Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xhsDrcH8lNBnvQLYEw8SIlPRcG0.roa
File: xhsDrcH8lNBnvQLYEw8SIlPRcG0.roa (raw, json)
Hash identifier: DE8p1CsEELNyo/ZgHt2HPX7o/cvZMWS2QaN7KmGeD7w=
Subject key identifier: C6:1B:03:AD:C1:FC:94:D0:67:BD:02:D8:13:0F:12:22:53:D1:70:6D
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018CFE074E0FFCEDC7B0B00576EBEB7372E0
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xhsDrcH8lNBnvQLYEw8SIlPRcG0.roa
Signing time: Fri 12 Jan 2024 14:15:40 +0000
ROA not before: Fri 12 Jan 2024 14:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47436
IP address blocks: 45.147.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 14:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:07:4e:0f:fc:ed:c7:b0:b0:05:76:eb:eb:73:72:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 12 14:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61b03adc1fc94d067bd02d8130f122253d1706d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b7:00:ed:3b:26:69:8c:47:e9:a7:dc:2d:cb:
c3:9c:39:4a:1a:2a:e0:0b:df:98:30:56:fe:81:45:
cd:59:ff:e7:a8:39:4f:0e:35:b3:38:96:72:c0:38:
5c:68:ca:6f:c5:d6:07:a8:5d:6e:fa:ec:7d:a9:7e:
4e:f7:49:34:e1:28:80:c8:cd:de:ed:1b:5e:c9:f4:
9a:c5:fc:96:3e:9a:95:70:72:93:13:d4:1a:06:4e:
ca:e9:21:67:4c:a3:4f:e9:9d:7d:56:25:f7:f9:fd:
09:98:73:fc:4a:7e:e9:04:de:16:96:48:5b:38:37:
f0:73:0f:e7:c6:83:a6:41:fe:1b:73:e8:a7:65:16:
e9:ba:14:84:3a:bf:ea:a6:fe:57:f2:2b:c0:4e:61:
fe:a6:61:f5:e0:86:7b:cb:43:39:a9:16:cb:49:78:
c0:6f:1b:e2:23:3a:16:74:84:47:11:71:27:02:97:
4f:3d:e3:d0:5a:a1:34:85:1f:2a:6d:d1:39:8c:c3:
21:a8:49:f8:58:65:82:66:76:fa:7c:ae:d8:63:c8:
e4:61:73:f4:c6:3e:7e:fd:41:76:02:95:a8:e9:8d:
5a:24:fb:e6:85:a6:28:01:98:32:d5:af:59:5f:6c:
4e:f7:09:78:d9:89:aa:c6:49:93:1c:b0:3c:00:24:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1B:03:AD:C1:FC:94:D0:67:BD:02:D8:13:0F:12:22:53:D1:70:6D
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xhsDrcH8lNBnvQLYEw8SIlPRcG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.45.0/24
Signature Algorithm: sha256WithRSAEncryption
42:cc:c8:d0:17:c7:8b:6a:5a:88:f8:bf:b2:0c:d5:d9:e0:ac:
7a:e0:6a:db:13:88:ac:aa:7a:f7:64:8e:f3:7e:91:46:46:1b:
9d:2d:ed:e4:3a:68:fa:df:7a:48:f3:1d:fe:81:02:ad:a5:29:
ae:dc:27:0d:f0:4f:72:79:87:0c:e7:a3:8f:65:34:f4:37:88:
cc:3c:4f:e9:03:0e:67:54:a1:58:78:c1:63:71:4a:ef:6b:ba:
5b:fb:ff:61:1f:86:71:34:da:20:2e:42:da:4f:ad:b1:5b:f7:
69:e8:f1:3c:4f:6e:87:e5:2a:93:83:f4:48:5c:fe:26:08:94:
ef:37:db:4f:89:78:c5:65:6d:25:b2:40:b4:6c:1f:55:92:44:
98:56:4b:87:ee:57:84:7a:a2:3f:e9:14:5f:11:a9:ad:40:2c:
72:0d:8f:56:bc:82:ec:a9:a9:5f:11:53:37:34:ae:07:a5:ff:
83:ee:53:f7:e6:d6:8f:a1:93:2d:7a:dc:1c:c7:09:c2:bc:cf:
6a:82:1f:49:ee:63:0d:f5:0f:e8:b2:55:22:76:a4:6a:71:c3:
1e:5e:98:68:02:d1:53:0b:d9:d7:e5:9a:de:48:ae:36:6f:b3:
e6:b5:59:e1:c7:bb:f1:03:c0:cf:dc:3e:24:a1:b5:ce:98:23:
f9:71:f9:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz+B04P/O3HsLAFduvrc3LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMTEyMTQxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFiMDNhZGMxZmM5NGQwNjdiZDAyZDgxMzBmMTIyMjUzZDE3MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrcA7TsmaYxH6afcLcvDnDlKGirg
C9+YMFb+gUXNWf/nqDlPDjWzOJZywDhcaMpvxdYHqF1u+ux9qX5O90k04SiAyM3e
7RteyfSaxfyWPpqVcHKTE9QaBk7K6SFnTKNP6Z19ViX3+f0JmHP8Sn7pBN4Wlkhb
ODfwcw/nxoOmQf4bc+inZRbpuhSEOr/qpv5X8ivATmH+pmH14IZ7y0M5qRbLSXjA
bxviIzoWdIRHEXEnApdPPePQWqE0hR8qbdE5jMMhqEn4WGWCZnb6fK7YY8jkYXP0
xj5+/UF2ApWo6Y1aJPvmhaYoAZgy1a9ZX2xO9wl42YmqxkmTHLA8ACQ42wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYbA63B/JTQZ70C2BMPEiJT0XBtMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEveGhzRHJjSDhsTkJudlFMWUV3OFNJbFBSY0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMtMA0G
CSqGSIb3DQEBCwUAA4IBAQBCzMjQF8eLalqI+L+yDNXZ4Kx64GrbE4isqnr3ZI7z
fpFGRhudLe3kOmj633pI8x3+gQKtpSmu3CcN8E9yeYcM56OPZTT0N4jMPE/pAw5n
VKFYeMFjcUrva7pb+/9hH4ZxNNogLkLaT62xW/dp6PE8T26H5SqTg/RIXP4mCJTv
N9tPiXjFZW0lskC0bB9VkkSYVkuH7leEeqI/6RRfEamtQCxyDY9WvILsqalfEVM3
NK4Hpf+D7lP35taPoZMtetwcxwnCvM9qgh9J7mMN9Q/oslUidqRqccMeXphoAtFT
C9nX5ZreSK42b7PmtVnhx7vxA8DP3D4kobXOmCP5cfm6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:05 2025 by rpki-client