Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/WxiAwHtk0ZQnJH1bAJg5uc1v4MU.roa
File: WxiAwHtk0ZQnJH1bAJg5uc1v4MU.roa (raw, json)
Hash identifier: 4yPANbWdIPQWU2IpheLpiIs3oEN+khN58JMg759VWHA=
Subject key identifier: 5B:18:80:C0:7B:64:D1:94:27:24:7D:5B:00:98:39:B9:CD:6F:E0:C5
Certificate issuer: /CN=179661a164d2d517ea7677fb229cafa19eba97f3
Certificate serial: 01856FA708A3FF48A9B2A4996395F80DBB16
Authority key identifier: 17:96:61:A1:64:D2:D5:17:EA:76:77:FB:22:9C:AF:A1:9E:BA:97:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/WxiAwHtk0ZQnJH1bAJg5uc1v4MU.roa
Signing time: Sun 01 Jan 2023 23:24:55 +0000
ROA not before: Sun 01 Jan 2023 23:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206804
IP address blocks: 45.128.132.0/24 maxlen: 24
45.128.135.0/24 maxlen: 24
45.128.133.0/24 maxlen: 24
45.128.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:08:a3:ff:48:a9:b2:a4:99:63:95:f8:0d:bb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179661a164d2d517ea7677fb229cafa19eba97f3
Validity
Not Before: Jan 1 23:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b1880c07b64d19427247d5b009839b9cd6fe0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a5:2f:08:4e:5c:63:9a:31:b6:8e:c3:f2:f4:
76:f5:d0:6f:71:9e:5d:06:f9:3a:14:5e:de:e6:6e:
98:3d:a8:a6:59:c0:69:31:8b:33:a8:35:08:36:8f:
40:ea:cf:31:f5:46:65:66:f4:00:78:e3:f0:32:2b:
82:a2:e8:a5:a1:8b:81:ac:ff:04:7e:af:ad:fb:56:
5e:31:e9:f2:2e:1c:9d:e8:8b:e6:11:e3:7b:5f:22:
dd:83:ea:5e:1a:35:0f:32:e3:cc:c3:22:54:eb:13:
76:e0:ad:33:9c:ee:d5:81:dd:fc:cd:9c:f2:aa:8d:
11:56:ca:50:f4:bb:a7:b3:81:c4:80:67:ad:94:99:
7a:dd:1f:97:8e:b3:3f:40:48:5e:ca:92:fd:bd:65:
c2:da:15:73:d1:8a:c5:6f:e4:af:66:da:54:a4:71:
3e:94:af:f3:df:fd:ac:c7:37:61:34:22:1e:29:33:
d1:4e:47:b9:0c:d1:d7:ea:50:f7:67:7a:7e:e0:28:
1b:9e:2d:22:1b:9f:09:32:6a:16:80:23:a4:95:5f:
c9:55:09:07:66:66:ce:0b:4d:af:99:5a:e3:c8:41:
17:f7:66:98:71:1e:37:02:b3:19:ff:97:33:be:e4:
25:ae:3b:48:89:ec:3b:40:4f:d6:b2:d4:75:a7:e7:
7d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:18:80:C0:7B:64:D1:94:27:24:7D:5B:00:98:39:B9:CD:6F:E0:C5
X509v3 Authority Key Identifier:
keyid:17:96:61:A1:64:D2:D5:17:EA:76:77:FB:22:9C:AF:A1:9E:BA:97:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/WxiAwHtk0ZQnJH1bAJg5uc1v4MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.132.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:c9:19:ca:4d:ff:a7:1e:15:81:4f:f4:fb:c6:24:e6:8a:57:
