Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xwrHsu3QG6kIjO78qa9dhJL7EsQ.roa
File: xwrHsu3QG6kIjO78qa9dhJL7EsQ.roa (raw, json)
Hash identifier: 62USMKzgZpONSFiVStywoZIrzUVFct9uvuwT7RyTtAc=
Subject key identifier: C7:0A:C7:B2:ED:D0:1B:A9:08:8C:EE:FC:A9:AF:5D:84:92:FB:12:C4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D8E5D9A472A65715673903BAFFA2DB527
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xwrHsu3QG6kIjO78qa9dhJL7EsQ.roa
Signing time: Fri 09 Feb 2024 14:55:15 +0000
ROA not before: Fri 09 Feb 2024 14:55:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.144.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 00:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:5d:9a:47:2a:65:71:56:73:90:3b:af:fa:2d:b5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 9 14:55:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c70ac7b2edd01ba9088ceefca9af5d8492fb12c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c7:a2:ff:4b:f7:a7:75:6a:10:25:dc:98:81:
60:d0:24:a5:b6:fe:e2:2d:37:0a:60:50:f7:db:fa:
17:6f:3e:86:46:c3:17:ab:8d:a3:31:56:18:40:32:
19:8d:f4:74:aa:44:ed:08:d8:90:70:26:38:c9:da:
52:dc:16:7e:6e:26:f0:74:a9:a6:9f:55:14:38:c2:
00:bc:2f:99:2e:8b:c5:05:39:70:fb:91:4d:ff:5f:
e4:68:7f:bd:0a:0c:c2:76:56:a7:88:fd:75:4d:17:
be:79:ca:d0:76:1d:02:22:df:6a:66:4e:b0:7e:80:
b7:3d:fb:a9:d4:ec:ac:d6:78:56:93:00:ed:5f:ce:
75:20:0e:2f:4b:3b:dc:29:2a:d6:42:af:bd:86:d5:
0f:3a:01:5f:99:58:02:02:7f:0a:c5:38:c9:73:f4:
ef:10:1b:ae:6d:70:38:e6:15:86:4f:9d:c8:19:d3:
2d:ec:43:e5:c1:39:98:0d:ce:79:15:70:2c:73:ce:
92:fd:4c:73:cb:9f:3b:38:16:1f:e6:c3:62:56:95:
e9:0b:1b:92:8a:fe:02:d7:3f:2b:0b:fc:47:b3:41:
d2:57:8b:62:fc:62:45:84:58:00:19:3b:0a:51:a1:
4e:19:e5:b3:f1:07:b3:b1:48:3e:90:67:6c:50:e7:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0A:C7:B2:ED:D0:1B:A9:08:8C:EE:FC:A9:AF:5D:84:92:FB:12:C4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xwrHsu3QG6kIjO78qa9dhJL7EsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.215.0/24
Signature Algorithm: sha256WithRSAEncryption
81:96:8c:c2:9c:ff:d8:bd:0b:be:ff:a5:24:37:32:bb:97:52:
fb:54:94:46:14:c9:ad:9b:6f:d4:06:9f:85:4b:87:a6:83:70:
fd:6d:f9:68:cb:61:b7:bb:af:5d:b4:5a:14:f7:41:08:8b:34:
80:ab:43:f9:d3:fb:ff:c0:58:d4:0f:9f:68:ea:45:eb:0a:fc:
fd:c6:4a:77:e8:da:4f:7b:b0:d8:6a:30:be:07:3b:47:72:44:
28:c4:3e:f3:46:70:8d:cc:06:c0:f8:b4:2c:7f:25:be:cc:27:
7d:75:ff:ef:74:6c:05:bb:57:89:f1:39:9b:b9:27:73:88:e9:
b5:b6:db:a0:9b:fa:1c:22:9a:0a:b9:0e:b4:e0:cd:09:a9:b0:
03:68:e9:39:d1:55:e1:4f:9a:4d:45:3c:6c:4e:2a:70:d4:4c:
e2:35:12:1a:6c:53:d5:31:9b:dc:46:25:87:dc:7b:8f:93:cf:
e2:7b:c5:80:eb:9f:95:40:74:9c:22:eb:da:99:56:52:82:8f:
a6:38:1e:f7:74:ea:59:19:e2:65:79:58:5c:d9:72:72:2d:54:
3c:fc:64:f5:30:9a:e4:f6:be:44:bf:98:61:5d:6e:e6:62:63:
ed:35:37:5f:e3:22:27:bb:a5:8f:16:67:37:65:05:4c:6f:a2:
2a:33:20:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2OXZpHKmVxVnOQO6/6LbUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjA5MTQ1NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBhYzdiMmVkZDAxYmE5MDg4Y2VlZmNhOWFmNWQ4NDkyZmIxMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMei/0v3p3VqECXcmIFg0CSltv7i
LTcKYFD32/oXbz6GRsMXq42jMVYYQDIZjfR0qkTtCNiQcCY4ydpS3BZ+bibwdKmm
n1UUOMIAvC+ZLovFBTlw+5FN/1/kaH+9CgzCdlaniP11TRe+ecrQdh0CIt9qZk6w
foC3Pfup1Oys1nhWkwDtX851IA4vSzvcKSrWQq+9htUPOgFfmVgCAn8KxTjJc/Tv
EBuubXA45hWGT53IGdMt7EPlwTmYDc55FXAsc86S/Uxzy587OBYf5sNiVpXpCxuS
iv4C1z8rC/xHs0HSV4ti/GJFhFgAGTsKUaFOGeWz8QezsUg+kGdsUOfbnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcKx7Lt0BupCIzu/KmvXYSS+xLEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveHdySHN1M1FHNmtJak83OHFhOWRoSkw3RXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZDXMA0G
CSqGSIb3DQEBCwUAA4IBAQCBlozCnP/YvQu+/6UkNzK7l1L7VJRGFMmtm2/UBp+F
S4emg3D9bfloy2G3u69dtFoU90EIizSAq0P50/v/wFjUD59o6kXrCvz9xkp36NpP
e7DYajC+BztHckQoxD7zRnCNzAbA+LQsfyW+zCd9df/vdGwFu1eJ8TmbuSdziOm1
ttugm/ocIpoKuQ604M0JqbADaOk50VXhT5pNRTxsTipw1EziNRIabFPVMZvcRiWH
3HuPk8/ie8WA65+VQHScIuvamVZSgo+mOB73dOpZGeJleVhc2XJyLVQ8/GT1MJrk
9r5Ev5hhXW7mYmPtNTdf4yInu6WPFmc3ZQVMb6IqMyD9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org