Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yz4x4GzcGeC8glLOCmnyDtr-56w.roa
File: yz4x4GzcGeC8glLOCmnyDtr-56w.roa (raw, json)
Hash identifier: hDwx9rvPd30lRY3VBZd89bgxAP28R/xByG7X8PG7rdQ=
Subject key identifier: CB:3E:31:E0:6C:DC:19:E0:BC:82:52:CE:0A:69:F2:0E:DA:FE:E7:AC
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD2AA8A63F17FD4789C8E416C5CA04
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yz4x4GzcGeC8glLOCmnyDtr-56w.roa
Signing time: Thu 02 Jan 2025 07:48:55 +0000
ROA not before: Thu 02 Jan 2025 07:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.150.32.0/24 maxlen: 24
45.150.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 14:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:2a:a8:a6:3f:17:fd:47:89:c8:e4:16:c5:ca:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb3e31e06cdc19e0bc8252ce0a69f20edafee7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6f:30:72:12:85:e2:4f:9c:41:91:60:4f:ca:
b9:b2:fe:25:f7:0a:28:38:ac:20:66:69:a2:96:7d:
31:6f:d1:26:02:59:de:22:f9:12:49:f3:4d:82:95:
fd:c4:c8:a3:7a:f2:27:14:ff:d8:bf:12:7d:b2:43:
f2:e9:77:de:b5:03:5c:d9:8f:e6:ca:c7:ee:f6:d8:
3f:72:1f:6f:fb:40:de:ff:98:a4:9d:36:05:81:87:
c2:d1:02:e5:34:47:c4:cd:10:88:26:f0:29:d8:87:
31:75:07:3c:04:28:e1:c8:b4:1c:76:09:2f:0d:fa:
2e:e8:78:da:bf:20:e6:d9:2d:44:7c:42:9e:c0:c2:
a6:a9:b9:89:2a:09:1d:ae:b9:16:80:29:55:b1:e9:
23:2c:36:e9:93:aa:07:33:54:c7:c0:ee:ef:c4:7c:
ba:e2:95:11:fc:89:63:98:a4:69:08:45:85:3d:c3:
08:41:4e:62:7c:5f:05:f5:30:50:0c:21:78:3a:2d:
5d:2c:8e:43:73:63:46:5a:ed:78:bf:f7:38:12:21:
17:b4:ab:2b:5a:42:f5:2a:9d:d1:fa:ac:44:d2:82:
42:eb:6b:70:cb:35:7d:e4:3f:3b:75:46:fa:e6:d6:
4a:f2:ee:49:23:05:ce:fa:09:af:b1:af:89:e1:54:
b0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3E:31:E0:6C:DC:19:E0:BC:82:52:CE:0A:69:F2:0E:DA:FE:E7:AC
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yz4x4GzcGeC8glLOCmnyDtr-56w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.32.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:c8:1b:6b:b9:95:14:a6:98:19:a3:1f:00:7b:9c:e6:d6:ed:
e3:b4:76:a8:6e:2c:32:b3:aa:8c:9d:2d:f9:55:0e:38:a5:ab:
8f:d0:bd:e9:f4:3a:ad:14:2a:cf:ab:bc:85:95:55:7e:c3:53:
12:2a:e6:ac:1a:31:cc:8c:84:6b:d2:40:93:5f:c4:16:a6:9d:
58:e9:c6:e7:3f:1c:dc:8f:87:1e:09:f2:2a:a8:e6:42:92:b6:
23:ec:de:36:7a:f9:99:a3:fe:74:fb:95:64:2b:9f:33:aa:98:
b8:0e:69:96:7c:e7:62:9e:39:10:3f:ad:9e:0d:f3:64:e0:77:
ea:d9:47:e4:3e:3b:01:b7:e8:f3:7b:bb:ba:c5:b0:29:4b:b7:
1e:0c:01:72:84:30:41:80:7e:4a:84:e5:99:04:02:93:31:cf:
57:78:e5:34:5c:e8:6e:f3:50:d8:3e:e5:57:3b:a7:c9:8f:2f:
37:77:67:3d:1a:93:3c:b0:58:89:b4:a0:96:8a:7d:2d:c3:f8:
c2:ac:ae:3c:06:8d:ae:98:bc:9f:58:cb:49:fb:76:a3:f1:8c:
8c:d8:8a:29:da:23:10:f3:84:a3:22:60:ad:14:9e:9a:6d:81:
bf:41:df:5b:d4:f5:72:84:14:36:e8:d0:d3:98:91:ba:27:1b:
4a:a0:1e:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Sqopj8X/UeJyOQWxcoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNlMzFlMDZjZGMxOWUwYmM4MjUyY2UwYTY5ZjIwZWRhZmVlN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm8wchKF4k+cQZFgT8q5sv4l9woo
OKwgZmmiln0xb9EmAlneIvkSSfNNgpX9xMijevInFP/YvxJ9skPy6XfetQNc2Y/m
ysfu9tg/ch9v+0De/5iknTYFgYfC0QLlNEfEzRCIJvAp2IcxdQc8BCjhyLQcdgkv
Dfou6HjavyDm2S1EfEKewMKmqbmJKgkdrrkWgClVsekjLDbpk6oHM1THwO7vxHy6
4pUR/IljmKRpCEWFPcMIQU5ifF8F9TBQDCF4Oi1dLI5Dc2NGWu14v/c4EiEXtKsr
WkL1Kp3R+qxE0oJC62twyzV95D87dUb65tZK8u5JIwXO+gmvsa+J4VSw9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMs+MeBs3BngvIJSzgpp8g7a/uesMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveXo0eDRHemNHZUM4Z2xMT0NtbnlEdHItNTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZYgMA0G
CSqGSIb3DQEBCwUAA4IBAQAryBtruZUUppgZox8Ae5zm1u3jtHaobiwys6qMnS35
VQ44pauP0L3p9DqtFCrPq7yFlVV+w1MSKuasGjHMjIRr0kCTX8QWpp1Y6cbnPxzc
j4ceCfIqqOZCkrYj7N42evmZo/50+5VkK58zqpi4DmmWfOdinjkQP62eDfNk4Hfq
2UfkPjsBt+jze7u6xbApS7ceDAFyhDBBgH5KhOWZBAKTMc9XeOU0XOhu81DYPuVX
O6fJjy83d2c9GpM8sFiJtKCWin0tw/jCrK48Bo2umLyfWMtJ+3aj8YyM2Iop2iMQ
84SjImCtFJ6abYG/Qd9b1PVyhBQ26NDTmJG6JxtKoB6Z
-----END CERTIFICATE-----
Generated at Thu May 1 00:46:57 2025 by rpki-client