Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/mrG19KH2bt35mG1SewkWLrnPyO8.roa
File: mrG19KH2bt35mG1SewkWLrnPyO8.roa (raw, json)
Hash identifier: /2aUX41mv3Q6ZLrlfW1/yUWD/3T1gH/i+SPK19vLtoM=
Subject key identifier: 9A:B1:B5:F4:A1:F6:6E:DD:F9:98:6D:52:7B:09:16:2E:B9:CF:C8:EF
Certificate issuer: /CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Certificate serial: 0193960329F403E24B6AA6F166A40EC6BCE3
Authority key identifier: A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/mrG19KH2bt35mG1SewkWLrnPyO8.roa
Signing time: Thu 05 Dec 2024 08:50:09 +0000
ROA not before: Thu 05 Dec 2024 08:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11331
IP address blocks: 45.157.70.0/24 maxlen: 24
45.157.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:03:29:f4:03:e2:4b:6a:a6:f1:66:a4:0e:c6:bc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Validity
Not Before: Dec 5 08:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ab1b5f4a1f66eddf9986d527b09162eb9cfc8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:13:64:60:ca:d2:c4:d6:3e:56:05:8d:70:32:
f9:b2:61:20:55:68:c3:54:6f:12:95:5c:e8:20:7a:
19:4b:07:52:04:75:97:ab:15:64:ef:0e:88:49:56:
f4:4f:74:ab:ef:22:72:78:a4:ce:e8:ae:ac:a3:c3:
23:e0:19:0b:48:f4:ad:d1:c8:9b:1e:a8:02:da:87:
82:e0:9a:d8:08:41:b7:eb:4a:70:45:2d:f8:9a:14:
55:ae:7d:ed:89:f6:56:e8:b9:1b:30:4d:9f:db:41:
af:07:3d:eb:8b:97:f4:de:d3:1d:9e:0a:00:7b:5b:
1b:b8:00:ac:5b:41:aa:5b:b9:f7:36:d0:0c:95:71:
08:be:6e:dd:c1:83:96:cf:bf:4e:6e:11:0a:0c:72:
90:1f:6d:6c:ce:46:77:a1:d1:fc:5c:f0:e3:6f:78:
72:44:e3:fb:38:8c:36:37:17:20:25:7a:70:82:69:
05:d6:eb:65:7d:75:6b:bf:d2:80:73:84:b7:8b:dd:
13:1d:e2:b5:39:67:ef:d3:01:37:b3:22:fe:8e:09:
2a:1e:d8:0e:e3:86:b8:c9:2d:bf:eb:37:d7:2a:dd:
3b:8f:0b:40:fc:d6:2e:ac:8a:3b:65:59:db:26:04:
a1:43:10:a8:a9:aa:cf:10:7c:99:90:5c:70:2c:1a:
b2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B1:B5:F4:A1:F6:6E:DD:F9:98:6D:52:7B:09:16:2E:B9:CF:C8:EF
X509v3 Authority Key Identifier:
keyid:A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/mrG19KH2bt35mG1SewkWLrnPyO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/odAxU3OwmwYapZ8SnVkuq_ezqu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.70.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:af:46:28:54:64:f1:7b:da:8e:e2:7f:0c:21:2d:3c:e2:fa:
be:f0:75:97:f6:bc:33:18:43:4b:1d:13:18:3e:12:ae:74:15:
52:88:b9:80:cd:35:35:bf:98:59:ae:ab:9d:81:bd:4e:27:1f:
c5:0f:ca:9e:3d:9b:d3:25:2f:af:41:37:4f:7b:ef:da:b8:0b:
e8:f0:52:1e:37:ff:67:5d:ca:93:ae:80:30:46:4f:d2:30:2e:
57:d2:30:9c:d2:3f:f7:e4:89:b9:d1:a1:46:36:a2:03:fc:99:
0f:f2:21:27:7e:ef:f1:e3:66:26:fd:9d:3e:03:25:ce:67:77:
28:6e:7a:8e:97:94:d1:d5:7f:ed:d8:af:7d:9e:ff:d2:b7:26:
fe:fe:f5:db:ce:46:8c:93:06:c8:e2:5a:d7:ed:54:b5:a4:ba:
68:af:5c:24:a1:58:e9:dc:bc:70:28:16:b2:49:f7:f9:9d:10:
19:9d:2b:f4:45:3c:c0:c8:af:51:db:c4:a1:d8:c5:0d:4b:e2:
80:23:30:03:a9:ec:59:c8:db:0b:6b:7a:52:9d:9e:d9:c3:1a:
80:73:10:e5:21:52:cf:f4:17:29:d0:30:79:bd:0d:5a:29:5d:
07:b4:ce:27:d8:cc:9c:4a:31:08:b4:43:29:c8:d5:f4:b8:fa:
9f:c4:81:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOWAyn0A+JLaqbxZqQOxrzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDAzMTUzNzNiMDliMDYxYWE1OWYxMjlkNTkyZWFiZjdi
M2FhZWYwHhcNMjQxMjA1MDg1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWIxYjVmNGExZjY2ZWRkZjk5ODZkNTI3YjA5MTYyZWI5Y2ZjOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxNkYMrSxNY+VgWNcDL5smEgVWjD
VG8SlVzoIHoZSwdSBHWXqxVk7w6ISVb0T3Sr7yJyeKTO6K6so8Mj4BkLSPSt0cib
HqgC2oeC4JrYCEG360pwRS34mhRVrn3tifZW6LkbME2f20GvBz3ri5f03tMdngoA
e1sbuACsW0GqW7n3NtAMlXEIvm7dwYOWz79ObhEKDHKQH21szkZ3odH8XPDjb3hy
ROP7OIw2NxcgJXpwgmkF1utlfXVrv9KAc4S3i90THeK1OWfv0wE3syL+jgkqHtgO
44a4yS2/6zfXKt07jwtA/NYurIo7ZVnbJgShQxCoqarPEHyZkFxwLBqyRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqxtfSh9m7d+ZhtUnsJFi65z8jvMB8GA1UdIwQY
MBaAFKHQMVNzsJsGGqWfEp1ZLqv3s6rvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMt
ZGZjYmRmM2IxMDU4LzEvbXJHMTlLSDJidDM1bUcxU2V3a1dMcm5QeU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMtZGZjYmRmM2IxMDU4
LzEvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ1GMA0G
CSqGSIb3DQEBCwUAA4IBAQAdr0YoVGTxe9qO4n8MIS084vq+8HWX9rwzGENLHRMY
PhKudBVSiLmAzTU1v5hZrqudgb1OJx/FD8qePZvTJS+vQTdPe+/auAvo8FIeN/9n
XcqTroAwRk/SMC5X0jCc0j/35Im50aFGNqID/JkP8iEnfu/x42Ym/Z0+AyXOZ3co
bnqOl5TR1X/t2K99nv/Styb+/vXbzkaMkwbI4lrX7VS1pLpor1wkoVjp3LxwKBay
Sff5nRAZnSv0RTzAyK9R28Sh2MUNS+KAIzADqexZyNsLa3pSnZ7ZwxqAcxDlIVLP
9Bcp0DB5vQ1aKV0HtM4n2MycSjEItEMpyNX0uPqfxIHB
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:28:44 2025 by rpki-client