Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/XVcFqweLS5qnocB4mKbT0agcvr0.roa
File: XVcFqweLS5qnocB4mKbT0agcvr0.roa (raw, json)
Hash identifier: CqKYDTxOmhXolaaTdIda+AoJsr6M+nLgvfzad1XdLYA=
Subject key identifier: 5D:57:05:AB:07:8B:4B:9A:A7:A1:C0:78:98:A6:D3:D1:A8:1C:BE:BD
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 018CC56DFE3F52B56DF893AA8475A71B84D4
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/XVcFqweLS5qnocB4mKbT0agcvr0.roa
Signing time: Mon 01 Jan 2024 14:29:29 +0000
ROA not before: Mon 01 Jan 2024 14:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208275
IP address blocks: 45.149.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 10:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fe:3f:52:b5:6d:f8:93:aa:84:75:a7:1b:84:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Jan 1 14:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d5705ab078b4b9aa7a1c07898a6d3d1a81cbebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c1:9b:01:db:e0:87:77:90:a5:d7:00:20:53:
18:c1:5a:e0:91:ea:11:88:aa:d4:bb:80:f4:e3:6f:
08:ed:dc:65:09:56:4f:d1:cf:a6:f6:0f:22:a1:81:
73:22:eb:87:2e:72:2d:ee:1f:0f:79:29:f0:43:81:
ac:27:0c:4c:54:e4:15:73:65:12:5e:45:e6:0d:e6:
e2:55:83:5a:1c:da:c5:28:06:b8:7a:24:bc:ca:07:
45:39:52:3f:e6:d3:2d:e1:1e:bd:2f:0c:33:09:14:
55:2f:6e:31:2f:2f:0b:80:c7:3a:81:d2:62:75:31:
86:ef:58:a9:76:b2:f3:79:ad:88:69:21:a5:37:88:
7d:99:cc:a2:cf:b2:2b:db:52:17:e2:55:44:e1:b3:
9d:62:4d:21:ec:1c:06:c6:f1:ee:93:49:c2:2d:75:
95:4d:b3:07:f2:84:d6:2b:f9:e1:5f:cb:4e:13:f9:
9a:85:8d:47:6c:09:a8:11:f5:41:bc:1e:69:ee:f4:
5d:79:4e:00:b2:bc:a8:18:8a:48:51:5a:47:87:ad:
93:c1:9b:31:17:0c:36:00:0c:27:22:1f:21:f2:7f:
fb:2b:53:ad:72:e4:79:09:b5:40:f5:0a:c3:c2:81:
87:59:d5:25:34:ae:e7:4d:8a:4e:a0:49:8e:28:01:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:57:05:AB:07:8B:4B:9A:A7:A1:C0:78:98:A6:D3:D1:A8:1C:BE:BD
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/XVcFqweLS5qnocB4mKbT0agcvr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:13:f6:d0:60:1b:be:95:4f:e4:f7:fe:c8:20:33:aa:d6:31:
a8:27:45:77:11:4c:60:19:1c:b8:6e:d3:f0:36:59:fa:81:ec:
6d:04:c6:06:96:23:6f:3d:e9:cb:be:fb:ec:d5:0a:cc:c3:08:
f7:cb:22:41:a5:6b:5f:19:a4:5c:eb:d7:c4:c3:d3:fe:6c:f6:
8a:6e:43:26:76:67:76:2e:4b:d5:96:87:fd:64:96:1f:0d:64:
ca:a4:0f:64:5d:0c:f4:3a:9e:79:81:06:bf:74:03:d3:be:2e:
8e:38:0d:2d:05:7e:93:1e:c9:c6:9b:0c:ad:b7:5b:85:d0:b4:
b9:79:ec:17:9a:79:75:93:07:2c:28:3a:cd:fb:0c:8e:6e:c9:
45:f8:76:ee:a9:bb:b8:54:06:e0:d4:42:35:e8:9e:a9:f2:20:
11:5f:56:ea:8e:fe:86:9b:71:40:96:63:07:cd:33:85:92:5c:
4b:29:8d:22:d8:61:5a:18:3e:66:b9:55:00:14:90:4c:9a:41:
b6:af:24:1e:dd:67:61:90:20:81:58:6d:4b:0a:61:63:8e:ff:
fc:a8:6c:fd:6f:e4:ec:47:1b:c2:c5:45:b1:01:e3:93:b9:83:
4a:3f:f0:69:d6:d6:76:dd:76:1c:92:db:93:b8:20:7f:28:7a:
c2:a8:80:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbf4/UrVt+JOqhHWnG4TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTVjOTYxN2NhNWE2YTNiZmYyNjNmYzE4Mzc5OTJmZDFh
YzQ3ZjIwHhcNMjQwMTAxMTQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU3MDVhYjA3OGI0YjlhYTdhMWMwNzg5OGE2ZDNkMWE4MWNiZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cGbAdvgh3eQpdcAIFMYwVrgkeoR
iKrUu4D0428I7dxlCVZP0c+m9g8ioYFzIuuHLnIt7h8PeSnwQ4GsJwxMVOQVc2US
XkXmDebiVYNaHNrFKAa4eiS8ygdFOVI/5tMt4R69LwwzCRRVL24xLy8LgMc6gdJi
dTGG71ipdrLzea2IaSGlN4h9mcyiz7Ir21IX4lVE4bOdYk0h7BwGxvHuk0nCLXWV
TbMH8oTWK/nhX8tOE/mahY1HbAmoEfVBvB5p7vRdeU4AsryoGIpIUVpHh62TwZsx
Fww2AAwnIh8h8n/7K1OtcuR5CbVA9QrDwoGHWdUlNK7nTYpOoEmOKAHDuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1XBasHi0uap6HAeJim09GoHL69MB8GA1UdIwQY
MBaAFOeVyWF8paajv/Jj/Bg3mS/RrEfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYt
ZDU0MGRmODg2YmFiLzEvWFZjRnF3ZUxTNXFub2NCNG1LYlQwYWdjdnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYtZDU0MGRmODg2YmFi
LzEvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZWYMA0G
CSqGSIb3DQEBCwUAA4IBAQC7E/bQYBu+lU/k9/7IIDOq1jGoJ0V3EUxgGRy4btPw
Nln6gextBMYGliNvPenLvvvs1QrMwwj3yyJBpWtfGaRc69fEw9P+bPaKbkMmdmd2
LkvVlof9ZJYfDWTKpA9kXQz0Op55gQa/dAPTvi6OOA0tBX6THsnGmwytt1uF0LS5
eewXmnl1kwcsKDrN+wyObslF+Hbuqbu4VAbg1EI16J6p8iARX1bqjv6Gm3FAlmMH
zTOFklxLKY0i2GFaGD5muVUAFJBMmkG2ryQe3WdhkCCBWG1LCmFjjv/8qGz9b+Ts
RxvCxUWxAeOTuYNKP/Bp1tZ23XYcktuTuCB/KHrCqIDo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:41 2024 by rpki-client on console-ams.rpki-client.org