Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UeMj0RxNHzekNWuw3cB14wLGrkg.roa
File: UeMj0RxNHzekNWuw3cB14wLGrkg.roa (raw, json)
Hash identifier: QGAQRaUYnO+oPNFKymDt3HsCQg9JUCT/SH5L+/o4YBY=
Subject key identifier: 51:E3:23:D1:1C:4D:1F:37:A4:35:6B:B0:DD:C0:75:E3:02:C6:AE:48
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01937021E747437A608DE2FDFB3FD1D3221E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UeMj0RxNHzekNWuw3cB14wLGrkg.roa
Signing time: Thu 28 Nov 2024 00:18:10 +0000
ROA not before: Thu 28 Nov 2024 00:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151106
IP address blocks: 45.157.208.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:70:21:e7:47:43:7a:60:8d:e2:fd:fb:3f:d1:d3:22:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 28 00:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51e323d11c4d1f37a4356bb0ddc075e302c6ae48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:19:57:7d:d5:26:b6:70:dd:0f:60:ab:0f:81:
76:0b:6e:eb:48:d3:01:0b:b0:18:51:7e:36:6c:4b:
b3:10:83:81:5f:15:72:60:96:26:c7:02:88:9c:64:
32:7a:63:b4:6a:79:b0:03:67:ba:1c:6a:11:f9:8f:
e8:10:5c:21:51:75:71:89:6f:f5:aa:17:ae:fc:69:
fe:09:b0:d4:a3:0d:ff:63:6c:1c:e2:a5:16:bf:f4:
96:5b:3f:f8:8a:ce:41:4e:c5:ed:91:6f:7e:64:a3:
20:c5:6a:73:64:40:f6:06:ab:54:1d:6e:b0:b3:64:
7e:87:1b:77:92:e7:eb:7c:5a:bc:08:a4:af:7a:aa:
04:d4:36:ae:30:fd:43:0c:65:f8:d8:ee:f1:06:51:
56:f3:a8:4d:27:3e:db:97:7a:54:4e:30:c7:10:57:
75:83:55:2a:2a:61:41:92:6f:aa:0a:60:b5:30:72:
09:9b:e6:33:0f:32:89:47:a3:6b:ba:2b:c2:38:30:
d9:fa:3c:54:62:c9:ea:f8:5b:43:a0:73:04:bd:a4:
05:d7:12:2f:e5:fa:9c:25:f7:d3:c7:b4:b7:43:10:
3c:d2:94:4e:e3:fe:2c:53:09:1c:1b:c2:3e:d7:84:
33:23:78:c3:4b:20:ca:7c:6c:b9:ed:d1:30:c3:01:
02:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E3:23:D1:1C:4D:1F:37:A4:35:6B:B0:DD:C0:75:E3:02:C6:AE:48
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UeMj0RxNHzekNWuw3cB14wLGrkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
45.157.211.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:e5:32:82:3d:e5:de:51:64:0d:ba:a0:a4:1e:22:58:19:8a:
45:bf:ba:31:74:70:98:7a:07:35:99:58:8a:c6:33:34:c2:39:
4b:28:d2:47:d3:d4:18:7d:2b:93:f0:2c:68:ca:17:63:2e:42:
50:4d:b4:bb:2d:fc:d8:2d:d7:f9:a7:47:56:3b:75:6d:bb:e2:
b5:1c:bc:ab:41:79:62:29:a9:0a:5f:30:e7:b3:6f:79:2a:c4:
a3:ae:9a:1b:4c:c4:ff:7e:72:b7:43:ee:0e:30:30:41:67:89:
cb:3e:a4:ca:e1:75:49:55:63:f0:72:62:6b:a2:cc:f8:0e:8c:
41:62:77:77:41:0e:5d:c6:9a:91:53:b6:b2:6b:b9:12:49:ba:
15:ee:3b:05:6d:f6:10:1d:a3:fe:0a:68:68:9d:a3:04:be:2e:
d1:5f:f6:c7:cb:c6:17:de:51:8a:a9:ba:1a:68:62:ba:d7:00:
81:ff:35:06:ed:ed:6a:2e:0e:2a:00:9f:58:9f:c8:aa:00:a0:
f8:4e:41:d1:a4:b1:41:3f:5b:e9:60:f2:c4:c4:72:14:80:e1:
9b:aa:bf:40:d1:b2:d4:b7:33:ae:3d:5f:3d:e7:22:58:96:ae:
d6:ec:84:57:5d:f0:51:8e:95:d8:6e:76:bd:c1:b4:87:00:bd:
fb:cd:bd:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNwIedHQ3pgjeL9+z/R0yIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMTI4MDAxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUzMjNkMTFjNGQxZjM3YTQzNTZiYjBkZGMwNzVlMzAyYzZhZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBlXfdUmtnDdD2CrD4F2C27rSNMB
C7AYUX42bEuzEIOBXxVyYJYmxwKInGQyemO0anmwA2e6HGoR+Y/oEFwhUXVxiW/1
qheu/Gn+CbDUow3/Y2wc4qUWv/SWWz/4is5BTsXtkW9+ZKMgxWpzZED2BqtUHW6w
s2R+hxt3kufrfFq8CKSveqoE1DauMP1DDGX42O7xBlFW86hNJz7bl3pUTjDHEFd1
g1UqKmFBkm+qCmC1MHIJm+YzDzKJR6NruivCODDZ+jxUYsnq+FtDoHMEvaQF1xIv
5fqcJffTx7S3QxA80pRO4/4sUwkcG8I+14QzI3jDSyDKfGy57dEwwwECcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFHjI9EcTR83pDVrsN3AdeMCxq5IMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVWVNajBSeE5IemVrTld1dzNjQjE0d0xHcmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ3QAwQA
LZ3TMA0GCSqGSIb3DQEBCwUAA4IBAQCd5TKCPeXeUWQNuqCkHiJYGYpFv7oxdHCY
egc1mViKxjM0wjlLKNJH09QYfSuT8CxoyhdjLkJQTbS7LfzYLdf5p0dWO3Vtu+K1
HLyrQXliKakKXzDns295KsSjrpobTMT/fnK3Q+4OMDBBZ4nLPqTK4XVJVWPwcmJr
osz4DoxBYnd3QQ5dxpqRU7aya7kSSboV7jsFbfYQHaP+CmhonaMEvi7RX/bHy8YX
3lGKqboaaGK61wCB/zUG7e1qLg4qAJ9Yn8iqAKD4TkHRpLFBP1vpYPLExHIUgOGb
qr9A0bLUtzOuPV895yJYlq7W7IRXXfBRjpXYbna9wbSHAL37zb2C
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:19:02 2025 by rpki-client