Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/KVCnvRJAc4pEqyZIMWDr3bfW-p8.roa
File: KVCnvRJAc4pEqyZIMWDr3bfW-p8.roa (raw, json)
Hash identifier: 7fqDYTrRe7R4/iLgXuc3eiSON72agCZFen0Ult65vak=
Subject key identifier: 29:50:A7:BD:12:40:73:8A:44:AB:26:48:31:60:EB:DD:B7:D6:FA:9F
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 0193FD178D510FD19BB96271C6650872FE7C
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/KVCnvRJAc4pEqyZIMWDr3bfW-p8.roa
Signing time: Wed 25 Dec 2024 09:13:19 +0000
ROA not before: Wed 25 Dec 2024 09:13:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208341
IP address blocks: 45.143.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:17:8d:51:0f:d1:9b:b9:62:71:c6:65:08:72:fe:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Dec 25 09:13:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2950a7bd1240738a44ab26483160ebddb7d6fa9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:5a:6f:37:02:6c:a8:2c:52:50:8a:32:c2:
5d:7f:cf:01:0c:6c:29:14:b0:e4:fd:7d:fe:7d:dd:
77:bc:cb:e9:51:bd:da:fd:d8:a8:32:f1:49:83:87:
03:e8:68:95:a6:ef:40:95:8b:e3:6e:2c:dc:90:20:
6e:6d:3a:c4:5d:a3:d6:43:4f:5a:6f:65:fc:d1:e3:
32:5f:48:18:fc:0e:d4:cc:f4:da:df:df:47:d4:df:
09:a2:da:d0:60:25:0f:fd:ef:3c:af:7b:0b:c9:8c:
56:6e:73:e6:63:11:32:dc:b2:c2:17:a4:a2:88:ae:
4a:18:0d:73:34:78:68:5d:b7:f0:68:8a:96:f3:25:
5a:8e:49:07:e6:f2:50:86:cd:c4:3e:d0:3b:02:05:
b1:cb:33:b7:7b:e2:d5:31:86:00:d6:dd:75:b9:e8:
03:a5:3c:d6:5d:bc:d7:32:cd:9f:db:83:08:52:36:
6f:b5:79:6c:5c:56:25:0b:dc:9c:e3:ab:60:e7:37:
65:24:53:e5:42:58:36:3e:d1:0f:de:4b:a4:11:5d:
9f:41:41:56:45:f6:ec:7a:74:e3:d3:a5:2b:dd:83:
18:8d:35:1f:9e:f6:62:13:48:76:ee:e7:ab:26:97:
d2:ae:05:f7:33:f5:4d:1b:27:d9:a4:d7:a7:d5:a8:
cb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:50:A7:BD:12:40:73:8A:44:AB:26:48:31:60:EB:DD:B7:D6:FA:9F
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/KVCnvRJAc4pEqyZIMWDr3bfW-p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.28.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c1:33:22:e1:51:75:64:28:34:30:83:e9:57:bc:df:39:44:
85:d1:50:32:c9:8a:ee:ba:17:4f:ab:74:b9:32:d7:4d:44:23:
2d:bb:db:80:86:aa:dd:ab:79:e0:f4:1d:6d:10:61:50:42:b6:
22:40:51:b8:d1:6a:8c:19:9e:98:78:38:05:bf:4a:f0:48:fe:
54:39:21:ba:53:80:04:9c:89:7c:c3:4b:1b:29:f0:e6:01:80:
da:a7:c5:f0:28:75:a0:18:06:97:e9:d7:af:af:20:77:32:e2:
49:ab:37:70:79:6f:f2:b1:c5:ec:75:4c:c9:ca:fa:a2:71:90:
c9:16:9a:ca:8d:34:b4:8f:b3:79:db:e6:ac:a2:d4:f5:03:87:
49:22:46:5b:0a:eb:b2:07:7a:ba:90:e8:92:b0:69:0b:a6:83:
87:05:29:aa:4a:63:d8:54:72:cf:be:f4:bb:08:20:94:1b:21:
83:1b:55:98:a0:87:cc:20:6c:81:b8:61:fe:72:18:e9:3e:17:
4d:7f:2d:b4:2e:a8:17:ba:e1:f7:de:c5:15:3b:d5:fc:d6:3b:
90:bd:29:5f:28:85:26:88:cc:ac:b4:fe:9c:7e:90:fb:e5:51:
95:0e:8a:23:bd:c2:66:3b:ef:29:67:4b:97:1d:36:1a:df:0d:
41:e3:c1:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP9F41RD9GbuWJxxmUIcv58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjQxMjI1MDkxMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUwYTdiZDEyNDA3MzhhNDRhYjI2NDgzMTYwZWJkZGI3ZDZmYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbNabzcCbKgsUlCKMsJdf88BDGwp
FLDk/X3+fd13vMvpUb3a/dioMvFJg4cD6GiVpu9AlYvjbizckCBubTrEXaPWQ09a
b2X80eMyX0gY/A7UzPTa399H1N8JotrQYCUP/e88r3sLyYxWbnPmYxEy3LLCF6Si
iK5KGA1zNHhoXbfwaIqW8yVajkkH5vJQhs3EPtA7AgWxyzO3e+LVMYYA1t11uegD
pTzWXbzXMs2f24MIUjZvtXlsXFYlC9yc46tg5zdlJFPlQlg2PtEP3kukEV2fQUFW
RfbsenTj06Ur3YMYjTUfnvZiE0h27uerJpfSrgX3M/VNGyfZpNen1ajLMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClQp70SQHOKRKsmSDFg69231vqfMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvS1ZDbnZSSkFjNHBFcXlaSU1XRHIzYmZXLXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8cMA0G
CSqGSIb3DQEBCwUAA4IBAQAcwTMi4VF1ZCg0MIPpV7zfOUSF0VAyyYruuhdPq3S5
MtdNRCMtu9uAhqrdq3ng9B1tEGFQQrYiQFG40WqMGZ6YeDgFv0rwSP5UOSG6U4AE
nIl8w0sbKfDmAYDap8XwKHWgGAaX6devryB3MuJJqzdweW/yscXsdUzJyvqicZDJ
FprKjTS0j7N52+asotT1A4dJIkZbCuuyB3q6kOiSsGkLpoOHBSmqSmPYVHLPvvS7
CCCUGyGDG1WYoIfMIGyBuGH+chjpPhdNfy20LqgXuuH33sUVO9X81juQvSlfKIUm
iMystP6cfpD75VGVDoojvcJmO+8pZ0uXHTYa3w1B48Fc
-----END CERTIFICATE-----
Generated at Wed Apr 30 14:28:19 2025 by rpki-client