Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/xkSmj2NpNIPzLj6QVA9Jdt9FADQ.roa
File: xkSmj2NpNIPzLj6QVA9Jdt9FADQ.roa (raw, json)
Hash identifier: GgP+4PaAcdkmuIqY41bgjuO21YyRRQi+qyZkvUmEUt4=
Subject key identifier: C6:44:A6:8F:63:69:34:83:F3:2E:3E:90:54:0F:49:76:DF:45:00:34
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 018D608BE0F86DDD238253EFBCF8D46C2F9D
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/xkSmj2NpNIPzLj6QVA9Jdt9FADQ.roa
Signing time: Wed 31 Jan 2024 17:23:16 +0000
ROA not before: Wed 31 Jan 2024 17:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.149.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 10:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:8b:e0:f8:6d:dd:23:82:53:ef:bc:f8:d4:6c:2f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Jan 31 17:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c644a68f63693483f32e3e90540f4976df450034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:bf:04:cc:84:b3:0b:43:f4:20:49:e2:25:
66:fe:58:bd:c7:ec:c6:81:c2:ac:33:49:6f:0d:ec:
29:52:12:2c:67:bf:19:47:7d:a2:7b:f9:b3:a2:09:
fb:b8:a9:51:36:83:90:57:a9:48:f1:b3:53:02:8a:
b5:8f:9b:a6:50:60:c8:c7:04:08:3c:70:d9:20:9c:
c3:b5:fc:f3:b9:f5:69:ab:ea:94:84:c6:a0:d2:c6:
6c:df:93:97:44:9b:b0:ad:81:7f:81:1c:01:65:4d:
0f:dd:a4:58:a8:38:8f:24:50:82:d8:9d:d4:a3:f2:
06:e2:cc:68:2c:13:99:89:fe:bd:df:af:03:96:10:
94:73:47:f4:55:db:f6:ff:51:3a:c8:76:45:ea:6d:
bd:c0:dd:29:5c:5c:19:8b:55:9a:1a:b8:88:8a:df:
43:f9:bf:2b:1e:46:7b:40:b9:b9:86:d9:ec:e6:8b:
3d:41:bc:4e:83:7f:b4:c0:db:ed:17:72:27:80:89:
b4:7f:c1:1f:cd:50:9a:a0:73:95:a7:23:e3:8a:d1:
65:44:79:4c:13:9a:32:78:b0:0c:70:6f:fb:76:71:
87:4a:55:ad:43:d8:17:f6:28:8c:9f:fc:07:0d:30:
cb:38:2d:18:1c:34:c3:fb:e1:20:42:46:cb:72:2e:
16:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:44:A6:8F:63:69:34:83:F3:2E:3E:90:54:0F:49:76:DF:45:00:34
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/xkSmj2NpNIPzLj6QVA9Jdt9FADQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.36.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:bd:55:7c:3b:23:02:36:1b:5b:c0:d0:cc:40:f3:77:a4:53:
e6:12:05:20:ff:9b:b7:c9:a5:1d:d7:98:b5:f8:5e:12:42:71:
3f:da:46:fb:02:de:be:86:a3:2f:1a:46:d9:2f:1a:37:39:04:
1b:00:32:45:29:f7:51:36:96:fd:ab:5b:2a:a2:b3:a7:dd:2f:
fe:c4:ee:73:6f:48:6c:22:19:11:55:c4:ae:35:12:d0:0b:b0:
09:61:fb:d0:60:4e:62:4a:89:fe:d9:fa:c9:0b:04:58:b5:6b:
4b:69:9e:c1:7c:bb:6d:f7:00:e0:91:70:57:3f:d8:cf:74:d0:
00:31:68:fa:bc:50:f8:e7:0a:ee:14:b0:14:40:10:d8:ee:35:
50:3c:e8:1c:92:8e:b8:92:f5:d7:2e:22:eb:45:da:bf:3a:66:
b2:b0:c0:23:32:cc:19:5e:b3:9b:64:1b:6d:68:7a:43:52:23:
9b:24:4b:56:62:10:92:67:23:d2:93:10:44:f6:64:2f:7d:36:
be:af:db:ce:8c:f0:e4:4c:50:14:87:79:b3:61:df:21:a5:6b:
91:93:1f:9c:51:14:62:1e:2e:b6:76:e4:56:23:a6:ee:4a:63:
6a:92:3a:60:13:8c:79:fc:3e:67:bd:de:12:0c:a1:f5:91:12:
ad:1c:ee:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1gi+D4bd0jglPvvPjUbC+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjQwMTMxMTcyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ0YTY4ZjYzNjkzNDgzZjMyZTNlOTA1NDBmNDk3NmRmNDUwMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMG/BMyEswtD9CBJ4iVm/li9x+zG
gcKsM0lvDewpUhIsZ78ZR32ie/mzogn7uKlRNoOQV6lI8bNTAoq1j5umUGDIxwQI
PHDZIJzDtfzzufVpq+qUhMag0sZs35OXRJuwrYF/gRwBZU0P3aRYqDiPJFCC2J3U
o/IG4sxoLBOZif69368DlhCUc0f0Vdv2/1E6yHZF6m29wN0pXFwZi1WaGriIit9D
+b8rHkZ7QLm5htns5os9QbxOg3+0wNvtF3IngIm0f8EfzVCaoHOVpyPjitFlRHlM
E5oyeLAMcG/7dnGHSlWtQ9gX9iiMn/wHDTDLOC0YHDTD++EgQkbLci4W2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZEpo9jaTSD8y4+kFQPSXbfRQA0MB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEveGtTbWoyTnBOSVB6TGo2UVZBOUpkdDlGQURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUkMA0G
CSqGSIb3DQEBCwUAA4IBAQA8vVV8OyMCNhtbwNDMQPN3pFPmEgUg/5u3yaUd15i1
+F4SQnE/2kb7At6+hqMvGkbZLxo3OQQbADJFKfdRNpb9q1sqorOn3S/+xO5zb0hs
IhkRVcSuNRLQC7AJYfvQYE5iSon+2frJCwRYtWtLaZ7BfLtt9wDgkXBXP9jPdNAA
MWj6vFD45wruFLAUQBDY7jVQPOgcko64kvXXLiLrRdq/OmaysMAjMswZXrObZBtt
aHpDUiObJEtWYhCSZyPSkxBE9mQvfTa+r9vOjPDkTFAUh3mzYd8hpWuRkx+cURRi
Hi62duRWI6buSmNqkjpgE4x5/D5nvd4SDKH1kRKtHO53
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:30 2024 by rpki-client on console-ams.rpki-client.org