Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XzHIKn0t2r37Yw1gVnftATX8vYk.roa
File: XzHIKn0t2r37Yw1gVnftATX8vYk.roa (raw, json)
Hash identifier: dm086Rr/dx634YkQETq55qakRW6JBvzNOKmd+IW6f2U=
Subject key identifier: 5F:31:C8:2A:7D:2D:DA:BD:FB:63:0D:60:56:77:ED:01:35:FC:BD:89
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 018CC6B78ADA14ED277CC7583709366EBA2A
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XzHIKn0t2r37Yw1gVnftATX8vYk.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.95.224.0/23 maxlen: 24
45.95.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 00:04:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8a:da:14:ed:27:7c:c7:58:37:09:36:6e:ba:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f31c82a7d2ddabdfb630d605677ed0135fcbd89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7c:24:75:0a:76:95:55:81:a3:a8:6f:2c:47:
88:66:af:9b:52:10:44:ee:0c:18:62:41:0a:7e:3b:
c8:8b:90:3c:21:93:41:48:20:46:74:69:7b:89:4a:
ba:a0:c2:f2:49:11:9c:90:39:c8:84:6a:54:5b:46:
d3:b6:1c:c9:eb:4d:34:99:df:c8:9c:2c:70:60:44:
79:49:d7:44:36:09:b7:58:da:8b:f0:0f:23:d8:91:
b4:2c:c0:c3:c4:49:e4:3a:bd:2d:46:d4:73:2f:d2:
40:f6:00:98:ac:57:5d:f3:8d:83:41:9d:fa:37:b6:
4b:04:50:3b:bd:3f:e9:1c:21:6e:81:0c:46:7f:f0:
d1:06:b1:cb:1f:2f:7e:52:7b:cd:81:07:00:ca:30:
57:6b:a1:52:77:4b:97:00:29:f6:5a:f3:41:87:eb:
ce:a2:a9:0b:4b:be:d2:6e:d0:44:d0:da:25:dd:02:
e9:98:70:f3:c5:de:70:b4:5e:7f:dd:c1:e4:30:50:
f1:b4:9c:69:67:07:2f:3a:d7:7a:c7:90:f6:bf:18:
da:6d:45:4e:3c:b6:53:63:72:43:a8:36:d3:bb:d8:
59:96:f0:1d:34:2e:9f:1e:5d:ed:5b:18:b4:52:a2:
34:5b:2b:fb:7b:9b:37:b7:cd:8c:3d:84:fc:09:d4:
35:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:31:C8:2A:7D:2D:DA:BD:FB:63:0D:60:56:77:ED:01:35:FC:BD:89
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XzHIKn0t2r37Yw1gVnftATX8vYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.224.0/23
45.95.227.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9b:74:33:af:d9:ac:a7:92:07:03:16:c6:e4:9d:84:1b:c8:
fb:26:3e:67:e1:5d:cd:2c:f1:2d:b0:5d:1e:96:a9:c9:f8:e3:
aa:e5:bb:5c:cc:2d:a8:50:b2:5d:a7:83:82:e1:f5:ab:a5:3d:
64:ff:75:86:5f:12:d6:95:49:08:17:c9:8e:9f:8c:cf:f6:89:
2d:8d:8e:c1:5a:ca:53:4f:12:4c:c5:b4:6a:c2:de:6f:b3:ca:
7a:10:28:2a:80:f8:c8:41:c9:a0:ba:a8:93:a2:9f:a5:5a:c6:
05:e8:71:29:3c:83:b3:22:9d:42:0b:08:50:8e:b9:31:d5:00:
51:ed:d3:bd:cc:95:ba:d1:6f:6a:bc:af:32:53:24:57:49:e1:
aa:e9:20:72:56:4f:a9:de:a2:88:94:bd:72:80:3d:d2:1a:f4:
82:f1:5e:35:25:e7:4d:a2:e8:60:2a:01:5a:c6:aa:de:d5:05:
78:0f:95:fc:e1:f1:78:f0:68:08:2a:76:81:86:25:00:ec:8d:
c0:e5:ae:9d:2f:4a:4b:a9:bb:42:db:61:a5:b6:2d:5d:b4:57:
62:92:ec:fb:cd:42:e5:54:9a:0f:66:69:56:f7:e2:c0:e9:48:
ef:d1:9b:6b:e1:52:95:36:25:27:30:ed:7c:17:15:f0:49:f5:
92:5c:a8:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt4raFO0nfMdYNwk2broqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMxYzgyYTdkMmRkYWJkZmI2MzBkNjA1Njc3ZWQwMTM1ZmNiZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3wkdQp2lVWBo6hvLEeIZq+bUhBE
7gwYYkEKfjvIi5A8IZNBSCBGdGl7iUq6oMLySRGckDnIhGpUW0bTthzJ6000md/I
nCxwYER5SddENgm3WNqL8A8j2JG0LMDDxEnkOr0tRtRzL9JA9gCYrFdd842DQZ36
N7ZLBFA7vT/pHCFugQxGf/DRBrHLHy9+UnvNgQcAyjBXa6FSd0uXACn2WvNBh+vO
oqkLS77SbtBE0Nol3QLpmHDzxd5wtF5/3cHkMFDxtJxpZwcvOtd6x5D2vxjabUVO
PLZTY3JDqDbTu9hZlvAdNC6fHl3tWxi0UqI0Wyv7e5s3t82MPYT8CdQ1pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF8xyCp9Ldq9+2MNYFZ37QE1/L2JMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvWHpISUtuMHQycjM3WXcxZ1ZuZnRBVFg4dllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV/gAwQA
LV/jMA0GCSqGSIb3DQEBCwUAA4IBAQBxm3Qzr9msp5IHAxbG5J2EG8j7Jj5n4V3N
LPEtsF0elqnJ+OOq5btczC2oULJdp4OC4fWrpT1k/3WGXxLWlUkIF8mOn4zP9okt
jY7BWspTTxJMxbRqwt5vs8p6ECgqgPjIQcmguqiTop+lWsYF6HEpPIOzIp1CCwhQ
jrkx1QBR7dO9zJW60W9qvK8yUyRXSeGq6SByVk+p3qKIlL1ygD3SGvSC8V41JedN
ouhgKgFaxqre1QV4D5X84fF48GgIKnaBhiUA7I3A5a6dL0pLqbtC22Glti1dtFdi
kuz7zULlVJoPZmlW9+LA6Ujv0Ztr4VKVNiUnMO18FxXwSfWSXKhE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org