Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/xExa9An3pUC25kCxghPMqyGFibg.roa
File: xExa9An3pUC25kCxghPMqyGFibg.roa (raw, json)
Hash identifier: 75jZAyXo354z4ZUdTXsG7gsM7NXyPcRHgDLZHGIvoIc=
Subject key identifier: C4:4C:5A:F4:09:F7:A5:40:B6:E6:40:B1:82:13:CC:AB:21:85:89:B8
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018E42ED32DD9D03F3CA18C59F54136C46C4
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/xExa9An3pUC25kCxghPMqyGFibg.roa
Signing time: Fri 15 Mar 2024 16:23:45 +0000
ROA not before: Fri 15 Mar 2024 16:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.129.92.0/24 maxlen: 24
185.110.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 20 Mar 2024 18:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:ed:32:dd:9d:03:f3:ca:18:c5:9f:54:13:6c:46:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Mar 15 16:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c44c5af409f7a540b6e640b18213ccab218589b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:23:7a:c4:c4:33:a3:13:31:03:9b:3e:88:0f:
9d:03:5c:0b:d8:63:9a:71:8b:cf:d1:91:86:0d:7d:
03:bf:11:b1:68:4e:62:9f:ac:2b:39:79:96:c4:51:
8c:a1:ed:14:d0:36:b8:f0:2f:a4:ff:00:42:d0:fe:
cf:c3:b0:89:8c:b6:8e:c9:3c:59:75:50:63:87:a5:
79:d0:f7:9a:a8:bb:cd:13:1f:86:5d:5d:c2:d4:cf:
42:4d:38:0b:fb:3b:20:ec:11:a6:99:fb:1f:86:22:
3b:b4:7f:5a:ba:d6:5b:45:c5:62:1e:a4:20:6f:b9:
a4:28:25:e6:3e:0f:c9:d0:1b:eb:35:41:74:bb:90:
90:75:2f:17:96:12:6d:aa:fe:b0:60:17:d1:72:91:
bf:42:1b:e1:04:b7:e7:71:8d:c7:f6:2c:57:7d:1f:
84:96:c7:b9:e6:a4:75:76:74:47:22:07:fa:f3:2d:
44:ae:e6:4b:9a:eb:e4:eb:af:66:f6:43:5a:03:d3:
d4:36:a7:23:ce:f1:51:39:2b:f6:c8:91:91:73:50:
91:fa:31:df:8e:4d:93:d9:00:00:18:14:25:ee:58:
7c:05:26:65:ec:c0:0f:ca:49:58:39:d9:79:70:16:
77:bd:8b:b4:a5:10:08:25:56:a1:c4:35:fe:14:aa:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4C:5A:F4:09:F7:A5:40:B6:E6:40:B1:82:13:CC:AB:21:85:89:B8
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/xExa9An3pUC25kCxghPMqyGFibg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.92.0/24
185.110.62.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:f5:a0:6c:6f:5f:39:06:d9:7b:b3:e5:0e:d3:86:fd:3a:2a:
fe:37:7a:5b:43:3a:fa:eb:2e:72:4e:42:c4:88:a3:60:73:c7:
4c:b0:2c:71:e3:db:94:ef:ee:54:54:41:21:07:da:4b:bb:81:
b1:de:6d:0b:fd:62:ce:13:dd:f7:40:3d:69:21:f0:fa:89:0e:
6e:b4:ee:1b:26:78:a2:c6:78:4d:33:69:3f:26:8c:be:e5:df:
59:2f:ab:23:70:39:e5:13:02:e1:a7:cb:24:13:6e:c9:93:c4:
ee:2e:c0:e4:27:c0:00:3e:f8:4f:bc:9f:70:57:5b:0d:0a:8f:
a3:38:0d:11:d9:2a:b6:a0:99:80:be:25:76:32:d9:ab:94:76:
34:33:fb:7f:28:73:16:4d:09:21:5f:3c:ab:01:82:05:0f:16:
1f:fa:db:c1:34:f7:3b:44:af:c9:8b:ae:4b:36:5d:fc:25:97:
9d:b2:b7:ad:4c:d6:ad:d1:3e:84:dd:21:ae:d1:fc:cb:d8:38:
81:54:a5:b0:a0:58:7f:0f:07:20:83:8b:34:e5:d6:ac:8b:f0:
8f:7a:35:7f:cc:a0:36:95:18:87:34:71:ab:da:9d:74:f8:91:
cc:6b:5e:63:54:92:f0:63:33:fb:32:31:8e:67:bc:12:ff:d7:
90:4f:b0:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5C7TLdnQPzyhjFn1QTbEbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwMzE1MTYyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRjNWFmNDA5ZjdhNTQwYjZlNjQwYjE4MjEzY2NhYjIxODU4OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSN6xMQzoxMxA5s+iA+dA1wL2GOa
cYvP0ZGGDX0DvxGxaE5in6wrOXmWxFGMoe0U0Da48C+k/wBC0P7Pw7CJjLaOyTxZ
dVBjh6V50PeaqLvNEx+GXV3C1M9CTTgL+zsg7BGmmfsfhiI7tH9autZbRcViHqQg
b7mkKCXmPg/J0BvrNUF0u5CQdS8XlhJtqv6wYBfRcpG/QhvhBLfncY3H9ixXfR+E
lse55qR1dnRHIgf68y1EruZLmuvk669m9kNaA9PUNqcjzvFROSv2yJGRc1CR+jHf
jk2T2QAAGBQl7lh8BSZl7MAPyklYOdl5cBZ3vYu0pRAIJVahxDX+FKopxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMRMWvQJ96VAtuZAsYITzKshhYm4MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEveEV4YTlBbjNwVUMyNWtDeGdoUE1xeUdGaWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYFcAwQB
uW4+MA0GCSqGSIb3DQEBCwUAA4IBAQBt9aBsb185Btl7s+UO04b9Oir+N3pbQzr6
6y5yTkLEiKNgc8dMsCxx49uU7+5UVEEhB9pLu4Gx3m0L/WLOE933QD1pIfD6iQ5u
tO4bJniixnhNM2k/Joy+5d9ZL6sjcDnlEwLhp8skE27Jk8TuLsDkJ8AAPvhPvJ9w
V1sNCo+jOA0R2Sq2oJmAviV2MtmrlHY0M/t/KHMWTQkhXzyrAYIFDxYf+tvBNPc7
RK/Ji65LNl38JZedsretTNat0T6E3SGu0fzL2DiBVKWwoFh/Dwcgg4s05dasi/CP
ejV/zKA2lRiHNHGr2p10+JHMa15jVJLwYzP7MjGOZ7wS/9eQT7AD
-----END CERTIFICATE-----
Generated at Wed Mar 20 21:55:31 2024 by rpki-client on console-fra.rpki-client.org