Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sXLfmn701LrOUsS6l_1MNF_g6YY.roa
File: sXLfmn701LrOUsS6l_1MNF_g6YY.roa (raw, json)
Hash identifier: Wuupn6lOSq0OmsfiA5gX0DlK8FGzWF7v6GChorLYNxs=
Subject key identifier: B1:72:DF:9A:7E:F4:D4:BA:CE:52:C4:BA:97:FD:4C:34:5F:E0:E9:86
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018EA953A1393C3CD1086F23DF2934E35426
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sXLfmn701LrOUsS6l_1MNF_g6YY.roa
Signing time: Thu 04 Apr 2024 13:36:54 +0000
ROA not before: Thu 04 Apr 2024 13:36:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33845
IP address blocks: 131.102.0.0/16 maxlen: 16
149.126.48.0/21 maxlen: 21
162.23.0.0/16 maxlen: 16
193.5.216.0/21 maxlen: 21
2a07:2900::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Jun 2024 13:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:53:a1:39:3c:3c:d1:08:6f:23:df:29:34:e3:54:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Apr 4 13:36:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b172df9a7ef4d4bace52c4ba97fd4c345fe0e986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c0:bf:0e:ec:26:72:81:0f:cb:c8:5d:6e:c3:
3d:49:65:84:0a:5c:4d:59:a9:6d:c9:f5:50:27:0d:
cc:68:1e:0d:4f:4e:c0:22:df:8a:49:52:3b:a8:60:
b1:83:0d:c7:97:d8:70:16:97:32:80:42:da:1f:1b:
ce:bb:1c:05:0d:9a:06:56:8d:d2:2b:bf:8b:b8:99:
4b:e4:7e:0b:7c:9e:75:4d:07:50:28:ac:72:55:79:
8f:31:5b:fd:09:f4:b8:5f:22:43:4d:87:07:2e:fc:
17:7c:36:7e:d8:ac:25:ec:91:e9:21:fd:da:20:28:
6f:58:26:84:7c:e1:09:16:6b:b5:cd:94:40:03:44:
c0:24:fa:d7:7c:f0:4b:e8:f4:1b:31:07:94:09:2a:
99:19:c7:40:95:81:0f:1e:6a:c4:91:1f:9d:59:e2:
21:25:97:98:8b:1a:e5:4d:36:3d:11:da:7a:6f:b8:
30:4a:6b:f5:bd:17:53:1d:f3:02:aa:46:c3:86:76:
a5:7a:d4:33:79:9c:41:4d:b7:14:aa:20:ea:06:47:
b7:f1:79:a8:0f:02:af:d2:0b:56:c1:88:79:28:55:
b7:ca:07:e5:ba:0e:7d:c8:14:96:1d:11:5d:61:1a:
aa:61:e5:88:e8:e5:03:4b:54:38:e9:f2:07:80:f2:
65:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:72:DF:9A:7E:F4:D4:BA:CE:52:C4:BA:97:FD:4C:34:5F:E0:E9:86
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sXLfmn701LrOUsS6l_1MNF_g6YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
67:2d:16:de:5b:78:04:5e:56:e9:ac:2a:9e:db:3b:d5:c4:68:
0a:fb:c5:42:2f:38:63:fc:34:51:36:2c:2c:71:e4:a7:c3:5f:
ca:db:62:65:08:c9:0f:ca:d9:59:fd:9f:17:c1:53:2b:55:6b:
9e:0d:51:4f:48:24:c2:57:84:c9:04:8b:68:4d:ce:b1:69:f4:
67:74:9c:36:c8:fd:5e:f6:b1:8c:6c:e1:cd:7b:59:e8:a5:e0:
10:5a:ea:8e:83:56:f1:38:98:1f:07:c8:05:db:91:ee:41:69:
5a:e6:e7:23:fa:40:38:1d:80:88:4e:fe:31:60:cd:a8:52:6f:
e4:f1:2d:b8:52:eb:bb:f5:d0:69:1e:19:af:3b:38:05:bf:db:
d7:63:78:42:06:79:36:a6:17:20:c9:64:a7:0d:6e:ea:5b:0f:
8b:ea:e7:77:28:f2:49:58:d3:b3:58:db:4a:d8:48:d0:c1:28:
28:84:17:c4:06:7a:3e:e7:26:0f:a8:29:89:3e:26:fd:f3:39:
43:3f:63:c4:bd:42:e1:6f:58:8a:97:55:59:01:3f:6a:d7:d1:
c1:ef:7c:78:4b:41:7c:be:d0:d3:2f:d8:b9:3d:a0:84:52:e1:
0c:ed:52:15:90:c9:83:6d:e6:2e:9e:14:ed:27:29:dd:7f:1f:
0e:a9:71:05
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY6pU6E5PDzRCG8j3yk041QmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwNDA0MTMzNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTcyZGY5YTdlZjRkNGJhY2U1MmM0YmE5N2ZkNGMzNDVmZTBlOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMC/DuwmcoEPy8hdbsM9SWWEClxN
WaltyfVQJw3MaB4NT07AIt+KSVI7qGCxgw3Hl9hwFpcygELaHxvOuxwFDZoGVo3S
K7+LuJlL5H4LfJ51TQdQKKxyVXmPMVv9CfS4XyJDTYcHLvwXfDZ+2Kwl7JHpIf3a
IChvWCaEfOEJFmu1zZRAA0TAJPrXfPBL6PQbMQeUCSqZGcdAlYEPHmrEkR+dWeIh
JZeYixrlTTY9Edp6b7gwSmv1vRdTHfMCqkbDhnaletQzeZxBTbcUqiDqBke38Xmo
DwKv0gtWwYh5KFW3ygflug59yBSWHRFdYRqqYeWI6OUDS1Q46fIHgPJlrQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLFy35p+9NS6zlLEupf9TDRf4OmGMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvc1hMZm1uNzAxTHJPVXNTNmxfMU1ORl9nNllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
Zy0W3lt4BF5W6awqnts71cRoCvvFQi84Y/w0UTYsLHHkp8NfyttiZQjJD8rZWf2f
F8FTK1Vrng1RT0gkwleEyQSLaE3OsWn0Z3ScNsj9XvaxjGzhzXtZ6KXgEFrqjoNW
8TiYHwfIBduR7kFpWubnI/pAOB2AiE7+MWDNqFJv5PEtuFLru/XQaR4Zrzs4Bb/b
12N4QgZ5NqYXIMlkpw1u6lsPi+rndyjySVjTs1jbSthI0MEoKIQXxAZ6PucmD6gp
iT4m/fM5Qz9jxL1C4W9YipdVWQE/atfRwe98eEtBfL7Q0y/YuT2ghFLhDO1SFZDJ
g23mLp4U7Scp3X8fDqlxBQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:27 2025 by rpki-client