxG2viROVcbJvgwG8FdllrhtbPCKhB15wNFPOpFN5s9ArA7wH7R02nTKjuyMJ
09AYftDeoLiJgAlElz7DftAbiGDOBYsGDyv32QDU5Ok98I9l3HiJ4R9PcyBvVB3h
JqKux9fCS2j74ZOrObTAZFbqwl+JETjzTssFCfp+voDOAlWBQqkrtn6d9z9Hesx6
h9P+qI/yZsTjnOCapue2ihoW8b59oWtTDFet44q0B2w5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:43 2025 by rpki-client