Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/XxOoU-OB5PUgQy_GVOR0VcLcIqM.roa
File: XxOoU-OB5PUgQy_GVOR0VcLcIqM.roa (raw, json)
Hash identifier: cQQE8O499Iw+v5de/Sfp8sXj0WrmU2Wbh9O75RD9kYU=
Subject key identifier: 5F:13:A8:53:E3:81:E4:F5:20:43:2F:C6:54:E4:74:55:C2:DC:22:A3
Certificate issuer: /CN=1f3e3bf560da0b12618b027aaca61fac78d5ff5c
Certificate serial: 018890692D89AD435635D14640FFD63CEB69
Authority key identifier: 1F:3E:3B:F5:60:DA:0B:12:61:8B:02:7A:AC:A6:1F:AC:78:D5:FF:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hz479WDaCxJhiwJ6rKYfrHjV_1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/XxOoU-OB5PUgQy_GVOR0VcLcIqM.roa
Signing time: Tue 06 Jun 2023 11:13:11 +0000
ROA not before: Tue 06 Jun 2023 11:13:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51685
IP address blocks: 91.237.179.0/24 maxlen: 32
45.86.38.0/24 maxlen: 32
91.219.164.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Jun 2023 17:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:69:2d:89:ad:43:56:35:d1:46:40:ff:d6:3c:eb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f3e3bf560da0b12618b027aaca61fac78d5ff5c
Validity
Not Before: Jun 6 11:13:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f13a853e381e4f520432fc654e47455c2dc22a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:1f:94:c5:ab:13:19:0d:08:a1:28:21:29:
82:e7:ef:68:c9:06:35:f8:3d:92:2b:17:b5:ef:d3:
75:a3:7f:52:87:b9:39:8e:47:76:b1:cd:5c:22:b1:
38:e0:87:bb:68:88:2f:be:37:40:28:15:76:e4:93:
65:5c:29:cf:3b:e2:36:f9:fa:96:85:23:ef:35:1e:
99:19:52:f8:9d:8b:15:c6:37:54:3d:f6:bd:ce:33:
af:39:92:8f:e1:b4:e3:b2:de:60:20:86:4f:d2:4a:
e8:12:3b:66:34:57:e6:73:54:6d:e0:ae:46:7c:4e:
54:d8:95:55:5d:63:a6:65:f6:dd:aa:85:bc:23:72:
96:67:84:d0:17:9d:d1:4a:fe:73:b0:e1:32:52:62:
0f:ba:4c:2b:70:a8:82:23:48:25:11:5c:c0:3e:31:
ff:cc:cc:a5:09:ef:27:58:b3:9d:fe:34:d3:aa:bf:
80:54:8d:54:d7:96:87:30:35:76:3d:e8:0a:fe:4d:
eb:7c:89:c4:04:26:67:e9:ac:92:07:66:9e:b3:f7:
f9:1a:9b:e1:3d:42:43:d4:c4:4b:f2:c0:de:32:79:
86:e7:3d:e1:93:97:92:be:c5:6f:04:4e:88:20:4f:
ce:7c:fa:b6:e3:4a:d5:5c:bc:ad:a1:87:f6:9d:3f:
65:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:13:A8:53:E3:81:E4:F5:20:43:2F:C6:54:E4:74:55:C2:DC:22:A3
X509v3 Authority Key Identifier:
keyid:1F:3E:3B:F5:60:DA:0B:12:61:8B:02:7A:AC:A6:1F:AC:78:D5:FF:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hz479WDaCxJhiwJ6rKYfrHjV_1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/XxOoU-OB5PUgQy_GVOR0VcLcIqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/Hz479WDaCxJhiwJ6rKYfrHjV_1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.38.0/24
