Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/xAexINVjBaXhaHQ_mfPSm687aQA.roa
File: xAexINVjBaXhaHQ_mfPSm687aQA.roa (raw, json)
Hash identifier: O3/qjKdVcVHSMaOvbzhbWWy3x93bTjrX3GqACIix8oA=
Subject key identifier: C4:07:B1:20:D5:63:05:A5:E1:68:74:3F:99:F3:D2:9B:AF:3B:69:00
Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Certificate serial: 0189F64FC23BD376F9AB1FFB185B9F1BC670
Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/xAexINVjBaXhaHQ_mfPSm687aQA.roa
Signing time: Mon 14 Aug 2023 23:09:29 +0000
ROA not before: Mon 14 Aug 2023 23:09:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.11.172.0/23 maxlen: 23
45.11.174.0/24 maxlen: 24
45.11.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:4f:c2:3b:d3:76:f9:ab:1f:fb:18:5b:9f:1b:c6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Validity
Not Before: Aug 14 23:09:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c407b120d56305a5e168743f99f3d29baf3b6900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:e0:4a:dd:44:7d:4c:29:82:c5:b3:ef:cc:
44:73:e3:62:17:4e:14:79:42:70:32:11:3f:39:ef:
a9:d2:e3:bd:a0:8b:a5:30:d0:09:b3:53:3f:55:0e:
d8:fd:07:e4:72:34:15:38:2e:2b:a8:35:3e:cb:b2:
a6:57:50:15:a1:b0:a6:4b:38:fb:34:21:e0:d0:b1:
5a:18:de:3a:5e:60:3b:fe:8a:e3:c9:89:e3:99:34:
a0:26:d6:6d:a1:07:0f:75:16:3a:2e:75:4f:4b:37:
8d:b3:6e:06:d1:ec:e0:99:23:79:b7:d8:28:83:ed:
77:12:5f:2b:a0:5a:fc:1a:a3:ca:10:c5:09:b2:8c:
8c:62:11:33:b8:38:fe:cd:54:90:5c:49:b3:ab:f7:
62:b9:88:ab:a7:84:4f:a8:18:a7:65:88:b0:cc:f7:
22:67:d9:97:b7:b8:c6:77:aa:ad:06:22:57:40:d6:
4f:cd:0f:1a:2c:2c:54:1d:80:82:57:e9:13:2d:01:
48:67:84:2b:44:94:13:73:d6:20:76:6f:2c:e2:4b:
69:67:c4:58:62:71:9a:c8:5b:b9:f1:25:c4:9f:e0:
39:97:26:85:76:94:6c:f0:f4:2b:57:bb:91:e5:ea:
0e:31:30:d9:1c:bd:c5:42:b2:98:7c:93:07:52:06:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:07:B1:20:D5:63:05:A5:E1:68:74:3F:99:F3:D2:9B:AF:3B:69:00
X509v3 Authority Key Identifier:
keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/xAexINVjBaXhaHQ_mfPSm687aQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:fe:d1:49:04:a0:f8:c2:55:88:7c:60:d1:ef:58:68:10:6a:
38:28:e4:9c:77:37:7b:f5:65:01:de:59:12:b3:60:88:0f:95:
7a:a4:bc:68:cf:88:15:76:fb:48:e8:b3:32:d8:05:d2:b7:dc:
08:14:fa:8e:cf:23:61:60:fb:d0:7c:4b:e6:d5:b0:3a:d5:d9:
a1:41:ca:4b:e2:69:84:70:17:4a:a0:0d:9a:82:0f:9b:7e:09:
25:83:ec:34:38:03:3f:ce:5d:59:48:81:bc:48:b8:b0:fd:a5:
21:36:85:3b:45:34:64:0a:4c:7d:cf:32:a0:e6:88:ab:79:16:
5f:93:c0:06:6e:f4:bc:4b:b6:73:7a:71:5f:2d:25:d2:b5:ee:
77:87:d5:73:3d:e2:6f:a0:b6:d8:a9:b1:7d:a2:a5:aa:c6:44:
d0:7a:fb:dc:ee:96:ad:e9:44:4b:ac:d0:21:0f:1c:d8:c0:39:
46:c5:00:bb:5e:36:f7:d4:78:7c:74:b9:9f:fb:d4:f6:86:97:
30:21:ed:6b:f2:86:0a:73:10:f4:99:43:83:df:5c:39:35:9d:
9e:9f:c0:a8:18:97:06:28:92:c2:9b:30:5c:da:50:6e:26:b7:
10:fb:f6:fc:87:6e:3d:63:01:ad:93:10:e7:32:60:ec:d4:4a:
09:f1:11:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn2T8I703b5qx/7GFufG8ZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk
NTk3MmIwHhcNMjMwODE0MjMwOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA3YjEyMGQ1NjMwNWE1ZTE2ODc0M2Y5OWYzZDI5YmFmM2I2OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8fgSt1EfUwpgsWz78xEc+NiF04U
eUJwMhE/Oe+p0uO9oIulMNAJs1M/VQ7Y/QfkcjQVOC4rqDU+y7KmV1AVobCmSzj7
NCHg0LFaGN46XmA7/orjyYnjmTSgJtZtoQcPdRY6LnVPSzeNs24G0ezgmSN5t9go
g+13El8roFr8GqPKEMUJsoyMYhEzuDj+zVSQXEmzq/diuYirp4RPqBinZYiwzPci
Z9mXt7jGd6qtBiJXQNZPzQ8aLCxUHYCCV+kTLQFIZ4QrRJQTc9Ygdm8s4ktpZ8RY
YnGayFu58SXEn+A5lyaFdpRs8PQrV7uR5eoOMTDZHL3FQrKYfJMHUgaRNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQHsSDVYwWl4Wh0P5nz0puvO2kAMB8GA1UdIwQY
MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt
NjNiMzM4MDhhNmE4LzEveEFleElOVmpCYVhoYUhRX21mUFNtNjg3YVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4
LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQusMA0G
CSqGSIb3DQEBCwUAA4IBAQCw/tFJBKD4wlWIfGDR71hoEGo4KOScdzd79WUB3lkS
s2CID5V6pLxoz4gVdvtI6LMy2AXSt9wIFPqOzyNhYPvQfEvm1bA61dmhQcpL4mmE
cBdKoA2agg+bfgklg+w0OAM/zl1ZSIG8SLiw/aUhNoU7RTRkCkx9zzKg5oireRZf
k8AGbvS8S7ZzenFfLSXSte53h9VzPeJvoLbYqbF9oqWqxkTQevvc7pat6URLrNAh
DxzYwDlGxQC7Xjb31Hh8dLmf+9T2hpcwIe1r8oYKcxD0mUOD31w5NZ2en8CoGJcG
KJLCmzBc2lBuJrcQ+/b8h249YwGtkxDnMmDs1EoJ8RHN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:42 2024 by rpki-client on console-ams.rpki-client.org