Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/0XIZ0KBzLbBni7dyrMmiE5z4S5g.roa
File: 0XIZ0KBzLbBni7dyrMmiE5z4S5g.roa (raw, json)
Hash identifier: JkYjhzHKhvn+4gP1SNZap+SKL/gV6y6NDUkSSmLHGfU=
Subject key identifier: D1:72:19:D0:A0:73:2D:B0:67:8B:B7:72:AC:C9:A2:13:9C:F8:4B:98
Certificate issuer: /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial: 018CC94E2E00939F356CEA7CE513821C1FB8
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/0XIZ0KBzLbBni7dyrMmiE5z4S5g.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.152.91.0/24 maxlen: 24
2a0f:5100:a01::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2e:00:93:9f:35:6c:ea:7c:e5:13:82:1c:1f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d17219d0a0732db0678bb772acc9a2139cf84b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:22:d8:ae:fb:92:26:3c:77:47:42:6a:0e:c6:
ea:4c:09:b3:7e:e1:f9:8f:a7:90:13:3c:d1:70:f3:
f7:48:1f:95:a9:f1:fa:e7:57:45:1f:ed:2a:81:52:
bc:b1:c2:0e:5b:7e:72:ad:a0:16:53:7e:c9:a3:0a:
1a:98:8b:33:97:b7:32:f1:0d:ba:be:11:1c:5b:3d:
61:1e:07:af:64:0c:8f:3f:a8:1e:cc:87:4c:7b:14:
e1:76:58:4d:9f:2b:95:64:1d:0d:0b:50:86:74:5c:
1e:84:ee:a9:ca:b6:9c:fc:50:33:1a:7b:7f:c4:f1:
19:99:2e:b8:33:dc:18:ef:ed:06:b8:f9:f1:1f:e7:
c9:64:12:b9:0d:99:69:f8:7c:69:b4:1d:a8:a9:55:
34:80:c2:7c:e4:7b:e7:1c:54:f0:da:25:c0:0e:e6:
ef:b7:f7:45:22:f6:d7:39:b0:a3:f0:a1:88:7c:b2:
ab:af:ac:fb:c9:bd:f1:fa:3f:6e:cb:91:d8:5e:1c:
b9:5f:6b:2c:83:5a:0c:8b:24:2c:34:90:47:67:68:
ee:f2:ec:39:d1:44:b8:47:96:7a:6c:be:ab:b6:42:
b6:fc:84:7c:49:8d:09:b8:60:bf:c5:41:49:f3:3f:
5f:4e:24:f8:00:43:96:d8:3e:3b:1b:84:56:69:a6:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:72:19:D0:A0:73:2D:B0:67:8B:B7:72:AC:C9:A2:13:9C:F8:4B:98
X509v3 Authority Key Identifier:
keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/0XIZ0KBzLbBni7dyrMmiE5z4S5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.91.0/24
IPv6:
2a0f:5100:a01::/48
Signature Algorithm: sha256WithRSAEncryption
96:91:ce:e4:c5:77:67:0c:8d:cd:6b:f5:5b:64:66:58:23:d0:
75:d8:cb:a8:b2:5a:e9:d0:93:e9:ea:0c:cf:9d:af:6b:29:2f:
7b:94:ae:09:07:12:e4:74:c5:8f:07:8b:59:21:78:08:16:ca:
ef:7e:f5:28:c4:ee:03:16:6d:49:12:3d:f2:3d:b8:12:7c:3c:
9b:07:c9:47:7e:ac:1e:e0:b2:db:42:92:ec:e2:e0:12:db:00:
09:2a:9f:da:dc:2b:2d:f9:e6:05:7c:bf:bb:da:96:c1:05:32:
e0:6d:42:0f:1a:f6:f6:06:8e:55:5f:4d:59:29:74:78:77:bf:
3c:27:7c:01:8c:21:47:7f:0b:a0:27:cf:dc:22:b8:3a:0f:18:
c2:6c:87:2f:a7:87:5e:57:0e:d1:12:69:de:ec:38:17:64:26:
fe:af:ec:01:95:f0:74:0f:41:fd:74:2f:52:b3:9a:09:44:7d:
27:69:5d:35:4c:55:3d:7b:2c:86:dc:84:98:97:cd:5f:2a:36:
93:e0:e8:e9:6b:29:37:ba:98:03:90:e7:0c:b3:5a:7f:70:51:
72:02:1c:b0:18:98:d7:79:76:48:3a:76:f4:1e:1a:e6:df:df:
a4:bf:30:ea:04:e1:0a:2c:a3:bd:e1:e2:18:5b:7b:87:ae:c6:
7b:c3:04:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTi4Ak581bOp85ROCHB+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcyMTlkMGEwNzMyZGIwNjc4YmI3NzJhY2M5YTIxMzljZjg0Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiLYrvuSJjx3R0JqDsbqTAmzfuH5
j6eQEzzRcPP3SB+VqfH651dFH+0qgVK8scIOW35yraAWU37JowoamIszl7cy8Q26
vhEcWz1hHgevZAyPP6gezIdMexThdlhNnyuVZB0NC1CGdFwehO6pyrac/FAzGnt/
xPEZmS64M9wY7+0GuPnxH+fJZBK5DZlp+HxptB2oqVU0gMJ85HvnHFTw2iXADubv
t/dFIvbXObCj8KGIfLKrr6z7yb3x+j9uy5HYXhy5X2ssg1oMiyQsNJBHZ2ju8uw5
0US4R5Z6bL6rtkK2/IR8SY0JuGC/xUFJ8z9fTiT4AEOW2D47G4RWaaZzzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNFyGdCgcy2wZ4u3cqzJohOc+EuYMB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvMFhJWjBLQnpMYkJuaTdkeXJNbWlFNXo0UzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZhbMA8E
AgACMAkDBwAqD1EACgEwDQYJKoZIhvcNAQELBQADggEBAJaRzuTFd2cMjc1r9Vtk
Zlgj0HXYy6iyWunQk+nqDM+dr2spL3uUrgkHEuR0xY8Hi1kheAgWyu9+9SjE7gMW
bUkSPfI9uBJ8PJsHyUd+rB7gsttCkuzi4BLbAAkqn9rcKy355gV8v7valsEFMuBt
Qg8a9vYGjlVfTVkpdHh3vzwnfAGMIUd/C6Anz9wiuDoPGMJshy+nh15XDtESad7s
OBdkJv6v7AGV8HQPQf10L1KzmglEfSdpXTVMVT17LIbchJiXzV8qNpPg6OlrKTe6
mAOQ5wyzWn9wUXICHLAYmNd5dkg6dvQeGubf36S/MOoE4Qoso73h4hhbe4euxnvD
BJs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:24 2025 by rpki-client