cb:48:a5:d3:37:e4:2f:39:c3:38:9e:55:e1:a1:f3:61:a0:e0:
dc:66:8b:4b:53:09:3a:92:b9:c3:9f:0c:2d:4b:ae:ac:af:76:
58:b1:d2:ce:32:d3:68:56:3a:81:46:5c:6e:8f:0d:9e:76:7d:
6d:47:04:d8:36:8a:10:46:e0:e9:bf:1f:8b:a2:a6:fe:75:be:
f0:c5:fc:e9:2e:2a:06:19:55:b0:c8:fe:30:d8:8e:35:b3:61:
79:8c:35:54:0a:5e:02:f8:1e:a4:82:63:06:ae:a9:86:57:dd:
84:24:e3:2a:09:63:6b:dc:dc:9f:0d:9a:d9:47:36:10:1d:e8:
85:42:ed:ed:43:ea:71:22:40:bc:8c:03:45:85:62:80:f4:76:
8d:9f:3d:9b:a8:2b:5c:8d:f5:6a:f5:d3:68:5b:44:66:48:41:
af:49:c8:c1:53:f8:48:e0:2c:58:32:f0:db:42:5c:e1:34:1d:
f8:f3:25:6a:7f:b3:65:4e:46:98:d5:c8:f9:23:aa:36:4c:12:
7e:62:a6:2f:f0:45:32:31:86:b3:ac:67:8e:6e:ea:16:2c:96:
4d:68:eb:a6:e4:25:0d:cc:48:91:8e:e0:e0:06:b9:e4:20:d3:
20:fd:c9:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpwij/0ipsqSZY5X4DbsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTY2MWExNjRkMmQ1MTdlYTc2NzdmYjIyOWNhZmExOWVi
YTk3ZjMwHhcNMjMwMTAxMjMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE4ODBjMDdiNjRkMTk0MjcyNDdkNWIwMDk4MzliOWNkNmZlMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKUvCE5cY5oxto7D8vR29dBvcZ5d
Bvk6FF7e5m6YPaimWcBpMYszqDUINo9A6s8x9UZlZvQAeOPwMiuCouiloYuBrP8E
fq+t+1ZeMenyLhyd6IvmEeN7XyLdg+peGjUPMuPMwyJU6xN24K0znO7Vgd38zZzy
qo0RVspQ9Luns4HEgGetlJl63R+XjrM/QEheypL9vWXC2hVz0YrFb+SvZtpUpHE+
lK/z3/2sxzdhNCIeKTPRTke5DNHX6lD3Z3p+4Cgbni0iG58JMmoWgCOklV/JVQkH
ZmbOC02vmVrjyEEX92aYcR43ArMZ/5czvuQlrjtIiew7QE/WstR1p+d9KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsYgMB7ZNGUJyR9WwCYObnNb+DFMB8GA1UdIwQY
MBaAFBeWYaFk0tUX6nZ3+yKcr6GeupfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVaaG9XVFMxUmZxZG5mN0lweXZvWjY2bF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mODQwMDEtNjY0ZC00OTk4LThjMzUt
ZTRmMmUwYjIzNTBmLzEvV3hpQXdIdGswWlFuSkgxYkFKZzV1YzF2NE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mODQwMDEtNjY0ZC00OTk4LThjMzUtZTRmMmUwYjIzNTBm
LzEvRjVaaG9XVFMxUmZxZG5mN0lweXZvWjY2bF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYCEMA0G
CSqGSIb3DQEBCwUAA4IBAQCsyRnKTf+nHhWBT/T7xiTmilfLSKXTN+QvOcM4nlXh
ofNhoODcZotLUwk6krnDnwwtS66sr3ZYsdLOMtNoVjqBRlxujw2edn1tRwTYNooQ
RuDpvx+Loqb+db7wxfzpLioGGVWwyP4w2I41s2F5jDVUCl4C+B6kgmMGrqmGV92E
JOMqCWNr3NyfDZrZRzYQHeiFQu3tQ+pxIkC8jANFhWKA9HaNnz2bqCtcjfVq9dNo
W0RmSEGvScjBU/hI4CxYMvDbQlzhNB348yVqf7NlTkaY1cj5I6o2TBJ+YqYv8EUy
MYazrGeObuoWLJZNaOum5CUNzEiRjuDgBrnkINMg/cmz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:42 2024 by rpki-client on console-fra.rpki-client.org