Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/Xc-hzPo31Pd8KWf_lQ8d6djVT9U.roa
File: Xc-hzPo31Pd8KWf_lQ8d6djVT9U.roa (raw, json)
Hash identifier: c+DlVSvLOvBEdOmLJO/l2qBEletkfYCxgjUnMlMdz1U=
Subject key identifier: 5D:CF:A1:CC:FA:37:D4:F7:7C:29:67:FF:95:0F:1D:E9:D8:D5:4F:D5
Certificate issuer: /CN=67ea698abcdee10dca9d6703a56e87a6b359bfcc
Certificate serial: 0185AAC13F6B305C58F719C8FA14C836E3BC
Authority key identifier: 67:EA:69:8A:BC:DE:E1:0D:CA:9D:67:03:A5:6E:87:A6:B3:59:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-ppirze4Q3KnWcDpW6HprNZv8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/Xc-hzPo31Pd8KWf_lQ8d6djVT9U.roa
Signing time: Fri 13 Jan 2023 10:51:09 +0000
ROA not before: Fri 13 Jan 2023 10:51:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21221
IP address blocks: 45.14.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:c1:3f:6b:30:5c:58:f7:19:c8:fa:14:c8:36:e3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67ea698abcdee10dca9d6703a56e87a6b359bfcc
Validity
Not Before: Jan 13 10:51:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dcfa1ccfa37d4f77c2967ff950f1de9d8d54fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:01:c8:59:b8:6c:75:08:0b:32:3c:ea:bb:0d:
49:2f:8c:cc:a1:a7:98:b1:3e:51:e3:99:71:96:b5:
63:d7:2a:0a:35:67:ea:7d:6d:7e:55:73:6f:ef:e2:
9f:17:29:7e:60:6c:cb:13:c4:f6:09:dd:3e:00:29:
60:df:85:48:d4:9c:7e:8e:f9:65:6d:53:bc:9a:e1:
9b:0e:9e:5d:d7:a8:63:fa:43:17:7d:11:ad:ac:35:
0b:92:d9:cf:14:e0:a0:85:31:90:83:1a:23:25:f8:
be:e7:6f:ab:a8:8f:79:6d:c2:35:52:8e:5c:3f:01:
8b:8c:65:f3:40:91:8c:90:94:08:79:ce:35:df:bb:
bd:83:6e:54:70:39:ca:c0:5c:b2:4a:f7:e4:95:f8:
b9:c3:c5:8e:ef:11:57:d1:4d:2a:ab:c2:c7:80:0c:
6f:63:5b:5d:f0:7f:0e:24:29:6c:59:d8:cf:dd:56:
dd:51:30:a7:99:f0:db:bb:3b:fa:31:12:d3:c4:ce:
fa:82:9d:bc:0a:3e:3c:78:b2:e1:43:5d:28:59:23:
11:07:6a:8c:a8:52:02:9e:ed:97:0b:d9:fd:da:74:
86:cc:79:d2:00:12:85:92:80:62:ae:3a:44:66:3c:
14:5c:8e:a8:29:0a:8e:d0:6d:ca:0a:5a:f8:f2:92:
42:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CF:A1:CC:FA:37:D4:F7:7C:29:67:FF:95:0F:1D:E9:D8:D5:4F:D5
X509v3 Authority Key Identifier:
keyid:67:EA:69:8A:BC:DE:E1:0D:CA:9D:67:03:A5:6E:87:A6:B3:59:BF:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-ppirze4Q3KnWcDpW6HprNZv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/Xc-hzPo31Pd8KWf_lQ8d6djVT9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/Z-ppirze4Q3KnWcDpW6HprNZv8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.3.0/24
