Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/28db82-bd8c-4e00-912a-e09801171b92/1/xH9WXrv5klrIgcHG6UV9C-4QruQ.roa
File: xH9WXrv5klrIgcHG6UV9C-4QruQ.roa (raw, json)
Hash identifier: AnMt3wdwBhXL/s/JcVdxMgQV04W8rD/3kQT/yenWJic=
Subject key identifier: C4:7F:56:5E:BB:F9:92:5A:C8:81:C1:C6:E9:45:7D:0B:EE:10:AE:E4
Certificate issuer: /CN=0046801e45ca1eed3f78d99277d0193f576665c7
Certificate serial: 018CC3B6980023FD335B225B7BC942B52E58
Authority key identifier: 00:46:80:1E:45:CA:1E:ED:3F:78:D9:92:77:D0:19:3F:57:66:65:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AEaAHkXKHu0_eNmSd9AZP1dmZcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/28db82-bd8c-4e00-912a-e09801171b92/1/xH9WXrv5klrIgcHG6UV9C-4QruQ.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42189
IP address blocks: 45.82.156.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:98:00:23:fd:33:5b:22:5b:7b:c9:42:b5:2e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0046801e45ca1eed3f78d99277d0193f576665c7
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c47f565ebbf9925ac881c1c6e9457d0bee10aee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:de:c2:18:80:14:42:99:fb:8f:3e:5a:b6:
b7:de:72:80:b8:a0:c2:e5:e2:5b:a2:7c:5d:a7:4b:
12:b9:7e:52:39:56:b0:40:a0:c0:5d:21:74:17:e2:
a9:a2:0d:49:ec:30:f5:1f:6e:26:5d:30:f8:64:b8:
69:c2:46:9d:c7:9b:77:04:76:1a:37:0f:cf:80:be:
b9:f0:85:cf:32:a8:ea:1c:df:45:cf:ea:1a:e8:66:
11:8e:13:78:d9:f4:c2:3e:55:29:2c:e6:05:fb:c5:
ff:93:80:33:98:62:9a:af:dc:0f:ce:c7:0d:ce:c2:
49:0c:18:e1:bc:95:74:d3:9e:cb:bc:27:87:54:9c:
ad:69:b3:1d:80:24:ae:ec:73:1a:dc:e8:a5:ae:65:
ce:09:21:6b:23:6d:80:7d:7c:35:0b:ca:74:1d:f7:
ef:42:ff:de:9b:04:54:74:cf:78:26:4c:82:7c:ba:
47:0a:3a:b6:9b:04:fb:2b:a5:66:ff:15:d1:77:db:
01:9f:4d:d6:92:bc:98:77:1a:e8:e5:f4:f8:59:9b:
61:d4:d4:cc:6f:3a:ca:c3:4c:3c:3e:49:4d:55:82:
b8:7b:53:a8:97:72:97:8b:a2:93:30:38:de:d5:91:
1a:cd:c6:b2:be:64:98:02:22:32:ba:ab:a9:92:2e:
45:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7F:56:5E:BB:F9:92:5A:C8:81:C1:C6:E9:45:7D:0B:EE:10:AE:E4
X509v3 Authority Key Identifier:
keyid:00:46:80:1E:45:CA:1E:ED:3F:78:D9:92:77:D0:19:3F:57:66:65:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEaAHkXKHu0_eNmSd9AZP1dmZcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/28db82-bd8c-4e00-912a-e09801171b92/1/xH9WXrv5klrIgcHG6UV9C-4QruQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/28db82-bd8c-4e00-912a-e09801171b92/1/AEaAHkXKHu0_eNmSd9AZP1dmZcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.156.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:11:c7:d7:3f:e8:b4:34:fa:fd:de:cb:7b:39:86:f3:e8:27:
