Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XxVlKYtfcL6MOW0u7SRrnnENX_0.roa
File: XxVlKYtfcL6MOW0u7SRrnnENX_0.roa (raw, json)
Hash identifier: 1LyutZFg1fTnCIoliNaf7GxxkweJ70bMOpM5lM/x+lE=
Subject key identifier: 5F:15:65:29:8B:5F:70:BE:8C:39:6D:2E:ED:24:6B:9E:71:0D:5F:FD
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C541356DA20F3B26A9A1784CC7C1A6E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XxVlKYtfcL6MOW0u7SRrnnENX_0.roa
Signing time: Sun 01 Jan 2023 07:55:27 +0000
ROA not before: Sun 01 Jan 2023 07:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209859
IP address blocks: 45.10.0.0/24 maxlen: 32
195.85.10.0/23 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:13:56:da:20:f3:b2:6a:9a:17:84:cc:7c:1a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1565298b5f70be8c396d2eed246b9e710d5ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:f9:36:b9:95:d2:0c:8b:ce:6a:3c:a5:4a:
40:95:f5:df:01:c7:a8:9d:e5:4e:49:48:5e:7b:f1:
10:57:b1:4a:e5:9e:18:a4:1c:6a:fe:8f:8e:95:a5:
14:26:24:36:bf:b6:14:c6:61:74:f9:4b:35:a9:ab:
ce:79:2c:cb:55:2d:03:b3:fa:73:77:61:18:56:83:
54:3f:b3:17:9b:15:44:bb:16:93:37:40:41:0a:f1:
69:9c:67:3a:9e:e6:70:f6:28:49:d0:f6:9a:7f:64:
9e:05:8d:70:77:79:f4:9f:39:6f:ae:4f:40:8a:e1:
eb:d1:5c:de:ba:1d:b2:13:8e:3f:73:09:29:64:6a:
d1:6b:8b:3d:0f:95:23:31:dd:6a:97:64:a0:2c:9b:
5e:00:38:65:53:6b:dc:b0:c1:d2:38:11:e3:88:e7:
8b:c2:92:25:a2:9a:3a:31:f9:74:c2:c8:69:05:4e:
48:b1:fe:4f:7a:6a:68:e9:8e:13:d6:1e:fc:e0:33:
f1:2a:01:a1:5a:5c:30:36:68:18:b1:ee:a9:28:8e:
52:95:3f:82:d5:c1:47:34:9b:9e:20:71:4c:12:04:
19:bc:e0:0b:35:fb:e1:9f:2a:1b:f8:f7:41:a9:3a:
ed:ee:51:04:d3:a2:45:2d:db:a0:cb:e8:fa:6f:14:
52:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:15:65:29:8B:5F:70:BE:8C:39:6D:2E:ED:24:6B:9E:71:0D:5F:FD
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XxVlKYtfcL6MOW0u7SRrnnENX_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.0.0/24
195.85.10.0/23
Signature Algorithm: sha256WithRSAEncryption
89:7b:96:1a:46:c7:f8:2f:d9:47:77:b9:5d:71:0b:d3:38:5a:
ce:98:63:9c:da:91:62:c8:ad:56:89:d7:14:18:14:b6:7a:da:
99:1f:60:92:3b:70:7f:79:c3:cc:4d:ae:14:ed:9b:64:03:d5:
12:e4:0a:48:94:33:42:70:84:19:2e:83:1c:e2:b0:e0:c2:13:
72:53:60:34:26:7b:f1:a4:3f:e3:56:a4:6a:92:c1:34:ba:12:
70:10:a6:61:78:21:d9:c5:78:52:a3:34:60:32:ef:35:cd:f8:
0d:04:fa:8c:e8:f1:d1:f9:f8:27:72:44:85:93:0f:d0:13:db:
da:98:dc:02:b8:62:30:c9:c5:99:17:2d:93:cf:f6:1a:a2:b6:
f7:5a:dd:6d:d7:40:56:e4:ee:12:19:0d:ce:a8:27:59:b8:7f:
9a:6e:68:c1:05:c4:7f:03:f0:68:ff:17:d6:48:c8:73:d4:bc:
89:5d:cd:42:6d:f1:9e:f3:c0:3c:ba:9e:4e:e4:cd:d4:74:1f:
80:e6:c9:78:07:33:43:a0:65:21:b1:f2:fe:fb:33:68:ba:22:
3a:d1:cc:a9:31:be:01:3e:b0:9c:98:aa:29:5c:31:10:4d:36:
60:38:f5:89:3a:aa:ab:f4:41:1f:92:43:d8:ff:82:88:61:7f:
d1:4e:29:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsVBNW2iDzsmqaF4TMfBpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE1NjUyOThiNWY3MGJlOGMzOTZkMmVlZDI0NmI5ZTcxMGQ1ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw/5NrmV0gyLzmo8pUpAlfXfAceo
neVOSUhee/EQV7FK5Z4YpBxq/o+OlaUUJiQ2v7YUxmF0+Us1qavOeSzLVS0Ds/pz
d2EYVoNUP7MXmxVEuxaTN0BBCvFpnGc6nuZw9ihJ0Paaf2SeBY1wd3n0nzlvrk9A
iuHr0Vzeuh2yE44/cwkpZGrRa4s9D5UjMd1ql2SgLJteADhlU2vcsMHSOBHjiOeL
wpIlopo6Mfl0wshpBU5Isf5Pempo6Y4T1h784DPxKgGhWlwwNmgYse6pKI5SlT+C
1cFHNJueIHFMEgQZvOALNfvhnyob+PdBqTrt7lEE06JFLdugy+j6bxRSvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF8VZSmLX3C+jDltLu0ka55xDV/9MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWHhWbEtZdGZjTDZNT1cwdTdTUnJubkVOWF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQoAAwQB
w1UKMA0GCSqGSIb3DQEBCwUAA4IBAQCJe5YaRsf4L9lHd7ldcQvTOFrOmGOc2pFi
yK1WidcUGBS2etqZH2CSO3B/ecPMTa4U7ZtkA9US5ApIlDNCcIQZLoMc4rDgwhNy
U2A0JnvxpD/jVqRqksE0uhJwEKZheCHZxXhSozRgMu81zfgNBPqM6PHR+fgnckSF
kw/QE9vamNwCuGIwycWZFy2Tz/Yaorb3Wt1t10BW5O4SGQ3OqCdZuH+abmjBBcR/
A/Bo/xfWSMhz1LyJXc1CbfGe88A8up5O5M3UdB+A5sl4BzNDoGUhsfL++zNouiI6
0cypMb4BPrCcmKopXDEQTTZgOPWJOqqr9EEfkkPY/4KIYX/RTinQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org