Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa
File: XOjDJ5ptdyCQhRgSfMOum-l516g.roa (raw, json)
Hash identifier: 5F2SzKkE8v9WEkLBjgcxjT1YfnUiPHaap1Glz03Kmdw=
Subject key identifier: 5C:E8:C3:27:9A:6D:77:20:90:85:18:12:7C:C3:AE:9B:E9:79:D7:A8
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018DC972CBD4A5BD5D0A293E8B56A0A11C96
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa
Signing time: Wed 21 Feb 2024 02:16:00 +0000
ROA not before: Wed 21 Feb 2024 02:16:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 45.153.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c9:72:cb:d4:a5:bd:5d:0a:29:3e:8b:56:a0:a1:1c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Feb 21 02:16:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ce8c3279a6d7720908518127cc3ae9be979d7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d0:18:23:5c:72:2c:79:5a:03:d7:c8:bd:06:
65:ef:3e:fc:57:dd:5c:97:77:a0:fb:ba:d9:2b:cf:
1a:56:2e:81:c8:df:c5:fc:75:e6:8b:f7:1b:51:f5:
4c:92:a8:57:ba:1b:a5:4d:2d:97:81:a6:27:c6:1f:
ff:36:56:5f:47:dd:c1:29:14:11:fb:cd:68:10:d7:
26:b9:6e:ed:87:b5:99:6b:0c:4b:c5:54:dd:c5:46:
91:b8:9a:2d:70:62:c8:11:04:01:80:80:19:1c:fc:
a6:e2:69:3c:59:62:a2:84:04:0c:f8:3e:92:e0:db:
3e:e3:21:6f:78:ca:86:c3:96:12:37:a4:ff:8e:e0:
fe:4f:3b:1e:11:2c:47:e7:98:c9:7f:91:86:a9:ce:
b7:9d:65:c7:b0:51:b6:f9:29:7c:d2:f9:d4:5a:7c:
9a:b1:4e:bd:a2:b2:ee:11:05:7b:66:ee:d5:11:18:
88:f9:4a:61:7a:d2:e9:3b:df:78:b5:e2:a3:18:fd:
a6:33:2e:b0:8f:26:af:33:f5:2e:fd:6e:bf:5c:c5:
3d:25:93:8c:57:54:81:c1:92:92:47:82:99:9e:f3:
f1:fd:c1:38:9a:0e:4c:37:b0:bc:cb:e1:57:4b:59:
d9:b3:bd:d6:12:31:f8:90:4b:d7:92:fd:64:4a:af:
04:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E8:C3:27:9A:6D:77:20:90:85:18:12:7C:C3:AE:9B:E9:79:D7:A8
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
Signature Algorithm: sha256WithRSAEncryption
92:35:79:21:fa:ea:72:5c:19:c3:28:a9:f9:18:43:d7:80:05:
bc:9d:f3:7f:05:71:33:19:e0:80:15:aa:63:f8:75:c1:8a:17:
0c:fd:3b:19:e0:21:bc:f1:4a:d0:cb:02:e4:d5:d2:d1:16:dd:
b2:5d:c8:fa:89:c2:b7:39:1a:84:fa:10:5d:38:fc:b0:f5:b4:
73:d7:73:1c:fd:29:c5:0e:8c:c7:d4:f0:18:20:dd:6b:6b:f3:
5b:59:95:b5:a8:5b:0b:47:45:5e:18:27:00:e1:bc:38:7a:4a:
93:40:67:22:68:a8:ef:0e:e4:a1:ce:80:1f:78:5f:4f:89:f7:
5f:16:a0:cb:92:c5:a0:fc:21:83:46:d4:da:b8:6c:20:fa:78:
38:a3:2c:a8:aa:23:3e:f4:76:80:d5:12:7e:15:95:c9:6a:d7:
ff:df:92:13:c1:de:59:f5:47:b9:0f:c2:04:76:ca:af:72:c0:
9f:c4:5f:dc:29:fc:4e:84:3f:0f:94:65:6c:29:a9:d7:21:54:
f5:8c:50:8c:29:11:c2:2d:d2:ff:29:bc:ac:17:9e:23:9d:c4:
1e:97:aa:86:22:06:d5:52:f1:ee:a7:30:1e:d5:ec:e8:c1:08:
5a:b4:c7:16:68:fe:8e:e0:29:8b:16:c1:16:5b:6b:45:31:15:
57:b2:77:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3JcsvUpb1dCik+i1agoRyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMjIxMDIxNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U4YzMyNzlhNmQ3NzIwOTA4NTE4MTI3Y2MzYWU5YmU5NzlkN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNAYI1xyLHlaA9fIvQZl7z78V91c
l3eg+7rZK88aVi6ByN/F/HXmi/cbUfVMkqhXuhulTS2XgaYnxh//NlZfR93BKRQR
+81oENcmuW7th7WZawxLxVTdxUaRuJotcGLIEQQBgIAZHPym4mk8WWKihAQM+D6S
4Ns+4yFveMqGw5YSN6T/juD+TzseESxH55jJf5GGqc63nWXHsFG2+Sl80vnUWnya
sU69orLuEQV7Zu7VERiI+UphetLpO994teKjGP2mMy6wjyavM/Uu/W6/XMU9JZOM
V1SBwZKSR4KZnvPx/cE4mg5MN7C8y+FXS1nZs73WEjH4kEvXkv1kSq8ExQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzowyeabXcgkIUYEnzDrpvpedeoMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvWE9qREo1cHRkeUNRaFJnU2ZNT3VtLWw1MTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZl8MA0G
CSqGSIb3DQEBCwUAA4IBAQCSNXkh+upyXBnDKKn5GEPXgAW8nfN/BXEzGeCAFapj
+HXBihcM/TsZ4CG88UrQywLk1dLRFt2yXcj6icK3ORqE+hBdOPyw9bRz13Mc/SnF
DozH1PAYIN1ra/NbWZW1qFsLR0VeGCcA4bw4ekqTQGciaKjvDuShzoAfeF9Pifdf
FqDLksWg/CGDRtTauGwg+ng4oyyoqiM+9HaA1RJ+FZXJatf/35ITwd5Z9Ue5D8IE
dsqvcsCfxF/cKfxOhD8PlGVsKanXIVT1jFCMKRHCLdL/KbysF54jncQel6qGIgbV
UvHupzAe1ezowQhatMcWaP6O4CmLFsEWW2tFMRVXsnck
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:44 2024 by rpki-client on console-ams.rpki-client.org