Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xtKCYgCXMXa5Y-FvsjuClmEOTKQ.roa
File: xtKCYgCXMXa5Y-FvsjuClmEOTKQ.roa (raw, json)
Hash identifier: oo/GSFwpy7wjHJpaop5ZZPWJVY4CihN9b6u6OqHun/g=
Subject key identifier: C6:D2:82:62:00:97:31:76:B9:63:E1:6F:B2:3B:82:96:61:0E:4C:A4
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 0189BA0D8F1120EB5784BCCEB66563E96ABE
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xtKCYgCXMXa5Y-FvsjuClmEOTKQ.roa
Signing time: Thu 03 Aug 2023 06:19:58 +0000
ROA not before: Thu 03 Aug 2023 06:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.95.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 07:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:0d:8f:11:20:eb:57:84:bc:ce:b6:65:63:e9:6a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Aug 3 06:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6d2826200973176b963e16fb23b8296610e4ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:a4:22:6a:36:86:bd:4b:f2:50:52:33:04:
4b:39:26:01:bf:57:d3:77:b2:a7:57:f5:54:61:53:
0a:6f:e1:96:0c:6a:95:db:40:c5:a0:ed:a4:6a:5e:
e3:39:ca:c0:bb:41:bf:50:c5:b0:ae:a1:8f:ff:47:
72:5d:1f:11:d5:c6:01:26:af:32:5f:5b:82:fd:da:
0a:12:89:0c:79:f4:8a:af:62:6e:30:10:08:2c:b0:
d2:f2:e8:2e:74:30:79:f1:da:16:31:8d:1e:d2:e1:
fe:99:05:f1:ca:7f:7f:8c:22:7a:12:2e:8f:4d:28:
bd:50:a0:ee:1c:8d:34:23:f0:d9:4e:49:77:c3:b3:
8d:22:1c:1f:d5:79:07:af:5e:90:db:df:d2:29:b2:
12:12:f0:52:37:76:cf:8b:9e:1d:34:67:cf:6f:e0:
7b:95:80:2f:b8:53:b3:2e:cb:01:0b:31:9f:3c:3f:
a9:ba:37:95:0e:b7:85:c6:5a:b1:fe:a2:7b:c9:55:
b8:4d:b9:5e:bf:a9:29:9e:13:d3:c0:f6:64:df:ca:
52:35:c9:e8:3b:09:c1:64:74:9e:3b:65:35:91:42:
6b:98:07:ff:b4:a2:bc:72:ea:7e:0f:72:6e:87:e8:
af:78:af:10:80:da:60:26:4d:f2:e2:13:98:89:4a:
da:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D2:82:62:00:97:31:76:B9:63:E1:6F:B2:3B:82:96:61:0E:4C:A4
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xtKCYgCXMXa5Y-FvsjuClmEOTKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.35.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:78:06:8b:41:d1:76:49:73:05:e8:96:18:e8:f1:bd:aa:b5:
c4:18:c1:39:1d:04:23:33:88:d2:ad:a1:1f:ee:b9:14:63:73:
be:cd:91:66:3a:d5:95:73:35:16:9e:1f:a1:d5:71:35:74:a5:
30:39:2e:9a:1a:ce:17:b0:14:02:c5:ff:98:18:7d:d6:df:7b:
d5:9f:aa:5d:73:b3:68:f8:6f:d5:bf:aa:87:01:9b:3b:b2:ec:
f0:c7:80:cc:09:a0:43:87:7a:99:83:d8:df:09:5e:8c:98:25:
d7:9f:6a:c4:b9:55:f7:54:62:2d:75:94:a8:38:86:3d:a9:ef:
db:77:ec:47:bc:94:b9:07:d5:41:c6:ac:e4:07:44:25:4f:e5:
f9:45:d4:4c:d3:9c:ee:70:22:3a:c7:32:b0:4f:f2:bf:a8:4c:
93:fc:93:05:eb:83:26:9c:ac:72:e7:a8:fc:31:cd:f8:27:34:
8b:34:26:92:7b:6a:51:e6:03:e6:41:cc:e3:78:28:5e:f1:85:
e2:a0:88:3d:5e:c0:24:df:50:57:f3:a8:5d:9c:5c:b9:e7:37:
44:0a:58:92:e3:2e:53:a9:60:43:1b:53:ee:90:c2:a6:26:00:
5b:46:dc:9a:5b:95:2e:09:d7:f7:7f:a6:3c:e3:e9:53:4d:f9:
36:07:4c:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm6DY8RIOtXhLzOtmVj6Wq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjMwODAzMDYxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQyODI2MjAwOTczMTc2Yjk2M2UxNmZiMjNiODI5NjYxMGU0Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX2kImo2hr1L8lBSMwRLOSYBv1fT
d7KnV/VUYVMKb+GWDGqV20DFoO2kal7jOcrAu0G/UMWwrqGP/0dyXR8R1cYBJq8y
X1uC/doKEokMefSKr2JuMBAILLDS8ugudDB58doWMY0e0uH+mQXxyn9/jCJ6Ei6P
TSi9UKDuHI00I/DZTkl3w7ONIhwf1XkHr16Q29/SKbISEvBSN3bPi54dNGfPb+B7
lYAvuFOzLssBCzGfPD+pujeVDreFxlqx/qJ7yVW4Tblev6kpnhPTwPZk38pSNcno
OwnBZHSeO2U1kUJrmAf/tKK8cup+D3Juh+iveK8QgNpgJk3y4hOYiUraQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbSgmIAlzF2uWPhb7I7gpZhDkykMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEveHRLQ1lnQ1hNWGE1WS1GdnNqdUNsbUVPVEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV8jMA0G
CSqGSIb3DQEBCwUAA4IBAQDDeAaLQdF2SXMF6JYY6PG9qrXEGME5HQQjM4jSraEf
7rkUY3O+zZFmOtWVczUWnh+h1XE1dKUwOS6aGs4XsBQCxf+YGH3W33vVn6pdc7No
+G/Vv6qHAZs7suzwx4DMCaBDh3qZg9jfCV6MmCXXn2rEuVX3VGItdZSoOIY9qe/b
d+xHvJS5B9VBxqzkB0QlT+X5RdRM05zucCI6xzKwT/K/qEyT/JMF64MmnKxy56j8
Mc34JzSLNCaSe2pR5gPmQczjeChe8YXioIg9XsAk31BX86hdnFy55zdECliS4y5T
qWBDG1PukMKmJgBbRtyaW5UuCdf3f6Y84+lTTfk2B0z0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:49 2024 by rpki-client on console-ams.rpki-client.org