Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Hxr6fcrcqf4nxSB0kxDr-GGKZ-0.roa
File: Hxr6fcrcqf4nxSB0kxDr-GGKZ-0.roa (raw, json)
Hash identifier: Sxs9GMHkwe+WWT1hpvjQp4X6hqYhtOQht9TyyrFvtUA=
Subject key identifier: 1F:1A:FA:7D:CA:DC:A9:FE:27:C5:20:74:93:10:EB:F8:61:8A:67:ED
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A931533753974E20FC9E49328237591
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Hxr6fcrcqf4nxSB0kxDr-GGKZ-0.roa
Signing time: Mon 05 Feb 2024 18:41:16 +0000
ROA not before: Mon 05 Feb 2024 18:41:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 45.67.120.0/22 maxlen: 22
45.148.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 29 Feb 2024 08:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:15:33:75:39:74:e2:0f:c9:e4:93:28:23:75:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f1afa7dcadca9fe27c520749310ebf8618a67ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c6:73:b0:72:57:15:e9:c0:06:7b:7a:76:2b:
b3:ff:4a:a5:7b:5d:ac:f1:b9:c5:67:fa:c0:c6:bc:
f3:f8:53:f2:d5:55:ac:b3:96:89:80:fb:08:54:cd:
48:4e:4c:ad:33:b3:e4:56:e2:f5:41:3e:b3:b9:53:
d9:92:91:5e:91:c6:60:7a:7b:7d:f3:44:ca:ca:43:
c7:73:1f:00:9f:72:68:d5:15:94:86:af:2e:b5:0a:
66:9d:47:bb:62:0e:12:3d:c7:01:a6:5a:16:61:22:
fb:ba:b7:fa:99:3a:06:23:28:b7:6c:bf:66:59:40:
85:75:b6:1b:9b:d2:b4:7e:1f:a6:7e:70:9d:ec:f8:
87:c7:46:6b:d8:12:62:f6:b8:30:61:09:92:62:51:
7d:9c:01:bb:35:35:89:d6:ba:6d:10:e7:09:42:1e:
33:73:88:be:0c:49:3d:85:36:e3:6a:c6:9f:14:4b:
04:e9:f2:9c:af:6e:64:99:cd:44:76:fc:fc:9c:b8:
74:06:ac:df:28:9b:67:4c:6b:02:c1:39:32:64:ba:
47:38:b1:6c:3b:9a:24:1c:6d:9a:03:8e:fe:fd:35:
e2:ec:d1:b2:20:38:6e:81:4d:3b:b1:5f:13:0e:51:
15:ce:2f:e5:35:54:22:64:1d:df:85:0c:00:07:9c:
11:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1A:FA:7D:CA:DC:A9:FE:27:C5:20:74:93:10:EB:F8:61:8A:67:ED
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Hxr6fcrcqf4nxSB0kxDr-GGKZ-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.120.0/22
45.148.152.0/22
Signature Algorithm: sha256WithRSAEncryption
59:e1:f4:96:9a:93:35:6f:65:3d:c7:d8:04:3a:96:33:8c:3d:
9d:c4:b9:61:91:bb:6c:3f:51:21:14:0c:34:ac:91:c9:37:a8:
ea:34:aa:51:26:56:41:4a:2e:d9:1d:35:31:48:d8:68:41:b5:
01:0e:4a:5f:6d:33:05:26:fe:35:cb:d1:ab:20:a6:22:d4:1f:
18:9a:be:b6:22:d4:8f:f8:5d:7d:c7:00:1b:c7:e0:7a:9d:f4:
af:24:0b:1c:c7:e4:3f:8e:fa:c3:98:57:6e:ba:eb:4a:54:12:
8c:8a:2c:b5:23:d1:ba:68:d5:56:a3:6d:94:6a:f9:d7:31:50:
af:b8:ae:45:2e:25:dd:14:90:6a:af:41:82:c6:0e:d7:7c:45:
4a:bd:c8:5c:50:88:d6:2f:51:72:d1:d8:fc:af:1a:65:c8:00:
ca:d6:5e:09:df:fd:81:f6:83:55:bc:68:d7:63:1d:88:1c:b2:
0a:98:f1:c2:c8:c5:82:fb:77:df:12:a3:a0:98:34:32:e5:d3:
1c:22:51:14:95:72:68:b8:b3:c6:15:b0:ff:8b:cf:15:fe:bb:
55:2c:aa:2f:d6:7f:3c:8d:de:54:73:ee:04:d3:29:af:26:c9:
e2:f9:18:e6:87:98:2c:c6:be:d5:5b:f1:7a:bb:44:fd:a2:95:
ad:c0:7b:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY16kxUzdTl04g/J5JMoI3WRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjFhZmE3ZGNhZGNhOWZlMjdjNTIwNzQ5MzEwZWJmODYxOGE2N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMZzsHJXFenABnt6diuz/0qle12s
8bnFZ/rAxrzz+FPy1VWss5aJgPsIVM1ITkytM7PkVuL1QT6zuVPZkpFekcZgent9
80TKykPHcx8An3Jo1RWUhq8utQpmnUe7Yg4SPccBploWYSL7urf6mToGIyi3bL9m
WUCFdbYbm9K0fh+mfnCd7PiHx0Zr2BJi9rgwYQmSYlF9nAG7NTWJ1rptEOcJQh4z
c4i+DEk9hTbjasafFEsE6fKcr25kmc1Edvz8nLh0BqzfKJtnTGsCwTkyZLpHOLFs
O5okHG2aA47+/TXi7NGyIDhugU07sV8TDlEVzi/lNVQiZB3fhQwAB5wRGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8a+n3K3Kn+J8UgdJMQ6/hhimftMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSHhyNmZjcmNxZjRueFNCMGt4RHItR0dLWi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUN4AwQC
LZSYMA0GCSqGSIb3DQEBCwUAA4IBAQBZ4fSWmpM1b2U9x9gEOpYzjD2dxLlhkbts
P1EhFAw0rJHJN6jqNKpRJlZBSi7ZHTUxSNhoQbUBDkpfbTMFJv41y9GrIKYi1B8Y
mr62ItSP+F19xwAbx+B6nfSvJAscx+Q/jvrDmFduuutKVBKMiiy1I9G6aNVWo22U
avnXMVCvuK5FLiXdFJBqr0GCxg7XfEVKvchcUIjWL1Fy0dj8rxplyADK1l4J3/2B
9oNVvGjXYx2IHLIKmPHCyMWC+3ffEqOgmDQy5dMcIlEUlXJouLPGFbD/i88V/rtV
LKov1n88jd5Uc+4E0ymvJsni+Rjmh5gsxr7VW/F6u0T9opWtwHsU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org