Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/XGdBaTgHO6UJVRKU2rz5pNRPAZE.roa
File: XGdBaTgHO6UJVRKU2rz5pNRPAZE.roa (raw, json)
Hash identifier: dAFYhEvKOHVNYQXyszBZZ8szqlnwyVu/NAUriHK9DTk=
Subject key identifier: 5C:67:41:69:38:07:3B:A5:09:55:12:94:DA:BC:F9:A4:D4:4F:01:91
Certificate issuer: /CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Certificate serial: 01856F94B83ED7865B4251FD932EF99DE012
Authority key identifier: FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/XGdBaTgHO6UJVRKU2rz5pNRPAZE.roa
Signing time: Sun 01 Jan 2023 23:04:55 +0000
ROA not before: Sun 01 Jan 2023 23:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208662
IP address blocks: 45.86.105.0/24 maxlen: 24
45.86.106.0/24 maxlen: 24
2a0f:95c0:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Thu 15 Jun 2023 13:29:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:b8:3e:d7:86:5b:42:51:fd:93:2e:f9:9d:e0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Validity
Not Before: Jan 1 23:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c67416938073ba509551294dabcf9a4d44f0191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:c9:a5:21:ec:d1:a3:e0:a7:2a:02:e5:33:
85:1a:79:8d:b7:7b:01:d1:60:bb:4d:09:f8:df:88:
e1:87:56:86:ed:e0:55:9c:eb:58:ee:59:95:d8:87:
c4:bd:24:c7:40:0e:fc:bf:ac:cb:b7:92:77:19:3e:
bb:81:5f:e2:3e:62:51:a2:59:a3:0b:03:e2:03:1c:
95:dc:a6:d1:c5:1f:80:95:ef:dc:37:7c:77:0b:e2:
24:e2:67:f0:f7:64:11:7d:18:fd:9b:bd:85:dc:07:
b9:83:cb:24:3c:92:90:39:c4:91:ff:f3:02:31:a7:
28:88:c6:85:0b:25:67:d0:e7:72:a0:52:8b:8a:fd:
1d:a7:92:ec:6c:84:7d:84:19:2b:38:8e:21:ca:7c:
89:a4:b0:35:9f:59:0a:0e:38:35:db:5f:89:16:95:
32:09:05:4b:bd:b5:99:f2:ec:c9:0e:89:67:69:f4:
c9:e7:4b:59:15:f6:af:54:20:a0:95:e4:d0:00:4f:
1f:4d:bc:f3:90:12:2f:32:88:6c:6a:c1:a9:5a:ab:
d7:83:a6:0e:ea:24:4e:e5:c6:ca:85:2c:c3:79:21:
a5:27:7c:45:70:59:6c:92:c0:4b:db:45:79:20:19:
1a:c4:d4:6f:a8:43:76:4f:6c:6f:72:35:ed:95:a2:
a6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:67:41:69:38:07:3B:A5:09:55:12:94:DA:BC:F9:A4:D4:4F:01:91
X509v3 Authority Key Identifier:
keyid:FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/XGdBaTgHO6UJVRKU2rz5pNRPAZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.105.0-45.86.106.255
IPv6:
2a0f:95c0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
c2:4f:7e:0f:9f:66:63:db:a1:6d:d4:39:96:e6:d4:e7:a7:0a:
63:0f:f4:f5:9d:1e:6f:2a:bc:f2:d9:ad:97:20:00:f3:67:a9:
71:da:d5:66:37:f7:d6:4a:8e:fe:c5:16:bd:8e:fa:31:33:f9:
04:6c:e5:18:90:97:d7:69:b9:07:96:e6:0f:0e:b0:39:6d:a2:
d3:51:43:0f:41:b9:c7:0c:98:aa:aa:da:b0:2e:79:48:99:6a:
91:d4:7c:be:df:c6:72:9d:0b:0c:c5:b0:cf:29:f4:35:91:35:
42:fc:d0:8f:09:8d:a5:49:90:66:af:24:2e:c4:cd:aa:56:75:
2c:68:cc:90:4f:50:ca:69:86:01:cc:af:bb:b0:59:3b:45:02:
bd:1e:ff:a2:46:58:b0:6a:56:14:6e:cf:29:20:35:c9:35:01:
1d:21:74:4c:fc:eb:c7:99:2b:85:7b:31:d3:91:7e:4f:b1:9b:
ce:3e:8d:8c:52:96:ff:9a:71:33:70:44:4d:ac:f8:b3:0f:61:
34:47:7a:2f:ab:cf:72:7e:a5:d3:74:fc:36:fc:29:d0:c2:46:
45:26:33:c2:81:40:24:82:3a:23:3c:4a:59:ea:93:d6:fb:da:
73:c5:51:1d:58:09:0d:e9:85:6e:8e:0e:0c:78:fe:53:dd:ff:
da:7b:3e:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvlLg+14ZbQlH9ky75neASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZWEwOGU4NDIxZGYyZjI0NWM3Y2IzMzNlZTc2YTE0YTg4
ODJkNGEwHhcNMjMwMTAxMjMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY3NDE2OTM4MDczYmE1MDk1NTEyOTRkYWJjZjlhNGQ0NGYwMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4fJpSHs0aPgpyoC5TOFGnmNt3sB
0WC7TQn434jhh1aG7eBVnOtY7lmV2IfEvSTHQA78v6zLt5J3GT67gV/iPmJRolmj
CwPiAxyV3KbRxR+Ale/cN3x3C+Ik4mfw92QRfRj9m72F3Ae5g8skPJKQOcSR//MC
MacoiMaFCyVn0OdyoFKLiv0dp5LsbIR9hBkrOI4hynyJpLA1n1kKDjg121+JFpUy
CQVLvbWZ8uzJDolnafTJ50tZFfavVCCgleTQAE8fTbzzkBIvMohsasGpWqvXg6YO
6iRO5cbKhSzDeSGlJ3xFcFlsksBL20V5IBkaxNRvqEN2T2xvcjXtlaKmgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFxnQWk4BzulCVUSlNq8+aTUTwGRMB8GA1UdIwQY
MBaAFPzqCOhCHfLyRcfLMz7nahSoiC1KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2Ut
YzA3N2UxNzAyYmM3LzEvWEdkQmFUZ0hPNlVKVlJLVTJyejVwTlJQQVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2UtYzA3N2UxNzAyYmM3
LzEvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAAtVmkD
BAAtVmowDgQCAAIwCAMGBioPlcBAMA0GCSqGSIb3DQEBCwUAA4IBAQDCT34Pn2Zj
26Ft1DmW5tTnpwpjD/T1nR5vKrzy2a2XIADzZ6lx2tVmN/fWSo7+xRa9jvoxM/kE
bOUYkJfXabkHluYPDrA5baLTUUMPQbnHDJiqqtqwLnlImWqR1Hy+38ZynQsMxbDP
KfQ1kTVC/NCPCY2lSZBmryQuxM2qVnUsaMyQT1DKaYYBzK+7sFk7RQK9Hv+iRliw
alYUbs8pIDXJNQEdIXRM/OvHmSuFezHTkX5PsZvOPo2MUpb/mnEzcERNrPizD2E0
R3ovq89yfqXTdPw2/CnQwkZFJjPCgUAkgjojPEpZ6pPW+9pzxVEdWAkN6YVujg4M
eP5T3f/aez6x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:53 2024 by rpki-client on console-ams.rpki-client.org