Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/o-XniCRTTPTBushNHVhZxsVv_54.roa
File: o-XniCRTTPTBushNHVhZxsVv_54.roa (raw, json)
Hash identifier: dG00LWqHxIB8o/+QBezhvH17stkmwlS20qpX/gTvi24=
Subject key identifier: A3:E5:E7:88:24:53:4C:F4:C1:BA:C8:4D:1D:58:59:C6:C5:6F:FF:9E
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018EECDC0499E94B11A6ABD2145D362ED8EB
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/o-XniCRTTPTBushNHVhZxsVv_54.roa
Signing time: Wed 17 Apr 2024 16:20:25 +0000
ROA not before: Wed 17 Apr 2024 16:20:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 45.3.32.0/19 maxlen: 24
65.111.0.0/19 maxlen: 24
95.141.242.0/24 maxlen: 24
104.167.24.0/21 maxlen: 24
104.207.32.0/19 maxlen: 24
2a0a:1f40::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 May 2024 21:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:dc:04:99:e9:4b:11:a6:ab:d2:14:5d:36:2e:d8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Apr 17 16:20:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3e5e78824534cf4c1bac84d1d5859c6c56fff9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b1:04:42:a4:8e:cc:44:6f:0b:dc:df:81:94:
30:c8:bc:c1:58:84:d1:10:2a:9e:1e:c4:ec:06:fb:
0b:f0:be:9a:82:15:b8:a8:94:1c:a7:73:4d:2f:fa:
fb:0c:38:ab:9b:d8:c4:47:83:19:78:94:73:00:4b:
bf:f0:22:ed:b0:da:39:a8:0a:75:e5:a8:54:c9:76:
a0:f1:b4:a2:27:b0:56:a5:65:91:dc:22:6f:8f:0e:
8d:de:74:45:36:fd:cc:ec:23:ca:5c:af:f2:4b:65:
9e:5a:72:07:a5:6c:c7:c7:6f:c9:72:59:d5:8a:21:
7d:09:13:42:cf:02:ca:39:4a:8b:37:0b:7a:d1:93:
e2:b6:66:69:3b:99:62:8a:30:b2:31:be:3a:3d:0f:
38:27:f5:4a:ba:e1:fd:ea:69:54:50:f8:d9:1d:3e:
bd:f5:2a:70:d4:05:b8:91:8f:90:00:6d:ce:af:ad:
2a:d3:ef:cb:7e:60:59:a1:16:60:81:9e:b3:fc:7f:
fa:01:be:32:b3:c9:44:5a:76:e1:64:4e:04:64:3a:
97:02:56:c8:6c:5d:8b:dd:49:38:d1:92:96:88:c3:
01:2a:e0:30:6b:e8:37:40:ab:7f:aa:c0:16:c7:4f:
26:63:e9:3d:38:c1:ef:41:d8:fd:1b:73:09:c4:f0:
f7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E5:E7:88:24:53:4C:F4:C1:BA:C8:4D:1D:58:59:C6:C5:6F:FF:9E
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/o-XniCRTTPTBushNHVhZxsVv_54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
65.111.0.0/19
95.141.242.0/24
104.167.24.0/21
104.207.32.0/19
IPv6:
2a0a:1f40::/31
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:6e:8e:52:c4:76:34:a0:d5:b5:9b:22:98:70:6e:97:a0:ec:
8d:54:d2:83:c1:8d:5e:83:88:cc:da:11:ae:fb:66:07:82:88:
b3:fd:74:41:64:df:08:b5:3d:a5:9b:7b:89:80:5e:df:a2:d9:
2d:ff:b1:5f:e6:a0:d6:19:a3:90:d9:15:d8:bf:f6:98:70:3e:
3a:cb:da:a8:fc:ae:56:41:82:a2:49:b4:25:36:67:fa:c0:4a:
65:6c:fa:72:b7:7a:34:85:f0:c8:33:db:b1:0d:38:f7:fe:34:
31:9f:57:e4:2a:5d:ea:ce:25:38:43:09:7c:da:ea:c4:bb:d8:
d3:e6:a5:07:19:84:90:3f:10:43:3a:d5:92:a3:50:36:90:c7:
01:ee:fa:7d:7d:82:5a:e5:17:9e:87:09:ee:45:88:e6:60:53:
db:b2:5d:7d:70:75:d6:a7:f1:f0:35:bd:39:dc:fb:a4:47:94:
44:91:27:0e:28:74:a3:9b:b5:54:e7:ea:cf:e5:ba:52:fd:94:
20:65:d1:44:55:e0:f9:9e:17:aa:b7:35:e5:e5:50:f9:51:df:
31:9d:89:35:1f:ab:0c:4f:44:b9:1c:e2:1c:6a:3b:35:dc:01:
97:6d:34:c2:8b:b5:83:dc:b1:88:8e:d9:14:c7:eb:91:1d:01:
52:58:dc:01
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY7s3ASZ6UsRpqvSFF02LtjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwNDE3MTYyMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2U1ZTc4ODI0NTM0Y2Y0YzFiYWM4NGQxZDU4NTljNmM1NmZmZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7EEQqSOzERvC9zfgZQwyLzBWITR
ECqeHsTsBvsL8L6aghW4qJQcp3NNL/r7DDirm9jER4MZeJRzAEu/8CLtsNo5qAp1
5ahUyXag8bSiJ7BWpWWR3CJvjw6N3nRFNv3M7CPKXK/yS2WeWnIHpWzHx2/JclnV
iiF9CRNCzwLKOUqLNwt60ZPitmZpO5liijCyMb46PQ84J/VKuuH96mlUUPjZHT69
9Spw1AW4kY+QAG3Or60q0+/LfmBZoRZggZ6z/H/6Ab4ys8lEWnbhZE4EZDqXAlbI
bF2L3Uk40ZKWiMMBKuAwa+g3QKt/qsAWx08mY+k9OMHvQdj9G3MJxPD3aQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKPl54gkU0z0wbrITR1YWcbFb/+eMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvby1YbmlDUlRUUFRCdXNoTkhWaFp4c1Z2XzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQFLQMgAwQF
QW8AAwQAX43yAwQDaKcYAwQFaM8gMCQEAgACMB4DBQEqCh9AAwUAKhM/gDAOAwUA
KhM/gwMFAyoTP4AwDQYJKoZIhvcNAQELBQADggEBAHxujlLEdjSg1bWbIphwbpeg
7I1U0oPBjV6DiMzaEa77ZgeCiLP9dEFk3wi1PaWbe4mAXt+i2S3/sV/moNYZo5DZ
Fdi/9phwPjrL2qj8rlZBgqJJtCU2Z/rASmVs+nK3ejSF8Mgz27ENOPf+NDGfV+Qq
XerOJThDCXza6sS72NPmpQcZhJA/EEM61ZKjUDaQxwHu+n19glrlF56HCe5FiOZg
U9uyXX1wddan8fA1vTnc+6RHlESRJw4odKObtVTn6s/lulL9lCBl0URV4PmeF6q3
NeXlUPlR3zGdiTUfqwxPRLkc4hxqOzXcAZdtNMKLtYPcsYiO2RTH65EdAVJY3AE=
-----END CERTIFICATE-----
Generated at Wed May 8 23:03:53 2024 by rpki-client on console-ams.rpki-client.org