Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/1XMUonK25a-hkqjlN1CKr9yjj6M.roa
File: 1XMUonK25a-hkqjlN1CKr9yjj6M.roa (raw, json)
Hash identifier: xYQJ68Ou/VOJVCVDK0cSwA7iEYmrENFZaMhpgKgic7U=
Subject key identifier: D5:73:14:A2:72:B6:E5:AF:A1:92:A8:E5:37:50:8A:AF:DC:A3:8F:A3
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 01913726A2EFBBE2DBC069B2E773A9CDDFFB
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/1XMUonK25a-hkqjlN1CKr9yjj6M.roa
Signing time: Fri 09 Aug 2024 12:39:24 +0000
ROA not before: Fri 09 Aug 2024 12:39:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 45.15.156.0/24 maxlen: 24
217.196.97.0/24 maxlen: 24
217.196.100.0/24 maxlen: 24
217.196.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:26:a2:ef:bb:e2:db:c0:69:b2:e7:73:a9:cd:df:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Aug 9 12:39:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57314a272b6e5afa192a8e537508aafdca38fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c5:11:b7:95:f7:ef:cb:24:9e:a8:f9:97:c4:
1d:86:20:4a:de:c1:bc:1e:d9:34:c7:1b:58:a7:b2:
d9:b1:85:df:ea:37:24:4e:99:33:98:df:b8:fe:f5:
88:f0:8e:be:c5:ff:11:23:51:02:2b:c2:b9:9e:8d:
3c:6a:59:e8:e8:86:11:88:39:93:bf:e7:97:f1:06:
34:9b:44:58:d1:d7:3f:13:72:a0:47:ba:e4:54:17:
78:ad:84:58:aa:0d:d5:07:40:96:5f:4a:d1:7a:46:
d9:eb:a0:26:3c:de:67:96:eb:96:76:59:92:8f:1b:
6c:c8:e1:cd:d4:a4:16:6c:fd:a5:ed:f8:f9:83:a4:
f3:3b:f6:06:78:c2:6c:58:6f:4c:45:f6:c1:21:48:
04:23:cf:15:f5:33:96:e9:fb:1c:40:0d:c2:9c:2d:
83:11:7a:90:d2:83:4d:23:b8:b2:6a:b6:3c:a3:f9:
f4:0e:66:d2:be:ad:95:4b:0b:6f:77:52:f6:47:5a:
7e:bc:5a:97:41:f6:ab:d7:bb:17:e4:1d:1b:76:51:
81:6d:94:6c:0b:7b:e0:0e:5f:9a:63:f5:f2:6e:bd:
f0:1d:f8:10:1b:51:8b:84:19:98:47:17:0d:c6:1f:
68:5e:5f:2d:bc:0e:b1:32:53:61:9c:f5:93:2e:b9:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:73:14:A2:72:B6:E5:AF:A1:92:A8:E5:37:50:8A:AF:DC:A3:8F:A3
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/1XMUonK25a-hkqjlN1CKr9yjj6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.156.0/24
217.196.97.0/24
217.196.100.0/23
Signature Algorithm: sha256WithRSAEncryption
21:9f:1a:7c:a6:ea:50:23:a2:a2:fb:34:de:48:f0:6b:88:82:
02:58:8b:3f:f8:73:58:f9:a3:49:c9:0e:f7:83:db:7e:1d:09:
56:06:06:f6:3c:6a:b8:f5:29:1b:b3:0e:09:dd:10:cb:ab:c0:
31:74:8e:2a:c1:fb:d5:a9:a3:af:3a:9c:90:ff:9a:6e:8e:f5:
23:75:61:64:e8:5a:44:d0:50:d1:83:26:ab:e7:26:ce:56:53:
ce:a1:1c:bb:b1:81:3c:8e:7d:6e:ca:87:4e:85:bc:f7:f4:c0:
c3:07:6a:3b:43:db:04:a7:d6:d2:3e:79:23:97:ba:e3:80:42:
b1:94:96:a6:a6:8b:f0:f3:e7:be:bf:77:d9:45:0d:77:93:99:
36:a8:ea:c0:d9:5b:87:57:6e:87:64:d3:2c:d7:c1:18:96:fb:
65:1f:41:a8:ff:9a:bf:9e:1b:a5:91:b0:d1:8f:77:fe:53:f9:
d5:2f:ba:82:37:36:5b:e6:61:c8:53:65:7b:7a:86:e4:a2:e1:
d6:a7:9c:5d:19:91:6b:53:3d:53:2a:b7:5c:e1:05:8e:14:36:
5d:52:0d:4a:94:27:a6:eb:11:42:ce:60:0b:cb:b2:f4:a9:6f:
df:22:71:21:0c:f1:ab:d4:8c:64:03:a9:83:87:86:13:c9:b7:
df:4c:fb:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZE3JqLvu+LbwGmy53Opzd/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwODA5MTIzOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTczMTRhMjcyYjZlNWFmYTE5MmE4ZTUzNzUwOGFhZmRjYTM4ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMURt5X378sknqj5l8QdhiBK3sG8
Htk0xxtYp7LZsYXf6jckTpkzmN+4/vWI8I6+xf8RI1ECK8K5no08alno6IYRiDmT
v+eX8QY0m0RY0dc/E3KgR7rkVBd4rYRYqg3VB0CWX0rRekbZ66AmPN5nluuWdlmS
jxtsyOHN1KQWbP2l7fj5g6TzO/YGeMJsWG9MRfbBIUgEI88V9TOW6fscQA3CnC2D
EXqQ0oNNI7iyarY8o/n0DmbSvq2VSwtvd1L2R1p+vFqXQfar17sX5B0bdlGBbZRs
C3vgDl+aY/Xybr3wHfgQG1GLhBmYRxcNxh9oXl8tvA6xMlNhnPWTLrkF1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNVzFKJytuWvoZKo5TdQiq/co4+jMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvMVhNVW9uSzI1YS1oa3FqbE4xQ0tyOXlqajZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ+cAwQA
2cRhAwQB2cRkMA0GCSqGSIb3DQEBCwUAA4IBAQAhnxp8pupQI6Ki+zTeSPBriIIC
WIs/+HNY+aNJyQ73g9t+HQlWBgb2PGq49Skbsw4J3RDLq8AxdI4qwfvVqaOvOpyQ
/5pujvUjdWFk6FpE0FDRgyar5ybOVlPOoRy7sYE8jn1uyodOhbz39MDDB2o7Q9sE
p9bSPnkjl7rjgEKxlJampovw8+e+v3fZRQ13k5k2qOrA2VuHV26HZNMs18EYlvtl
H0Go/5q/nhulkbDRj3f+U/nVL7qCNzZb5mHIU2V7eobkouHWp5xdGZFrUz1TKrdc
4QWOFDZdUg1KlCem6xFCzmALy7L0qW/fInEhDPGr1IxkA6mDh4YTybffTPvH
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:38 2025 by rpki-client