91.219.164.0/22
91.237.179.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:09:5d:83:78:b3:19:34:1b:e3:23:91:7a:3b:6f:db:f2:45:
a5:de:bf:15:22:6e:c8:4f:bf:ad:ca:ab:6f:3e:00:29:28:f8:
d6:bd:32:b3:00:13:2b:af:9f:a0:30:ac:78:fd:23:b5:91:2f:
ab:ce:3e:02:eb:cb:b8:7f:13:9d:1c:4a:8c:e7:e3:86:94:47:
c1:b8:52:da:55:8b:16:12:96:06:ce:89:a0:2b:a4:93:2a:a5:
6c:a8:b8:7d:a6:f2:fe:7a:90:09:9a:55:8b:a6:93:26:df:30:
9f:12:14:77:80:06:38:ad:64:46:4f:c1:f9:e7:1a:4a:97:82:
8d:10:27:1b:96:6e:0c:74:bc:c9:79:63:8c:ec:6c:ca:60:94:
58:0c:70:78:ba:6f:3d:f1:52:19:d3:21:6f:1a:40:f7:58:cf:
29:67:f3:0e:8e:19:a8:c5:de:15:81:58:b4:6e:f4:c9:ac:f3:
e7:e3:60:c9:3e:41:9c:29:2b:9c:13:31:ec:b7:4c:44:c4:2e:
a7:79:86:a1:4f:01:b4:9b:11:93:f1:43:76:cd:a6:1f:71:dc:
c8:13:63:d0:19:5c:f6:9e:3a:40:04:a6:02:4f:8d:eb:b2:71:
f6:d6:33:08:e6:77:8e:ca:cf:98:8b:87:d5:48:f1:24:bf:05:
44:da:dd:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiQaS2JrUNWNdFGQP/WPOtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2UzYmY1NjBkYTBiMTI2MThiMDI3YWFjYTYxZmFjNzhk
NWZmNWMwHhcNMjMwNjA2MTExMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjEzYTg1M2UzODFlNGY1MjA0MzJmYzY1NGU0NzQ1NWMyZGMyMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06AflMWrExkNCKEoISmC5+9oyQY1
+D2SKxe179N1o39Sh7k5jkd2sc1cIrE44Ie7aIgvvjdAKBV25JNlXCnPO+I2+fqW
hSPvNR6ZGVL4nYsVxjdUPfa9zjOvOZKP4bTjst5gIIZP0kroEjtmNFfmc1Rt4K5G
fE5U2JVVXWOmZfbdqoW8I3KWZ4TQF53RSv5zsOEyUmIPukwrcKiCI0glEVzAPjH/
zMylCe8nWLOd/jTTqr+AVI1U15aHMDV2PegK/k3rfInEBCZn6aySB2aes/f5Gpvh
PUJD1MRL8sDeMnmG5z3hk5eSvsVvBE6IIE/OfPq240rVXLytoYf2nT9ljQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8TqFPjgeT1IEMvxlTkdFXC3CKjMB8GA1UdIwQY
MBaAFB8+O/Vg2gsSYYsCeqymH6x41f9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHo0NzlXRGFDeEpoaXdKNnJLWWZySGpWXzF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81ZGIwYTgtYjhlNy00ZjQ0LWIwM2Et
ZWE1NzMxNjg0OTE3LzEvWHhPb1UtT0I1UFVnUXlfR1ZPUjBWY0xjSXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81ZGIwYTgtYjhlNy00ZjQ0LWIwM2EtZWE1NzMxNjg0OTE3
LzEvSHo0NzlXRGFDeEpoaXdKNnJLWWZySGpWXzF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVYmAwQC
W9ukAwQAW+2zMA0GCSqGSIb3DQEBCwUAA4IBAQAaCV2DeLMZNBvjI5F6O2/b8kWl
3r8VIm7IT7+tyqtvPgApKPjWvTKzABMrr5+gMKx4/SO1kS+rzj4C68u4fxOdHEqM
5+OGlEfBuFLaVYsWEpYGzomgK6STKqVsqLh9pvL+epAJmlWLppMm3zCfEhR3gAY4
rWRGT8H55xpKl4KNECcblm4MdLzJeWOM7GzKYJRYDHB4um898VIZ0yFvGkD3WM8p
Z/MOjhmoxd4VgVi0bvTJrPPn42DJPkGcKSucEzHst0xExC6neYahTwG0mxGT8UN2
zaYfcdzIE2PQGVz2njpABKYCT43rsnH21jMI5neOys+Yi4fVSPEkvwVE2t2q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:29 2024 by rpki-client on console-ams.rpki-client.org