Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XoGmYkgLxluNyYLgW-qFB9R6jzY.roa
File: XoGmYkgLxluNyYLgW-qFB9R6jzY.roa (raw, json)
Hash identifier: y52Aqjj5EABs7vmqAyNKuhAM8uueeGNC6FgzbCt+ecw=
Subject key identifier: 5E:81:A6:62:48:0B:C6:5B:8D:C9:82:E0:5B:EA:85:07:D4:7A:8F:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187B4FC8E119D60C9AE17CC41F5B22CF593
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XoGmYkgLxluNyYLgW-qFB9R6jzY.roa
Signing time: Mon 24 Apr 2023 20:37:42 +0000
ROA not before: Mon 24 Apr 2023 20:37:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.118.0/24 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Apr 2023 15:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:fc:8e:11:9d:60:c9:ae:17:cc:41:f5:b2:2c:f5:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 24 20:37:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e81a662480bc65b8dc982e05bea8507d47a8f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f2:3f:15:b8:ae:fb:ba:2f:45:1e:43:a8:6f:
34:f5:b1:18:27:9a:92:65:dd:43:71:f6:90:97:78:
bf:e6:7c:08:90:4d:92:a1:ce:30:28:ca:23:0b:bc:
d1:90:5a:3c:ab:94:84:bd:25:f8:52:7c:ac:f5:0c:
c3:18:30:23:52:64:c9:a0:e2:96:d8:67:bd:67:15:
7e:44:51:9d:6d:3b:86:e8:81:33:00:97:e3:e9:3b:
e1:c5:73:5b:ce:d1:4c:a0:55:59:90:46:48:4c:23:
44:1d:04:a3:00:0d:d0:27:db:bf:bf:95:64:90:50:
85:47:7b:fd:68:1b:ad:e2:65:85:01:22:f7:f9:84:
a3:e6:c7:25:8c:25:4a:50:54:e5:dc:27:fa:d3:46:
c9:1a:4c:86:70:37:7b:67:d7:d2:f4:e8:4a:ca:58:
41:c5:c2:1d:80:1a:b2:2b:26:c9:50:29:75:3f:bd:
f1:d5:a3:10:7b:86:4f:be:a1:79:01:f7:1d:48:3f:
31:8d:89:17:2b:54:f8:6f:13:0c:51:88:85:83:1c:
2b:40:94:3a:fe:01:19:35:18:32:c8:c1:0c:17:aa:
fe:27:00:64:d8:ed:d0:b8:63:96:9c:d0:59:22:a8:
67:58:3f:c4:43:f4:e7:ca:66:c4:a8:29:1c:40:f1:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:81:A6:62:48:0B:C6:5B:8D:C9:82:E0:5B:EA:85:07:D4:7A:8F:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XoGmYkgLxluNyYLgW-qFB9R6jzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.118.0/23
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
7d:56:f5:51:d5:82:4a:aa:10:0e:fa:12:ed:7d:65:19:ee:bf:
df:a3:c6:9a:f7:cf:21:21:f1:51:6c:1c:4b:0a:e2:59:5f:af:
0e:1e:d8:db:ca:d4:1c:37:6b:8f:3b:ec:0c:ed:3a:2e:df:da:
a1:df:17:55:51:dc:f6:10:6f:b5:68:16:4a:d1:71:76:b8:86:
97:c7:3d:c4:ee:80:90:94:c6:f6:78:1e:4d:5e:c8:b4:bf:5f:
35:5c:f3:eb:42:b5:06:61:23:bf:93:ce:10:0b:52:26:e6:d4:
a5:bd:88:2e:8a:bc:91:68:66:c1:20:74:c3:47:66:13:9f:77:
11:c1:56:60:25:3b:18:8b:e3:69:b6:c2:6c:14:06:67:64:f5:
a5:12:f8:ea:dd:0d:ba:0f:cb:6c:d3:d9:b9:70:ef:7c:3f:1e:
56:8a:0d:9e:39:49:0d:0d:13:5f:c1:36:51:4b:d7:48:f4:e2:
83:68:f2:3b:85:7e:8a:c6:11:08:ac:a8:77:b0:87:9b:d2:41:
e3:52:ac:4f:09:0d:68:93:23:ed:2b:39:0b:87:7a:f8:b5:b7:
2b:9a:6b:36:33:7d:95:ea:8e:a8:d8:b9:84:ec:b6:cc:b3:c1:
d2:ea:9a:c2:34:37:0c:55:ac:8b:ca:d7:ff:ca:3f:96:c5:0b:
a1:0c:86:95
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYe0/I4RnWDJrhfMQfWyLPWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI0MjAzNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgxYTY2MjQ4MGJjNjViOGRjOTgyZTA1YmVhODUwN2Q0N2E4ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovI/Fbiu+7ovRR5DqG809bEYJ5qS
Zd1DcfaQl3i/5nwIkE2Soc4wKMojC7zRkFo8q5SEvSX4Unys9QzDGDAjUmTJoOKW
2Ge9ZxV+RFGdbTuG6IEzAJfj6TvhxXNbztFMoFVZkEZITCNEHQSjAA3QJ9u/v5Vk
kFCFR3v9aBut4mWFASL3+YSj5scljCVKUFTl3Cf600bJGkyGcDd7Z9fS9OhKylhB
xcIdgBqyKybJUCl1P73x1aMQe4ZPvqF5AfcdSD8xjYkXK1T4bxMMUYiFgxwrQJQ6
/gEZNRgyyMEMF6r+JwBk2O3QuGOWnNBZIqhnWD/EQ/TnymbEqCkcQPGmYwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF6BpmJIC8ZbjcmC4FvqhQfUeo82MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWG9HbVlrZ0x4bHVOeVlMZ1ctcUZCOVI2anpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQB
LZR2AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQB9VvVR1YJKqhAO+hLtfWUZ
7r/fo8aa988hIfFRbBxLCuJZX68OHtjbytQcN2uPO+wM7Tou39qh3xdVUdz2EG+1
aBZK0XF2uIaXxz3E7oCQlMb2eB5NXsi0v181XPPrQrUGYSO/k84QC1Im5tSlvYgu
iryRaGbBIHTDR2YTn3cRwVZgJTsYi+NptsJsFAZnZPWlEvjq3Q26D8ts09m5cO98
Px5Wig2eOUkNDRNfwTZRS9dI9OKDaPI7hX6KxhEIrKh3sIeb0kHjUqxPCQ1okyPt
KzkLh3r4tbcrmms2M32V6o6o2LmE7LbMs8HS6prCNDcMVayLytf/yj+WxQuhDIaV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org