Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/k-XVfAlleT2iMhLddurPJyKhuU0.roa
File: k-XVfAlleT2iMhLddurPJyKhuU0.roa (raw, json)
Hash identifier: 0An9BW3lKYYiKr1aU80qjL4kXkNkSmmykx3azbA/L8c=
Subject key identifier: 93:E5:D5:7C:09:65:79:3D:A2:32:12:DD:76:EA:CF:27:22:A1:B9:4D
Certificate issuer: /CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2
Certificate serial: 018CC492E9D6E3DFAC88D87A1E01005AC5CD
Authority key identifier: D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/k-XVfAlleT2iMhLddurPJyKhuU0.roa
Signing time: Mon 01 Jan 2024 10:30:11 +0000
ROA not before: Mon 01 Jan 2024 10:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203201
IP address blocks: 45.145.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e9:d6:e3:df:ac:88:d8:7a:1e:01:00:5a:c5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2
Validity
Not Before: Jan 1 10:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93e5d57c0965793da23212dd76eacf2722a1b94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:91:85:a8:e4:8b:70:8e:73:be:ae:81:54:1c:
59:18:cb:35:74:6a:10:69:eb:f9:17:69:f4:2b:8e:
6d:27:e6:aa:34:23:e8:ca:43:cc:ae:f6:e4:49:1b:
3b:98:59:0e:3f:3c:28:5f:e6:06:61:64:e4:77:1b:
59:9a:56:38:e5:f0:95:e2:07:18:5f:b9:ef:37:70:
7a:e9:61:a2:a9:49:81:18:8a:80:f1:5f:bc:39:00:
16:9f:1e:90:02:49:0e:0b:1e:ec:09:90:f9:87:0f:
ae:5b:50:3d:9f:d4:53:80:00:df:89:ca:70:6e:51:
31:13:d4:5a:cf:8e:e2:f1:e2:16:4b:1b:e3:8d:5f:
fd:b0:11:99:73:c5:9b:9c:60:82:3e:08:3a:24:f6:
1c:36:81:b8:0d:14:d9:a2:42:85:d2:c0:ba:b5:17:
2c:f3:8d:8b:9e:f8:d2:c6:68:6e:39:36:93:7d:56:
d6:96:26:03:8e:90:67:cb:61:34:68:42:39:3d:07:
b3:91:94:6a:4a:15:3a:40:03:2f:23:aa:70:63:10:
b9:d4:af:56:52:3b:cc:dc:c1:cf:38:0e:6c:72:2a:
bf:ad:f8:6d:01:95:47:26:50:d9:3b:9b:53:f1:e7:
c5:d4:b8:77:9d:da:66:3f:54:d6:48:2f:52:e4:b8:
d0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E5:D5:7C:09:65:79:3D:A2:32:12:DD:76:EA:CF:27:22:A1:B9:4D
X509v3 Authority Key Identifier:
keyid:D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/k-XVfAlleT2iMhLddurPJyKhuU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.204.0/22
Signature Algorithm: sha256WithRSAEncryption
47:ae:0e:06:d5:fc:5a:53:a7:33:0f:f0:b7:3b:3e:fd:67:76:
9a:40:00:3f:57:eb:19:17:b8:5a:67:ce:04:25:71:0a:54:06:
6f:dc:6d:22:45:da:bb:7f:16:44:ee:cf:36:18:ce:77:6f:da:
ee:45:2e:6b:08:0e:17:a8:fc:d0:25:41:5f:3f:ee:07:05:f8:
c7:f7:6c:c3:02:c9:fa:1e:46:ff:b8:8c:6c:79:b3:b1:39:b3:
54:96:80:5a:52:68:e3:d6:3c:dd:7e:f4:b9:9f:39:f1:4d:32:
24:6c:7a:c2:2d:c4:fa:f9:ee:b3:ba:10:0c:ca:7e:e8:91:7d:
bf:66:5d:f6:5f:da:58:da:66:a2:80:33:17:5b:db:22:57:f2:
95:6b:7c:48:40:bf:b8:9a:b1:e5:b9:27:fb:77:36:24:f8:e7:
9c:7e:bf:48:2c:e0:37:b1:b7:90:05:12:0c:f7:d0:1a:5c:19:
c4:26:22:28:bd:b2:a2:6d:3c:b2:af:ff:fd:09:cf:7c:db:04:
ba:05:95:5d:69:a5:ba:1b:95:ab:d7:0a:96:16:79:a0:ff:a7:
36:28:16:d6:59:c5:42:90:b4:b8:ae:0a:22:43:8b:04:c9:a9:
97:8f:a1:02:21:95:d5:ee:7c:dc:03:3e:b8:85:a5:6d:89:0d:
df:68:57:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkunW49+siNh6HgEAWsXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmJjNzRjZDFmODdhMGJmMTZjNDgyZjYyMDFjOWI5ZWIy
NDRlYTIwHhcNMjQwMTAxMTAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2U1ZDU3YzA5NjU3OTNkYTIzMjEyZGQ3NmVhY2YyNzIyYTFiOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppGFqOSLcI5zvq6BVBxZGMs1dGoQ
aev5F2n0K45tJ+aqNCPoykPMrvbkSRs7mFkOPzwoX+YGYWTkdxtZmlY45fCV4gcY
X7nvN3B66WGiqUmBGIqA8V+8OQAWnx6QAkkOCx7sCZD5hw+uW1A9n9RTgADficpw
blExE9Raz47i8eIWSxvjjV/9sBGZc8WbnGCCPgg6JPYcNoG4DRTZokKF0sC6tRcs
842LnvjSxmhuOTaTfVbWliYDjpBny2E0aEI5PQezkZRqShU6QAMvI6pwYxC51K9W
UjvM3MHPOA5sciq/rfhtAZVHJlDZO5tT8efF1Lh3ndpmP1TWSC9S5LjQ0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJPl1XwJZXk9ojIS3XbqzycioblNMB8GA1UdIwQY
MBaAFNT7x0zR+HoL8WxIL2IBybnrJE6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAt
MWM5NjY3NzMwNTM0LzEvay1YVmZBbGxlVDJpTWhMZGR1clBKeUtodVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAtMWM5NjY3NzMwNTM0
LzEvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZHMMA0G
CSqGSIb3DQEBCwUAA4IBAQBHrg4G1fxaU6czD/C3Oz79Z3aaQAA/V+sZF7haZ84E
JXEKVAZv3G0iRdq7fxZE7s82GM53b9ruRS5rCA4XqPzQJUFfP+4HBfjH92zDAsn6
Hkb/uIxsebOxObNUloBaUmjj1jzdfvS5nznxTTIkbHrCLcT6+e6zuhAMyn7okX2/
Zl32X9pY2maigDMXW9siV/KVa3xIQL+4mrHluSf7dzYk+Oecfr9ILOA3sbeQBRIM
99AaXBnEJiIovbKibTyyr//9Cc982wS6BZVdaaW6G5Wr1wqWFnmg/6c2KBbWWcVC
kLS4rgoiQ4sEyamXj6ECIZXV7nzcAz64haVtiQ3faFej
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:26 2025 by rpki-client