cf:e5:14:51:81:be:28:af:78:f0:7c:1c:dc:3b:2a:58:df:ba:
c7:d5:6b:d4:5a:f6:91:88:f6:55:ab:c6:16:8a:56:b6:4e:99:
85:f5:37:aa:8e:dd:06:09:d5:f7:5f:e1:60:e6:89:81:ec:7a:
16:47:6b:6a:aa:ee:e7:8f:2b:d5:f7:88:c3:b6:87:ba:1c:78:
3f:16:39:f7:a4:a4:a2:45:5b:39:74:6b:de:27:19:64:e3:9a:
45:fe:59:b6:68:c1:38:6e:77:cb:2f:90:63:a6:4e:76:af:67:
60:b0:74:26:68:d3:ae:ad:65:76:41:c4:9d:c9:e5:b6:e3:d1:
af:fb:61:09:fa:33:8a:d8:d1:9f:ed:86:05:b6:df:91:b0:2c:
b4:9a:fc:75:8a:f2:cd:19:d6:78:13:8b:4f:06:86:4c:f4:ea:
51:12:6d:47:5e:bb:bc:47:80:2a:0e:3e:e5:12:8f:be:cd:17:
6d:e8:95:12:5f:d9:2c:7a:db:73:d0:80:18:f6:30:93:44:20:
4e:3b:ce:4a:f7:98:e2:f3:d5:69:df:2c:0d:a3:c0:44:26:28:
4b:93:ef:a1:0e:71:09:0f:75:d5:df:55:0b:c4:fa:98:c2:3b:
a2:09:53:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpgAI/0zWyJbe8lCtS5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDY4MDFlNDVjYTFlZWQzZjc4ZDk5Mjc3ZDAxOTNmNTc2
NjY1YzcwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdmNTY1ZWJiZjk5MjVhYzg4MWMxYzZlOTQ1N2QwYmVlMTBhZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZHewhiAFEKZ+48+Wra33nKAuKDC
5eJbonxdp0sSuX5SOVawQKDAXSF0F+Kpog1J7DD1H24mXTD4ZLhpwkadx5t3BHYa
Nw/PgL658IXPMqjqHN9Fz+oa6GYRjhN42fTCPlUpLOYF+8X/k4AzmGKar9wPzscN
zsJJDBjhvJV0057LvCeHVJytabMdgCSu7HMa3OilrmXOCSFrI22AfXw1C8p0Hffv
Qv/emwRUdM94JkyCfLpHCjq2mwT7K6Vm/xXRd9sBn03WkryYdxro5fT4WZth1NTM
bzrKw0w8PklNVYK4e1Ool3KXi6KTMDje1ZEazcayvmSYAiIyuqupki5FMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMR/Vl67+ZJayIHBxulFfQvuEK7kMB8GA1UdIwQY
MBaAFABGgB5Fyh7tP3jZknfQGT9XZmXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVhQUhrWEtIdTBfZU5tU2Q5QVpQMWRtWmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yOGRiODItYmQ4Yy00ZTAwLTkxMmEt
ZTA5ODAxMTcxYjkyLzEveEg5V1hydjVrbHJJZ2NIRzZVVjlDLTRRcnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yOGRiODItYmQ4Yy00ZTAwLTkxMmEtZTA5ODAxMTcxYjky
LzEvQUVhQUhrWEtIdTBfZU5tU2Q5QVpQMWRtWmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKcMA0G
CSqGSIb3DQEBCwUAA4IBAQDWEcfXP+i0NPr93st7OYbz6CfP5RRRgb4or3jwfBzc
OypY37rH1WvUWvaRiPZVq8YWila2TpmF9Teqjt0GCdX3X+Fg5omB7HoWR2tqqu7n
jyvV94jDtoe6HHg/Fjn3pKSiRVs5dGveJxlk45pF/lm2aME4bnfLL5Bjpk52r2dg
sHQmaNOurWV2QcSdyeW249Gv+2EJ+jOK2NGf7YYFtt+RsCy0mvx1ivLNGdZ4E4tP
BoZM9OpREm1HXru8R4AqDj7lEo++zRdt6JUSX9ksettz0IAY9jCTRCBOO85K95ji
89Vp3ywNo8BEJihLk++hDnEJD3XV31ULxPqYwjuiCVNG
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:33:19 2025 by rpki-client