Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa
File: 1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa (raw, json)
Hash identifier: j126E3He1EHYSJXCHGbzDJ3mKj/RWOAiGkq3RKPAu1E=
Subject key identifier: D5:70:6B:C7:FA:1C:E1:F8:2A:30:B6:F6:C1:34:33:86:07:E4:2F:81
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018FC5476B19593E88312A568D1E0E96D771
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa
Signing time: Wed 29 May 2024 16:55:42 +0000
ROA not before: Wed 29 May 2024 16:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.181.200.0/24 maxlen: 24
5.181.201.0/24 maxlen: 24
45.158.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 05:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c5:47:6b:19:59:3e:88:31:2a:56:8d:1e:0e:96:d7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: May 29 16:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5706bc7fa1ce1f82a30b6f6c134338607e42f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1f:6f:75:12:81:c9:9f:fa:6e:b3:f3:59:61:
01:94:85:b0:0d:b6:4c:8e:b4:94:c8:63:0d:e6:23:
e5:fb:59:0c:89:6b:46:30:4b:b5:31:c9:ae:6f:0d:
43:5c:f0:34:bd:96:0d:e5:2f:a9:46:d5:fe:8d:d9:
3f:41:64:d7:0e:17:fb:3d:35:74:ac:cb:e3:1f:63:
aa:5f:40:97:f2:27:96:6a:67:1f:4d:da:73:b0:f3:
3e:e6:c7:71:ca:36:87:fd:1e:73:c1:b0:e6:be:f2:
27:7d:cf:8d:a8:c3:54:9b:ce:2f:d7:a2:9b:c4:ac:
54:6e:ee:3f:5f:6b:b7:95:53:b8:51:3d:67:27:01:
cd:23:d0:33:2d:c7:9b:7a:5d:7e:94:56:9c:7b:50:
b4:83:6c:63:81:21:2a:22:57:e6:92:f8:ff:ab:1a:
0d:7e:18:c0:7d:f2:01:f0:cf:23:89:11:61:ea:52:
05:7b:5a:58:9f:a3:20:f1:71:97:20:ce:1c:ba:34:
2d:4c:03:d5:be:3b:2d:7e:29:b2:65:14:26:a7:02:
b8:9e:29:b3:cd:f0:8e:06:63:5b:16:55:95:2e:fe:
87:be:0b:30:bd:79:98:07:22:29:37:fd:3d:7f:b8:
a4:ad:e2:4f:6a:84:41:a6:85:6c:52:0b:cc:17:6b:
58:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:70:6B:C7:FA:1C:E1:F8:2A:30:B6:F6:C1:34:33:86:07:E4:2F:81
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.200.0/23
45.158.83.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:79:1d:e9:14:e2:03:ee:f0:c5:eb:d1:a2:8e:bb:44:16:a1:
d1:b4:cc:65:78:df:58:8f:e0:88:bb:b6:ec:f6:47:cb:ee:8b:
68:05:87:20:37:8c:65:32:81:65:da:22:72:8c:01:93:7a:6d:
07:f4:78:c3:a1:44:63:9d:bf:c5:5d:c1:4e:6b:b0:dc:49:21:
d0:b0:13:09:d4:4e:11:d2:7a:e8:1c:14:c3:2c:16:6e:80:e4:
b8:95:72:5f:ae:d6:f3:c7:fb:cc:59:62:72:c9:f1:f4:55:19:
ce:cb:49:40:9a:0a:e7:f4:76:1b:a6:99:2f:c5:b6:6b:82:39:
97:2e:02:86:d0:f2:51:03:ab:8e:ab:8e:f5:c8:b6:46:a4:0d:
f2:55:89:74:47:74:4a:8f:dc:e2:86:87:fb:e5:34:f4:05:4a:
68:fa:d2:aa:31:b8:a5:27:23:ce:61:1c:ef:6b:f1:25:cd:07:
e1:d1:5a:b0:84:20:df:06:db:2d:0c:33:2e:86:80:0b:d5:5d:
0b:23:eb:23:de:a1:b2:40:d7:9b:24:2b:90:ec:e0:53:dd:c8:
b0:f4:73:ff:25:2b:c7:8e:2f:ae:c3:14:c8:d6:87:c6:af:d4:
b9:43:2b:a4:2c:21:51:df:3d:97:e1:7a:a6:99:61:dd:b1:82:
8a:36:62:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/FR2sZWT6IMSpWjR4OltdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwNTI5MTY1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcwNmJjN2ZhMWNlMWY4MmEzMGI2ZjZjMTM0MzM4NjA3ZTQyZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R9vdRKByZ/6brPzWWEBlIWwDbZM
jrSUyGMN5iPl+1kMiWtGMEu1Mcmubw1DXPA0vZYN5S+pRtX+jdk/QWTXDhf7PTV0
rMvjH2OqX0CX8ieWamcfTdpzsPM+5sdxyjaH/R5zwbDmvvInfc+NqMNUm84v16Kb
xKxUbu4/X2u3lVO4UT1nJwHNI9AzLcebel1+lFace1C0g2xjgSEqIlfmkvj/qxoN
fhjAffIB8M8jiRFh6lIFe1pYn6Mg8XGXIM4cujQtTAPVvjstfimyZRQmpwK4nimz
zfCOBmNbFlWVLv6HvgswvXmYByIpN/09f7ikreJPaoRBpoVsUgvMF2tY/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVwa8f6HOH4KjC29sE0M4YH5C+BMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvMVhCcnhfb2M0ZmdxTUxiMndUUXpoZ2ZrTDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbXIAwQA
LZ5TMA0GCSqGSIb3DQEBCwUAA4IBAQCmeR3pFOID7vDF69GijrtEFqHRtMxleN9Y
j+CIu7bs9kfL7otoBYcgN4xlMoFl2iJyjAGTem0H9HjDoURjnb/FXcFOa7DcSSHQ
sBMJ1E4R0nroHBTDLBZugOS4lXJfrtbzx/vMWWJyyfH0VRnOy0lAmgrn9HYbppkv
xbZrgjmXLgKG0PJRA6uOq471yLZGpA3yVYl0R3RKj9zihof75TT0BUpo+tKqMbil
JyPOYRzva/ElzQfh0VqwhCDfBtstDDMuhoAL1V0LI+sj3qGyQNebJCuQ7OBT3ciw
9HP/JSvHji+uwxTI1ofGr9S5QyukLCFR3z2X4XqmmWHdsYKKNmLz
-----END CERTIFICATE-----
Generated at Fri Sep 6 07:58:14 2024 by rpki-client on console-fra.rpki-client.org