Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/H0Xt_LYQ243DIgEfR992q26X5h4.roa
File: H0Xt_LYQ243DIgEfR992q26X5h4.roa (raw, json)
Hash identifier: gEiUJjGDTDAdS22e2cpQGnI+TUQ6j9mUPvGoO8/ha6w=
Subject key identifier: 1F:45:ED:FC:B6:10:DB:8D:C3:22:01:1F:47:DF:76:AB:6E:97:E6:1E
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018DE05E3B7FBB881AF02BCD3D46D63D759E
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/H0Xt_LYQ243DIgEfR992q26X5h4.roa
Signing time: Sun 25 Feb 2024 13:04:48 +0000
ROA not before: Sun 25 Feb 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 171.22.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 14:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e0:5e:3b:7f:bb:88:1a:f0:2b:cd:3d:46:d6:3d:75:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Feb 25 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f45edfcb610db8dc322011f47df76ab6e97e61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:74:30:61:c6:3d:f4:32:e5:d0:e1:24:43:53:
fc:74:37:6e:36:ca:ed:af:56:ff:66:a0:4c:dc:e7:
61:c2:90:30:3d:15:68:a1:b4:a8:ac:5a:1c:f0:95:
d6:9d:6d:eb:97:35:1f:74:f9:5a:38:41:7c:5f:e6:
90:af:cb:e0:5c:49:47:9f:18:cb:ca:86:85:61:b1:
18:f3:d3:fe:35:29:4e:b3:84:dd:58:a6:74:cd:77:
d6:47:a0:b4:e2:a4:30:69:6e:24:90:7f:8c:c6:52:
51:a5:43:e0:10:e3:2f:f8:a4:ab:2a:1a:97:b0:47:
83:94:e1:65:3b:18:af:06:43:8b:0f:38:13:14:6f:
5c:55:e1:98:fa:5e:97:29:21:a8:c8:8a:7b:b4:dc:
f9:22:4a:76:55:91:13:6b:a4:3b:b0:05:e1:60:54:
a5:8e:c9:09:9f:5c:57:0d:c4:16:42:98:e0:9d:c7:
70:7b:bf:eb:b9:aa:d7:51:1a:fd:26:44:d5:c9:43:
e7:84:7f:59:6f:3d:27:31:96:3b:d5:21:3e:b7:8e:
1f:89:47:94:c9:3b:a9:64:99:66:14:8f:2a:a6:89:
f0:f4:39:b0:50:38:e1:af:d1:88:63:48:fd:4e:8d:
c1:a8:b7:0e:57:19:df:1f:48:cb:82:68:a5:8c:cc:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:45:ED:FC:B6:10:DB:8D:C3:22:01:1F:47:DF:76:AB:6E:97:E6:1E
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/H0Xt_LYQ243DIgEfR992q26X5h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.60.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d3:47:62:20:56:5b:34:8b:70:a9:d6:3b:c5:95:24:07:3a:
26:22:da:c5:15:fe:b1:ea:78:dd:5a:2c:38:6b:4a:f3:34:b0:
e7:b5:ce:eb:63:5f:39:13:f0:5c:9a:44:a4:13:c8:20:e4:70:
8b:aa:76:a6:44:e3:6f:d1:36:ca:6a:9e:cd:e8:f2:5c:3c:f2:
17:62:66:2b:6d:f4:74:3e:c2:b2:5a:46:1b:d8:cb:05:7b:d3:
bc:16:5f:22:c9:54:5d:ec:4d:92:de:92:cf:5e:0d:4d:77:a4:
c4:8d:e8:55:e6:d8:c3:73:d4:bc:72:f6:e1:dc:04:e2:e3:5a:
35:a7:7a:44:e5:cb:40:a4:d2:9d:49:d2:d2:3d:09:17:fc:74:
7d:6b:6b:05:db:3b:92:b9:2c:61:98:b6:c6:c0:cd:0d:ed:f4:
a3:44:be:a5:ae:3a:3b:12:34:01:7a:e8:14:f4:d8:ce:34:18:
ea:9c:de:ca:1a:10:ae:22:68:17:e6:95:a7:da:df:aa:cf:b4:
88:cb:79:0f:83:60:40:93:37:61:e6:fd:26:0a:19:8c:44:89:
ef:22:45:0e:8e:76:43:9c:35:86:5b:15:e6:a9:d3:14:8a:3a:
8c:e2:fc:c5:91:09:51:c6:b7:fc:a9:89:e5:5b:df:a1:52:cf:
15:85:5b:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3gXjt/u4ga8CvNPUbWPXWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMjI1MTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ1ZWRmY2I2MTBkYjhkYzMyMjAxMWY0N2RmNzZhYjZlOTdlNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nQwYcY99DLl0OEkQ1P8dDduNsrt
r1b/ZqBM3OdhwpAwPRVoobSorFoc8JXWnW3rlzUfdPlaOEF8X+aQr8vgXElHnxjL
yoaFYbEY89P+NSlOs4TdWKZ0zXfWR6C04qQwaW4kkH+MxlJRpUPgEOMv+KSrKhqX
sEeDlOFlOxivBkOLDzgTFG9cVeGY+l6XKSGoyIp7tNz5Ikp2VZETa6Q7sAXhYFSl
jskJn1xXDcQWQpjgncdwe7/ruarXURr9JkTVyUPnhH9Zbz0nMZY71SE+t44fiUeU
yTupZJlmFI8qponw9DmwUDjhr9GIY0j9To3BqLcOVxnfH0jLgmiljMyYYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9F7fy2ENuNwyIBH0ffdqtul+YeMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvSDBYdF9MWVEyNDNESWdFZlI5OTJxMjZYNWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxY8MA0G
CSqGSIb3DQEBCwUAA4IBAQBE00diIFZbNItwqdY7xZUkBzomItrFFf6x6njdWiw4
a0rzNLDntc7rY185E/BcmkSkE8gg5HCLqnamRONv0TbKap7N6PJcPPIXYmYrbfR0
PsKyWkYb2MsFe9O8Fl8iyVRd7E2S3pLPXg1Nd6TEjehV5tjDc9S8cvbh3ATi41o1
p3pE5ctApNKdSdLSPQkX/HR9a2sF2zuSuSxhmLbGwM0N7fSjRL6lrjo7EjQBeugU
9NjONBjqnN7KGhCuImgX5pWn2t+qz7SIy3kPg2BAkzdh5v0mChmMRInvIkUOjnZD
nDWGWxXmqdMUijqM4vzFkQlRxrf8qYnlW9+hUs8VhVu6
-----END CERTIFICATE-----
Generated at Wed Mar 13 19:59:47 2024 by rpki-client on console-ams.rpki-client.org