Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/1xzEwQScxc8ex4HTC-3meM2jtHk.roa
File: 1xzEwQScxc8ex4HTC-3meM2jtHk.roa (raw, json)
Hash identifier: bDRnJdynG9aeKdqaG0TTo6fowJQzJIEjJbhF/d+nVBQ=
Subject key identifier: D7:1C:C4:C1:04:9C:C5:CF:1E:C7:81:D3:0B:ED:E6:78:CD:A3:B4:79
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018C8D984E9925EA65CAAD332423860165CA
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/1xzEwQScxc8ex4HTC-3meM2jtHk.roa
Signing time: Thu 21 Dec 2023 18:16:58 +0000
ROA not before: Thu 21 Dec 2023 18:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.153.124.0/24 maxlen: 24
91.217.162.0/24 maxlen: 24
91.217.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:98:4e:99:25:ea:65:ca:ad:33:24:23:86:01:65:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Dec 21 18:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d71cc4c1049cc5cf1ec781d30bede678cda3b479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5f:c3:38:34:b8:ec:a4:ee:01:1e:da:da:d1:
38:a4:8f:06:b5:49:3d:71:c1:b8:15:95:d4:19:db:
df:ac:57:9d:0c:6c:85:41:f4:06:4f:c5:40:7d:84:
37:cb:e0:c6:57:d4:ec:fa:fd:e9:5b:84:14:02:cc:
dd:9c:ad:2c:86:20:fc:4a:1f:f8:22:95:36:bb:6d:
36:f9:1a:db:3d:06:10:be:dd:3f:2d:5e:f2:ea:82:
e0:c7:96:92:5d:62:f7:8e:e3:b9:50:16:98:02:f3:
70:d4:23:d5:44:91:31:d6:c4:b1:4f:90:24:71:69:
cb:d5:a3:52:2e:8b:1f:19:a5:85:9e:08:4d:36:05:
45:47:22:fd:06:93:d0:29:6a:1d:04:af:ae:50:ff:
de:a4:5c:ac:5a:95:68:0e:1c:66:b1:8c:27:56:ad:
7e:18:0e:24:a6:a6:73:4e:e0:64:47:1a:39:35:9a:
85:a1:a2:6f:b3:75:4c:6a:92:d4:e3:76:a9:45:5a:
e0:3f:db:fc:55:14:6d:c6:b9:76:cc:6c:85:92:e6:
fc:b4:01:95:c9:e1:5b:f9:36:e1:fa:df:a1:d3:aa:
38:cd:67:b6:cb:a6:9b:f5:55:d8:71:8d:ef:7d:7d:
58:45:87:27:f9:8f:2d:93:67:85:6c:5e:1f:cd:09:
1f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1C:C4:C1:04:9C:C5:CF:1E:C7:81:D3:0B:ED:E6:78:CD:A3:B4:79
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/1xzEwQScxc8ex4HTC-3meM2jtHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
91.217.162.0/24
91.217.167.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:05:b9:dd:13:51:84:67:88:eb:2f:83:87:25:a8:0c:f8:ab:
ad:c8:2f:41:a6:45:53:2c:73:b8:d8:11:10:04:24:24:bf:da:
21:cf:fa:96:ca:9e:de:5d:6a:a0:3a:93:cd:31:23:d7:df:6f:
55:fc:eb:65:2b:ca:b3:8b:79:92:f3:63:93:6d:aa:7f:e9:53:
b2:94:5b:27:bf:76:75:9e:96:4a:3c:c8:a2:2e:93:c1:6b:03:
77:fc:26:fd:63:41:0a:c0:a1:c4:0a:02:bb:31:1a:c9:7e:2c:
97:20:ea:47:37:5e:3c:fe:a9:45:f8:d3:b8:e1:f9:a3:e4:2e:
c8:f4:e3:25:2e:9a:ba:22:d1:db:13:7d:c5:e5:6c:f5:60:95:
8f:8e:fd:04:6d:07:92:66:b3:f2:94:d7:08:45:5c:97:2d:f3:
05:b1:2a:15:2e:dc:1f:bb:3c:a4:61:14:9d:bc:61:a2:4c:33:
73:e8:5c:10:f9:01:26:88:1a:39:47:47:63:d7:9b:12:3b:00:
d0:eb:b1:78:5f:89:a4:3b:05:58:45:f3:0e:78:64:4f:ed:5d:
25:72:b8:09:35:80:7e:55:e4:32:33:1f:67:ca:74:14:c7:3c:
58:aa:4c:91:ab:aa:81:e9:46:c0:dc:e4:99:39:dc:ea:3b:9a:
0e:cb:e2:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyNmE6ZJeplyq0zJCOGAWXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMxMjIxMTgxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFjYzRjMTA0OWNjNWNmMWVjNzgxZDMwYmVkZTY3OGNkYTNiNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF/DODS47KTuAR7a2tE4pI8GtUk9
ccG4FZXUGdvfrFedDGyFQfQGT8VAfYQ3y+DGV9Ts+v3pW4QUAszdnK0shiD8Sh/4
IpU2u202+RrbPQYQvt0/LV7y6oLgx5aSXWL3juO5UBaYAvNw1CPVRJEx1sSxT5Ak
cWnL1aNSLosfGaWFnghNNgVFRyL9BpPQKWodBK+uUP/epFysWpVoDhxmsYwnVq1+
GA4kpqZzTuBkRxo5NZqFoaJvs3VMapLU43apRVrgP9v8VRRtxrl2zGyFkub8tAGV
yeFb+Tbh+t+h06o4zWe2y6ab9VXYcY3vfX1YRYcn+Y8tk2eFbF4fzQkfIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNccxMEEnMXPHseB0wvt5njNo7R5MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvMXh6RXdRU2N4YzhleDRIVEMtM21lTTJqdEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZl8AwQA
W9miAwQAW9mnMA0GCSqGSIb3DQEBCwUAA4IBAQClBbndE1GEZ4jrL4OHJagM+Kut
yC9BpkVTLHO42BEQBCQkv9ohz/qWyp7eXWqgOpPNMSPX329V/OtlK8qzi3mS82OT
bap/6VOylFsnv3Z1npZKPMiiLpPBawN3/Cb9Y0EKwKHECgK7MRrJfiyXIOpHN148
/qlF+NO44fmj5C7I9OMlLpq6ItHbE33F5Wz1YJWPjv0EbQeSZrPylNcIRVyXLfMF
sSoVLtwfuzykYRSdvGGiTDNz6FwQ+QEmiBo5R0dj15sSOwDQ67F4X4mkOwVYRfMO
eGRP7V0lcrgJNYB+VeQyMx9nynQUxzxYqkyRq6qB6UbA3OSZOdzqO5oOy+Kb
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:13 2024 by rpki-client on console-fra.rpki-client.org