Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XK2VwE64uGnTO8tYLTRVPWA1cx0.roa
File: XK2VwE64uGnTO8tYLTRVPWA1cx0.roa (raw, json)
Hash identifier: 1sXtZBImpxhNI9qcaIxFcd2Fi2YioR8rqSmk+oDAcoo=
Subject key identifier: 5C:AD:95:C0:4E:B8:B8:69:D3:3B:CB:58:2D:34:55:3D:60:35:73:1D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501223DA3662B497CBEE2903D4B3245
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XK2VwE64uGnTO8tYLTRVPWA1cx0.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200202
IP address blocks: 45.156.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Oct 2024 12:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:22:3d:a3:66:2b:49:7c:be:e2:90:3d:4b:32:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cad95c04eb8b869d33bcb582d34553d6035731d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:b4:f5:7c:9b:48:c4:2a:70:df:ff:70:7c:
07:35:b1:ec:2c:0a:0e:c0:a2:51:1e:ae:4e:9d:c2:
51:a6:46:75:ce:60:78:c4:5e:ff:54:28:b7:4f:4b:
e0:6d:6d:a4:6c:42:9a:93:e1:36:04:ae:71:f8:ea:
69:84:e0:61:49:f7:f1:24:fa:bc:2a:34:67:a4:55:
ca:6c:0d:17:0a:14:ca:00:5b:72:95:2d:50:dd:ba:
3d:8f:10:1e:53:b8:9e:af:9b:22:17:9d:a6:24:ac:
d2:28:d7:d0:f7:89:91:da:0f:c4:cc:cd:9c:0e:ea:
d8:14:7b:9a:08:81:f1:19:6f:47:99:b6:9d:a7:b4:
c7:02:3c:8a:e8:23:ba:d6:31:d8:bb:cb:74:9e:07:
fb:22:cf:dd:e7:6e:39:cd:64:66:a0:19:5c:6b:49:
ce:f2:4b:96:64:dd:f1:2b:59:79:5d:e8:07:75:2a:
73:36:81:c3:4a:2e:21:1e:5d:4e:eb:ab:7a:22:40:
41:2f:87:c2:4b:36:8b:f4:2c:76:09:5d:4d:3e:44:
42:03:b5:9a:7a:64:9a:62:c8:ee:14:b8:0d:92:82:
81:45:33:07:7c:94:d7:92:c7:3d:0c:52:f5:18:bc:
79:5a:41:85:72:81:28:d4:cf:55:dd:ff:f9:d4:dc:
2a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AD:95:C0:4E:B8:B8:69:D3:3B:CB:58:2D:34:55:3D:60:35:73:1D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XK2VwE64uGnTO8tYLTRVPWA1cx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.156.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:95:68:b1:70:8e:08:50:b7:48:ea:0e:28:73:cf:23:f0:29:
94:72:82:e1:c1:80:af:56:25:44:22:1d:a3:54:7d:15:6e:b2:
88:63:94:87:ef:7d:33:a4:9a:70:f6:93:0c:6e:07:7b:66:73:
8b:f9:eb:57:92:1a:43:57:9a:ae:be:2f:46:58:ac:c7:0f:c1:
6a:69:c8:41:2d:e0:cf:c1:b1:46:b2:e9:53:38:d1:cc:0b:39:
44:bf:b6:4e:6b:a1:91:d1:b7:2f:3d:c3:1b:d0:e5:63:f3:11:
7c:c4:c6:3e:44:98:2c:c6:53:67:ed:d6:9d:2f:96:8f:f9:f3:
00:ff:07:98:41:35:f0:88:58:9c:3b:59:a1:94:34:24:bc:dc:
f2:a2:9e:58:00:43:0b:ae:09:17:23:ea:5b:02:49:04:f7:14:
3f:0c:00:65:5e:52:84:0b:a2:c7:e8:b7:ed:6f:ad:e1:a5:11:
8f:51:96:69:0d:ff:53:e9:9c:ed:57:80:d2:50:9a:3a:6f:39:
f0:ac:2b:59:3b:e3:c7:4d:9a:bb:bb:f2:73:bc:3a:97:e1:a9:
f0:d9:e0:5c:78:1a:5b:ad:75:41:01:ee:24:58:55:1f:01:b7:
fc:31:fb:69:1d:ee:bf:ae:01:97:dd:f2:21:21:4d:2a:75:df:
f6:fb:ed:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASI9o2YrSXy+4pA9SzJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FkOTVjMDRlYjhiODY5ZDMzYmNiNTgyZDM0NTUzZDYwMzU3MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IG09XybSMQqcN//cHwHNbHsLAoO
wKJRHq5OncJRpkZ1zmB4xF7/VCi3T0vgbW2kbEKak+E2BK5x+OpphOBhSffxJPq8
KjRnpFXKbA0XChTKAFtylS1Q3bo9jxAeU7ier5siF52mJKzSKNfQ94mR2g/EzM2c
DurYFHuaCIHxGW9Hmbadp7THAjyK6CO61jHYu8t0ngf7Is/d5245zWRmoBlca0nO
8kuWZN3xK1l5XegHdSpzNoHDSi4hHl1O66t6IkBBL4fCSzaL9Cx2CV1NPkRCA7Wa
emSaYsjuFLgNkoKBRTMHfJTXksc9DFL1GLx5WkGFcoEo1M9V3f/51NwqNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFytlcBOuLhp0zvLWC00VT1gNXMdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWEsyVndFNjR1R25UTzh0WUxUUlZQV0ExY3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZycMA0G
CSqGSIb3DQEBCwUAA4IBAQAOlWixcI4IULdI6g4oc88j8CmUcoLhwYCvViVEIh2j
VH0VbrKIY5SH730zpJpw9pMMbgd7ZnOL+etXkhpDV5quvi9GWKzHD8FqachBLeDP
wbFGsulTONHMCzlEv7ZOa6GR0bcvPcMb0OVj8xF8xMY+RJgsxlNn7dadL5aP+fMA
/weYQTXwiFicO1mhlDQkvNzyop5YAEMLrgkXI+pbAkkE9xQ/DABlXlKEC6LH6Lft
b63hpRGPUZZpDf9T6ZztV4DSUJo6bznwrCtZO+PHTZq7u/JzvDqX4anw2eBceBpb
rXVBAe4kWFUfAbf8MftpHe6/rgGX3fIhIU0qdd/2++1i
-----END CERTIFICATE-----
Generated at Sat Oct 26 14:00:15 2024 by rpki-client on console-ams.rpki-client.org