Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XmtpSoCYDKhrwEU8A_Kav6j9sC0.roa
File: XmtpSoCYDKhrwEU8A_Kav6j9sC0.roa (raw, json)
Hash identifier: YE7UznjmDgP7Rm8TM2kQX67+0+hSwxnTMMTNMKXQWP4=
Subject key identifier: 5E:6B:69:4A:80:98:0C:A8:6B:C0:45:3C:03:F2:9A:BF:A8:FD:B0:2D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018ABC968B42FEBE7727B632A68F4875ABC9
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XmtpSoCYDKhrwEU8A_Kav6j9sC0.roa
Signing time: Fri 22 Sep 2023 11:11:37 +0000
ROA not before: Fri 22 Sep 2023 11:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203446
IP address blocks: 45.90.96.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
2.56.246.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:96:8b:42:fe:be:77:27:b6:32:a6:8f:48:75:ab:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 22 11:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e6b694a80980ca86bc0453c03f29abfa8fdb02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6f:1d:c3:a4:da:98:ef:09:ff:79:c4:a8:0a:
f3:4a:b2:07:4b:f8:93:ec:41:30:26:45:8d:c0:c6:
19:a0:86:c2:be:f9:44:c3:b7:c7:59:db:a7:11:5d:
22:a4:0e:b8:63:81:11:cd:c4:47:09:07:71:23:26:
d7:0a:b4:aa:9d:39:a6:04:d1:09:dc:20:1f:92:dd:
5b:15:94:5e:dc:f3:6c:cf:47:18:ce:6a:b7:39:a2:
8b:cb:92:0f:b4:09:3f:38:34:4f:50:de:ee:76:55:
b3:1a:c8:13:a9:6b:df:ec:ab:78:d9:09:7e:af:c7:
d7:5f:bd:23:6a:72:8d:30:88:ee:6b:cf:ea:16:3e:
10:fc:22:83:9f:5f:8e:8f:3b:7d:5e:e3:7a:bb:1f:
96:7c:ab:0d:a1:84:ed:92:d7:88:46:3f:c9:75:00:
a4:cc:6a:ae:0b:f1:f6:c6:8a:1e:09:56:67:ad:83:
34:c4:d9:d4:d6:44:8c:1a:fb:58:cc:a0:eb:9b:da:
3f:d7:55:b6:4e:e3:af:12:2f:cf:78:bb:42:e7:53:
cd:00:96:1e:79:c0:93:ee:1f:5f:e7:ca:2f:59:62:
f0:23:1a:c9:03:eb:5d:62:aa:08:63:7e:f4:d5:7d:
2f:ee:ef:21:2c:2b:38:20:7b:8b:f9:78:1f:b9:eb:
5e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6B:69:4A:80:98:0C:A8:6B:C0:45:3C:03:F2:9A:BF:A8:FD:B0:2D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XmtpSoCYDKhrwEU8A_Kav6j9sC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.90.96.0/24
45.131.65.0/24
45.134.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:a0:8f:61:00:fa:2f:51:aa:ba:cf:1f:af:ff:73:3f:bf:ba:
ff:a6:8f:f4:52:4e:34:16:2e:ab:54:05:db:48:66:d8:51:56:
cb:a4:32:de:06:40:19:f7:05:77:d1:68:ca:f0:63:58:93:96:
af:aa:51:2c:5c:58:34:f6:1c:84:2f:27:15:b9:0e:e4:6c:09:
2d:db:ac:de:70:b5:bf:cf:56:f1:19:cd:08:a0:59:d0:f2:9a:
a7:d7:62:16:b1:a2:52:e3:ae:66:95:38:0d:2e:54:83:ca:d6:
a8:fd:fd:53:35:9c:21:87:98:de:51:ca:cb:d7:4b:d9:2e:b9:
78:c9:5b:84:c6:2f:58:9f:29:f2:32:01:f4:0e:a2:dd:86:0f:
6e:fa:6d:da:30:40:9f:69:ad:ce:24:79:ce:1f:fb:55:bd:56:
de:e7:66:4a:2c:fd:6f:82:b2:5b:a1:0f:7d:d6:d7:5e:4e:33:
d8:4c:df:bd:16:f1:bd:0a:67:2a:9a:21:cb:c3:81:99:bf:5d:
09:5a:55:bd:48:7c:8a:ca:8d:b2:2f:ef:c6:29:ed:88:03:e5:
45:e3:fe:c0:0d:63:2d:54:f2:f7:e4:69:22:8d:60:4c:70:17:
11:15:68:b7:c7:3e:2f:28:5e:bc:b2:15:0a:53:6b:0b:b4:76:
37:77:a1:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq8lotC/r53J7Yypo9IdavJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwOTIyMTExMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZiNjk0YTgwOTgwY2E4NmJjMDQ1M2MwM2YyOWFiZmE4ZmRiMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm28dw6TamO8J/3nEqArzSrIHS/iT
7EEwJkWNwMYZoIbCvvlEw7fHWdunEV0ipA64Y4ERzcRHCQdxIybXCrSqnTmmBNEJ
3CAfkt1bFZRe3PNsz0cYzmq3OaKLy5IPtAk/ODRPUN7udlWzGsgTqWvf7Kt42Ql+
r8fXX70janKNMIjua8/qFj4Q/CKDn1+Ojzt9XuN6ux+WfKsNoYTtkteIRj/JdQCk
zGquC/H2xooeCVZnrYM0xNnU1kSMGvtYzKDrm9o/11W2TuOvEi/PeLtC51PNAJYe
ecCT7h9f58ovWWLwIxrJA+tdYqoIY3701X0v7u8hLCs4IHuL+Xgfuete9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF5raUqAmAyoa8BFPAPymr+o/bAtMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWG10cFNvQ1lES2hyd0VVOEFfS2F2Nmo5c0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjj2AwQA
LVpgAwQALYNBAwQALYYnMA0GCSqGSIb3DQEBCwUAA4IBAQCjoI9hAPovUaq6zx+v
/3M/v7r/po/0Uk40Fi6rVAXbSGbYUVbLpDLeBkAZ9wV30WjK8GNYk5avqlEsXFg0
9hyELycVuQ7kbAkt26zecLW/z1bxGc0IoFnQ8pqn12IWsaJS465mlTgNLlSDytao
/f1TNZwhh5jeUcrL10vZLrl4yVuExi9YnynyMgH0DqLdhg9u+m3aMECfaa3OJHnO
H/tVvVbe52ZKLP1vgrJboQ991tdeTjPYTN+9FvG9CmcqmiHLw4GZv10JWlW9SHyK
yo2yL+/GKe2IA+VF4/7ADWMtVPL35GkijWBMcBcRFWi3xz4vKF68shUKU2sLtHY3
d6G+
-----END CERTIFICATE-----
Generated at Thu Oct 26 16:55:54 2023 by rpki-client on console-fra.rpki-client.org