Signature Algorithm: sha256WithRSAEncryption
75:2e:a5:4e:0d:47:c4:6a:94:fd:ee:29:bc:db:c8:8e:78:dc:
67:24:12:1c:75:ee:73:b5:59:b9:8b:6c:b8:bd:02:46:be:67:
97:24:69:66:f0:6a:99:e4:65:d9:9e:59:e7:15:91:2c:e6:7c:
15:35:91:aa:a5:9d:c0:24:cd:89:b3:97:d4:96:42:f2:d6:27:
73:28:5b:46:c5:d9:39:22:3d:c6:af:d9:cb:d4:5f:d4:a6:c9:
7c:09:54:55:90:ce:bf:27:4b:88:98:c7:a7:e6:22:03:47:98:
33:55:b3:4b:01:65:54:60:d2:3b:bf:fb:d9:00:e8:29:87:37:
95:19:91:2a:63:88:35:52:86:93:66:81:88:fb:29:ff:7d:13:
8d:07:c5:3d:52:b6:22:31:a9:c7:78:2d:f7:3f:89:99:ff:29:
87:da:83:f8:03:51:64:c5:a0:4a:0d:a2:af:c8:11:18:5e:de:
7b:e8:25:25:c5:d9:c1:47:60:11:81:84:c2:23:fb:af:f0:ce:
9d:d5:39:14:41:1d:d2:4f:f9:da:0f:cd:1b:98:03:6f:6d:e5:
31:d1:7a:33:86:0d:4b:87:60:39:5d:10:7a:d6:f1:e3:43:7b:
80:e3:ea:bf:2c:bb:c5:c7:c3:13:b8:a8:7b:cd:70:f7:54:a8:
61:5a:87:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWqwT9rMFxY9xnI+hTINuO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZWE2OThhYmNkZWUxMGRjYTlkNjcwM2E1NmU4N2E2YjM1
OWJmY2MwHhcNMjMwMTEzMTA1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNmYTFjY2ZhMzdkNGY3N2MyOTY3ZmY5NTBmMWRlOWQ4ZDU0ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQHIWbhsdQgLMjzquw1JL4zMoaeY
sT5R45lxlrVj1yoKNWfqfW1+VXNv7+KfFyl+YGzLE8T2Cd0+AClg34VI1Jx+jvll
bVO8muGbDp5d16hj+kMXfRGtrDULktnPFOCghTGQgxojJfi+52+rqI95bcI1Uo5c
PwGLjGXzQJGMkJQIec4137u9g25UcDnKwFyySvfklfi5w8WO7xFX0U0qq8LHgAxv
Y1td8H8OJClsWdjP3VbdUTCnmfDbuzv6MRLTxM76gp28Cj48eLLhQ10oWSMRB2qM
qFICnu2XC9n92nSGzHnSABKFkoBirjpEZjwUXI6oKQqO0G3KClr48pJCsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3Pocz6N9T3fCln/5UPHenY1U/VMB8GA1UdIwQY
MBaAFGfqaYq83uENyp1nA6Vuh6azWb/MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1wcGlyemU0UTNLbldjRHBXNkhwck5adjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMzIyYmEtYzk2NC00NjViLTg5ODkt
YjMyZDk3NGMyMTBlLzEvWGMtaHpQbzMxUGQ4S1dmX2xROGQ2ZGpWVDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMzIyYmEtYzk2NC00NjViLTg5ODktYjMyZDk3NGMyMTBl
LzEvWi1wcGlyemU0UTNLbldjRHBXNkhwck5adjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ4DMA0G
CSqGSIb3DQEBCwUAA4IBAQB1LqVODUfEapT97im828iOeNxnJBIcde5ztVm5i2y4
vQJGvmeXJGlm8GqZ5GXZnlnnFZEs5nwVNZGqpZ3AJM2Js5fUlkLy1idzKFtGxdk5
Ij3Gr9nL1F/Upsl8CVRVkM6/J0uImMen5iIDR5gzVbNLAWVUYNI7v/vZAOgphzeV
GZEqY4g1UoaTZoGI+yn/fRONB8U9UrYiManHeC33P4mZ/ymH2oP4A1FkxaBKDaKv
yBEYXt576CUlxdnBR2ARgYTCI/uv8M6d1TkUQR3ST/naD80bmANvbeUx0Xozhg1L
h2A5XRB61vHjQ3uA4+q/LLvFx8MTuKh7zXD3VKhhWod7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org