Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_XlOXvsGTdWnVPaaLs3FfPTqyNc.roa
File: _XlOXvsGTdWnVPaaLs3FfPTqyNc.roa (raw, json)
Hash identifier: M93yM3GQwMcSe8sEtTFmiv6xun/Lv12umqJuLRgsndw=
Subject key identifier: FD:79:4E:5E:FB:06:4D:D5:A7:54:F6:9A:2E:CD:C5:7C:F4:EA:C8:D7
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018EDB2F318DCCB18D09FE3FAA856AA61D4E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_XlOXvsGTdWnVPaaLs3FfPTqyNc.roa
Signing time: Sun 14 Apr 2024 05:58:06 +0000
ROA not before: Sun 14 Apr 2024 05:58:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 67844
IP address blocks: 45.150.8.0/22 maxlen: 22
45.150.9.0/24 maxlen: 24
45.150.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 11:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:2f:31:8d:cc:b1:8d:09:fe:3f:aa:85:6a:a6:1d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 14 05:58:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd794e5efb064dd5a754f69a2ecdc57cf4eac8d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:8d:44:2c:f2:aa:f3:eb:c4:9e:46:8f:a5:
9c:12:1a:c3:c5:08:67:04:1f:26:d1:fd:61:3a:d5:
75:d9:ff:5e:9b:81:ff:b8:b4:76:e3:38:e2:b6:2b:
4c:d2:50:ed:12:1e:15:aa:00:34:10:9a:13:da:ea:
eb:27:13:21:08:6b:65:60:96:a1:49:a1:87:eb:e1:
63:1a:2c:eb:ec:4a:0f:0e:a8:ac:5e:63:01:d8:8d:
4e:88:6b:5a:a2:f3:47:a5:77:6c:f1:56:d0:bf:be:
6d:4f:3d:8e:da:b9:bc:3a:dc:b8:7a:25:b7:d8:48:
c3:fb:b5:8c:05:04:35:1f:f5:31:1e:ba:99:ef:3f:
0e:a8:ac:08:01:39:1d:a9:2e:c7:a3:b6:49:82:11:
b6:7b:9d:18:9d:0f:fb:b7:2a:9f:35:e1:77:06:45:
a4:e1:d0:2a:5d:ed:63:0a:e3:9c:b2:01:22:5b:8e:
77:bf:2b:01:c5:ac:fb:5b:c0:14:9f:c3:25:bc:73:
07:ac:11:f1:96:8a:a9:e7:21:e8:45:85:f6:d2:40:
bb:08:8a:e4:5d:17:7b:5f:95:64:46:43:0b:ce:8e:
89:a1:99:b3:50:c1:10:b1:48:f6:6d:47:cd:bb:e2:
d2:19:d9:2a:86:bc:46:a7:a0:71:48:60:d9:01:69:
62:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:79:4E:5E:FB:06:4D:D5:A7:54:F6:9A:2E:CD:C5:7C:F4:EA:C8:D7
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_XlOXvsGTdWnVPaaLs3FfPTqyNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
04:d7:2e:b9:9b:48:16:da:36:20:ae:46:ce:a3:26:13:0a:f5:
0e:61:f6:7e:26:61:8f:9c:21:24:2b:29:46:98:04:5d:2f:af:
df:e5:6d:9b:b0:22:52:bd:e7:12:42:da:53:67:60:68:f2:c9:
7f:8b:f4:7b:ff:d2:6e:d3:ed:11:45:04:21:92:63:c9:ef:ea:
8b:c7:28:30:21:5a:37:86:68:78:e4:13:cf:4f:15:e6:4f:56:
27:b7:98:d7:ca:aa:83:d1:26:f5:05:ed:d5:98:2a:2c:35:7c:
55:bf:96:5b:06:c3:93:27:a9:f7:71:b7:d4:28:d0:40:39:af:
3d:e9:91:4d:e1:df:aa:38:4a:c1:6e:25:17:28:85:44:82:d2:
f3:10:06:53:1d:e1:55:21:83:ac:44:4f:1c:45:83:6a:3d:83:
9d:30:a4:ee:96:89:32:69:65:7b:1a:2b:d8:e0:87:b5:97:6e:
07:bd:77:38:6a:d1:50:d8:d6:85:fb:37:16:0a:64:11:dc:cb:
74:c6:c8:33:a3:79:16:f1:ae:6c:d1:dd:c9:d4:d2:6f:60:c2:
83:41:60:c0:2c:00:9c:bb:b0:e2:96:f2:94:ec:b8:b0:44:54:
34:49:38:f7:48:2a:a2:05:fc:62:7f:be:29:75:7b:ac:26:81:
3f:ca:99:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7bLzGNzLGNCf4/qoVqph1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDE0MDU1ODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc5NGU1ZWZiMDY0ZGQ1YTc1NGY2OWEyZWNkYzU3Y2Y0ZWFjOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlamNRCzyqvPrxJ5Gj6WcEhrDxQhn
BB8m0f1hOtV12f9em4H/uLR24zjititM0lDtEh4VqgA0EJoT2urrJxMhCGtlYJah
SaGH6+FjGizr7EoPDqisXmMB2I1OiGtaovNHpXds8VbQv75tTz2O2rm8Oty4eiW3
2EjD+7WMBQQ1H/UxHrqZ7z8OqKwIATkdqS7Ho7ZJghG2e50YnQ/7tyqfNeF3BkWk
4dAqXe1jCuOcsgEiW453vysBxaz7W8AUn8MlvHMHrBHxloqp5yHoRYX20kC7CIrk
XRd7X5VkRkMLzo6JoZmzUMEQsUj2bUfNu+LSGdkqhrxGp6BxSGDZAWliSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP15Tl77Bk3Vp1T2mi7NxXz06sjXMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvX1hsT1h2c0dUZFduVlBhYUxzM0ZmUFRxeU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZYIMA0G
CSqGSIb3DQEBCwUAA4IBAQAE1y65m0gW2jYgrkbOoyYTCvUOYfZ+JmGPnCEkKylG
mARdL6/f5W2bsCJSvecSQtpTZ2Bo8sl/i/R7/9Ju0+0RRQQhkmPJ7+qLxygwIVo3
hmh45BPPTxXmT1Ynt5jXyqqD0Sb1Be3VmCosNXxVv5ZbBsOTJ6n3cbfUKNBAOa89
6ZFN4d+qOErBbiUXKIVEgtLzEAZTHeFVIYOsRE8cRYNqPYOdMKTulokyaWV7GivY
4Ie1l24HvXc4atFQ2NaF+zcWCmQR3Mt0xsgzo3kW8a5s0d3J1NJvYMKDQWDALACc
u7DilvKU7LiwRFQ0STj3SCqiBfxif74pdXusJoE/yplk
-----END CERTIFICATE-----
Generated at Sun Apr 14 14:33:49 2024 by rpki-client on console-fra.rpki-client.org