Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XIHB7b-kPUtOKsvH5JVKvEbIoEo.roa
File: XIHB7b-kPUtOKsvH5JVKvEbIoEo.roa (raw, json)
Hash identifier: HurZIKnahGX9/i9971IywHkegVncAMapUmjYN1CGOQ8=
Subject key identifier: 5C:81:C1:ED:BF:A4:3D:4B:4E:2A:CB:C7:E4:95:4A:BC:46:C8:A0:4A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018FAAD5164020C0B5AD3B61775BC98BB439
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XIHB7b-kPUtOKsvH5JVKvEbIoEo.roa
Signing time: Fri 24 May 2024 13:40:42 +0000
ROA not before: Fri 24 May 2024 13:40:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4648
IP address blocks: 45.135.4.0/22 maxlen: 24
45.136.72.0/22 maxlen: 24
45.144.216.0/22 maxlen: 24
45.146.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 04:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:d5:16:40:20:c0:b5:ad:3b:61:77:5b:c9:8b:b4:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: May 24 13:40:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c81c1edbfa43d4b4e2acbc7e4954abc46c8a04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0b:35:88:c1:d6:b5:79:f3:00:3b:09:27:95:
52:88:dc:0b:aa:80:7c:ea:93:39:b4:ae:12:71:4d:
50:7b:7a:d5:82:bc:dd:47:7b:b3:5b:85:8c:95:70:
d2:ef:c9:b2:df:6f:b4:df:cf:4d:2e:3a:7a:f5:26:
1b:5f:d3:77:94:5a:fc:96:d3:a2:b2:c0:fb:15:e5:
c1:f1:7b:c9:28:69:f4:f8:58:91:62:43:73:fe:99:
47:70:b8:d9:64:61:71:29:7b:64:53:5a:a0:26:a6:
20:98:e2:27:ab:0a:18:d2:32:16:a3:4d:63:19:22:
ea:a9:da:10:19:49:83:2e:ff:96:5c:4d:ad:6a:24:
b1:d4:76:0d:e4:5f:94:9c:c0:f9:92:76:90:48:d9:
12:21:44:b1:ea:7d:be:8f:73:d0:93:6e:c4:3e:fc:
0d:3f:82:d9:6a:cf:89:92:9c:64:e6:90:59:cb:1b:
dd:17:3d:92:1a:f9:64:aa:83:b2:a5:b7:58:3c:cd:
0c:13:25:0e:28:3f:0b:8b:23:d0:56:75:7c:32:33:
f9:a5:8a:f9:09:af:38:a4:f5:0f:cd:82:ea:3a:a6:
ce:67:35:c8:11:1d:3b:c9:5d:49:73:71:16:2a:25:
ec:4b:48:b6:ce:53:36:d4:1c:5a:95:89:f1:86:02:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:81:C1:ED:BF:A4:3D:4B:4E:2A:CB:C7:E4:95:4A:BC:46:C8:A0:4A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XIHB7b-kPUtOKsvH5JVKvEbIoEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.4.0/22
45.136.72.0/22
45.144.216.0/22
45.146.56.0/22
Signature Algorithm: sha256WithRSAEncryption
10:d0:56:8a:d7:4d:ab:27:24:52:8b:ab:05:4c:ae:92:e3:c0:
b8:a0:8c:66:48:b7:5f:73:70:41:58:71:18:c9:17:20:18:a8:
b5:2c:55:3c:4d:77:23:31:65:12:7d:88:73:4d:09:40:7a:52:
6d:26:7d:7d:f5:7d:23:e2:4b:38:01:d7:20:e7:1d:5e:b2:5e:
1e:db:a0:e7:f3:81:f1:81:cc:db:10:29:da:4c:08:98:aa:e3:
a5:8e:f8:04:03:03:ba:a7:a8:9d:d8:c5:ff:2e:74:d9:3e:67:
e6:38:bb:4a:04:66:68:b1:da:97:54:fa:0c:c0:fa:56:ce:7b:
06:06:56:88:d5:cb:5f:86:7b:3d:37:20:c6:66:12:b0:c1:f7:
18:33:1f:1a:3c:0b:48:74:3a:ef:2e:41:0c:27:7c:c4:10:de:
fb:46:d5:39:10:d8:38:d1:ab:80:ae:40:3a:c4:a1:30:75:a7:
64:50:24:84:f6:a8:fa:98:6e:9c:c8:2e:1c:ec:98:be:80:69:
ce:25:d1:b8:94:a6:68:52:43:5a:93:84:d7:21:c6:12:e8:2c:
ac:bc:0e:3f:0f:ee:5c:8d:15:48:2f:67:fa:b3:d6:f6:43:db:
f0:a2:91:9a:df:06:a2:e5:d2:99:f8:0a:1a:5d:ed:53:ed:58:
4e:de:7b:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+q1RZAIMC1rTthd1vJi7Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNTI0MTM0MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgxYzFlZGJmYTQzZDRiNGUyYWNiYzdlNDk1NGFiYzQ2YzhhMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygs1iMHWtXnzADsJJ5VSiNwLqoB8
6pM5tK4ScU1Qe3rVgrzdR3uzW4WMlXDS78my32+0389NLjp69SYbX9N3lFr8ltOi
ssD7FeXB8XvJKGn0+FiRYkNz/plHcLjZZGFxKXtkU1qgJqYgmOInqwoY0jIWo01j
GSLqqdoQGUmDLv+WXE2taiSx1HYN5F+UnMD5knaQSNkSIUSx6n2+j3PQk27EPvwN
P4LZas+Jkpxk5pBZyxvdFz2SGvlkqoOypbdYPM0MEyUOKD8LiyPQVnV8MjP5pYr5
Ca84pPUPzYLqOqbOZzXIER07yV1Jc3EWKiXsS0i2zlM21BxalYnxhgLmywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFyBwe2/pD1LTirLx+SVSrxGyKBKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWElIQjdiLWtQVXRPS3N2SDVKVkt2RWJJb0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYcEAwQC
LYhIAwQCLZDYAwQCLZI4MA0GCSqGSIb3DQEBCwUAA4IBAQAQ0FaK102rJyRSi6sF
TK6S48C4oIxmSLdfc3BBWHEYyRcgGKi1LFU8TXcjMWUSfYhzTQlAelJtJn199X0j
4ks4Adcg5x1esl4e26Dn84HxgczbECnaTAiYquOljvgEAwO6p6id2MX/LnTZPmfm
OLtKBGZosdqXVPoMwPpWznsGBlaI1ctfhns9NyDGZhKwwfcYMx8aPAtIdDrvLkEM
J3zEEN77RtU5ENg40auArkA6xKEwdadkUCSE9qj6mG6cyC4c7Ji+gGnOJdG4lKZo
UkNak4TXIcYS6CysvA4/D+5cjRVIL2f6s9b2Q9vwopGa3wai5dKZ+AoaXe1T7VhO
3nsg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org