Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/xhYHM6ZUou94V3JrPwFZGAlNCiA.roa
File: xhYHM6ZUou94V3JrPwFZGAlNCiA.roa (raw, json)
Hash identifier: cRAlye/YfTytOJdPIXI6y5sLJig9ZccO4ONK0ea/9sw=
Subject key identifier: C6:16:07:33:A6:54:A2:EF:78:57:72:6B:3F:01:59:18:09:4D:0A:20
Certificate issuer: /CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
Certificate serial: 018697C29F6F38B0CCAB0AE34A216D6B07AA
Authority key identifier: 49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/xhYHM6ZUou94V3JrPwFZGAlNCiA.roa
Signing time: Tue 28 Feb 2023 11:22:39 +0000
ROA not before: Tue 28 Feb 2023 11:22:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208789
IP address blocks: 45.85.52.0/22 maxlen: 24
2a0e:b880::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:c2:9f:6f:38:b0:cc:ab:0a:e3:4a:21:6d:6b:07:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
Validity
Not Before: Feb 28 11:22:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6160733a654a2ef7857726b3f015918094d0a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f1:25:0d:10:03:26:e3:ff:18:61:03:2a:11:
c4:61:57:b4:0d:e0:1f:29:d8:e0:02:82:a9:4e:68:
16:06:80:f0:70:cb:d7:fa:d5:c8:7f:da:4e:ef:35:
b4:8b:de:c0:4d:3a:43:db:7b:7a:dd:3b:74:81:f0:
7a:bb:6a:eb:b2:d8:03:70:84:a6:cf:39:d3:d6:ca:
b7:61:1c:a6:10:42:2d:95:1d:89:57:a8:1a:a8:ab:
65:00:f1:a3:66:c2:9a:02:40:a8:9f:d9:f4:70:46:
b2:75:da:e0:30:81:d5:9f:c1:dc:52:44:c8:52:f9:
42:1e:d0:65:ff:0a:9a:8c:43:e1:ab:9f:3f:c5:d7:
d9:c1:91:0d:02:52:d5:2a:df:e4:79:b9:5a:4b:de:
c8:d2:dd:f0:30:79:9f:0b:87:90:71:e1:24:b6:60:
77:02:31:1a:9b:ce:f2:15:28:cf:c9:39:99:80:5c:
d1:3e:6a:38:16:1d:de:21:9f:16:e5:72:c9:e1:2b:
28:dc:ec:91:78:11:1d:1d:6b:8e:e2:1f:2c:15:31:
30:51:fd:25:9b:e4:f7:69:3b:66:bf:53:dc:a8:db:
eb:34:05:c0:0d:31:07:cb:f1:0d:36:67:24:f4:88:
af:5e:d1:0b:71:e2:e2:f0:12:21:9d:ae:a4:5c:d2:
cc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:16:07:33:A6:54:A2:EF:78:57:72:6B:3F:01:59:18:09:4D:0A:20
X509v3 Authority Key Identifier:
keyid:49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/xhYHM6ZUou94V3JrPwFZGAlNCiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.52.0/22
IPv6:
2a0e:b880::/29
Signature Algorithm: sha256WithRSAEncryption
31:3d:1c:00:f2:9a:0a:6e:56:1c:a3:11:c4:93:fa:1d:c6:c0:
f2:6f:7a:a8:d7:d2:58:81:a0:81:09:2b:f5:b8:49:cf:80:4b:
0a:f6:ed:19:d5:ef:32:61:f0:e1:33:fc:96:51:9d:ce:d7:f9:
25:2d:9f:76:93:f3:5f:77:3e:ce:7a:f1:39:0e:a3:f6:9c:39:
11:44:cf:8d:1d:ab:00:54:5b:a8:af:35:eb:01:52:d3:b6:52:
e2:36:1f:6c:28:cc:38:3a:ed:89:af:9f:9e:cb:12:ba:0c:30:
8e:a7:24:ea:7b:e1:25:e7:a3:63:02:e4:13:e7:57:56:74:16:
b7:b1:54:69:76:0b:b1:56:29:fd:77:af:26:58:79:db:96:fb:
c8:0a:35:b4:75:45:79:bc:fc:ab:4e:de:d1:eb:61:42:1b:54:
dc:41:95:61:43:3d:31:d0:24:5d:4e:34:94:ad:83:f0:03:52:
3f:9a:c0:ac:0c:ac:64:b1:35:58:23:26:85:41:b6:5a:49:dd:
12:a4:97:51:c5:8c:02:5e:93:23:2e:0a:bf:a3:49:3e:5b:ea:
16:03:6d:3a:70:37:fd:12:ca:e8:eb:65:71:99:1a:a1:f6:4b:
3f:98:59:67:80:2e:e2:87:3d:a0:f4:99:ab:8c:44:52:c7:47:
d1:73:c1:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaXwp9vOLDMqwrjSiFtaweqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjM5ZDZjOGIyM2ZjZGMyMGU1MzE3NGU5MmZiM2Y1NmNh
YThiNjEwHhcNMjMwMjI4MTEyMjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE2MDczM2E2NTRhMmVmNzg1NzcyNmIzZjAxNTkxODA5NGQwYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/ElDRADJuP/GGEDKhHEYVe0DeAf
KdjgAoKpTmgWBoDwcMvX+tXIf9pO7zW0i97ATTpD23t63Tt0gfB6u2rrstgDcISm
zznT1sq3YRymEEItlR2JV6gaqKtlAPGjZsKaAkCon9n0cEayddrgMIHVn8HcUkTI
UvlCHtBl/wqajEPhq58/xdfZwZENAlLVKt/keblaS97I0t3wMHmfC4eQceEktmB3
AjEam87yFSjPyTmZgFzRPmo4Fh3eIZ8W5XLJ4Sso3OyReBEdHWuO4h8sFTEwUf0l
m+T3aTtmv1PcqNvrNAXADTEHy/ENNmck9IivXtELceLi8BIhna6kXNLMBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMYWBzOmVKLveFdyaz8BWRgJTQogMB8GA1UdIwQY
MBaAFEnznWyLI/zcIOUxdOkvs/VsqothMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZPZGJJc2pfTndnNVRGMDZTLXo5V3lxaTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNjQ2MGYtZTQ5OC00ZjdiLTliOTAt
N2E1MDQzYzkxOGY5LzEveGhZSE02WlVvdTk0VjNKclB3RlpHQWxOQ2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNjQ2MGYtZTQ5OC00ZjdiLTliOTAtN2E1MDQzYzkxOGY5
LzEvU2ZPZGJJc2pfTndnNVRGMDZTLXo5V3lxaTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVU0MA0E
AgACMAcDBQMqDriAMA0GCSqGSIb3DQEBCwUAA4IBAQAxPRwA8poKblYcoxHEk/od
xsDyb3qo19JYgaCBCSv1uEnPgEsK9u0Z1e8yYfDhM/yWUZ3O1/klLZ92k/Nfdz7O
evE5DqP2nDkRRM+NHasAVFuorzXrAVLTtlLiNh9sKMw4Ou2Jr5+eyxK6DDCOpyTq
e+El56NjAuQT51dWdBa3sVRpdguxVin9d68mWHnblvvICjW0dUV5vPyrTt7R62FC
G1TcQZVhQz0x0CRdTjSUrYPwA1I/msCsDKxksTVYIyaFQbZaSd0SpJdRxYwCXpMj
Lgq/o0k+W+oWA206cDf9Esro62VxmRqh9ks/mFlngC7ihz2g9JmrjERSx0fRc8G1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:23 2024 by rpki-client on console-ams.rpki-client.org