Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/XuRdPBDEDl0ektzfyKQLTTmAI5Y.roa
File: XuRdPBDEDl0ektzfyKQLTTmAI5Y.roa (raw, json)
Hash identifier: aUmngvYz4ObAT2qZTD4Es9D2+wW4WxVS/p/PHWv4YAk=
Subject key identifier: 5E:E4:5D:3C:10:C4:0E:5D:1E:92:DC:DF:C8:A4:0B:4D:39:80:23:96
Certificate issuer: /CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Certificate serial: 01856CCAC39B2A6647B4D85EE0BF30457A11
Authority key identifier: 1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/XuRdPBDEDl0ektzfyKQLTTmAI5Y.roa
Signing time: Sun 01 Jan 2023 10:05:05 +0000
ROA not before: Sun 01 Jan 2023 10:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202784
IP address blocks: 185.133.24.0/24 maxlen: 24
2a00:6700:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Mar 2023 13:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:c3:9b:2a:66:47:b4:d8:5e:e0:bf:30:45:7a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Validity
Not Before: Jan 1 10:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ee45d3c10c40e5d1e92dcdfc8a40b4d39802396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:04:1c:37:4c:1e:9e:e5:39:02:7a:0c:26:
78:b6:8b:76:a9:11:ac:2f:ad:4d:da:85:c8:64:f1:
c0:f1:f6:49:51:de:e5:ee:98:f0:2f:ee:b0:2b:93:
13:1f:8d:ad:22:3b:dc:73:06:07:d8:c7:8f:16:24:
8a:98:61:fb:16:cd:f4:0a:55:44:dc:f0:88:90:19:
95:ad:48:04:b7:e8:62:57:53:2f:03:ff:be:6b:da:
5f:09:8b:1e:28:fa:40:9e:b8:75:67:8a:01:ab:f8:
02:b5:8c:63:4b:71:f0:b1:2d:df:95:b9:33:b6:06:
b8:7c:0b:c5:26:90:9e:15:1e:c5:1a:02:a4:61:99:
0f:bc:22:c1:fb:fd:49:8c:4b:29:5b:d8:8d:e9:92:
93:1f:12:37:24:00:e2:c1:f5:17:01:d2:78:47:5d:
63:14:02:c7:8a:c3:af:12:ac:12:04:2f:95:2a:ae:
cb:74:e9:0f:b0:d9:f2:6f:31:f7:e8:ce:4c:c3:15:
d5:b3:dc:25:60:b4:a8:50:56:68:c7:7e:01:b1:a1:
91:e2:56:d8:d6:c5:ef:54:2e:3f:44:17:de:99:3d:
12:7e:1d:b6:35:17:d6:e3:7c:55:42:b8:5a:98:4a:
bf:30:58:08:cb:c8:07:7b:79:02:b1:23:1b:55:f8:
94:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E4:5D:3C:10:C4:0E:5D:1E:92:DC:DF:C8:A4:0B:4D:39:80:23:96
X509v3 Authority Key Identifier:
keyid:1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/XuRdPBDEDl0ektzfyKQLTTmAI5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/G_5rmg5omKei6dhNPb9jJ7RT5mI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.24.0/24
IPv6:
2a00:6700:1::/48
Signature Algorithm: sha256WithRSAEncryption
1c:47:8b:b3:53:5e:1e:cb:f3:1a:b8:5d:04:28:76:a4:9b:d6:
a3:10:fb:fe:b8:7c:7e:03:1b:ef:e9:ab:dd:e3:d5:8f:d8:21:
ba:a3:2b:f4:a2:38:dd:d4:ea:6a:af:0d:35:74:27:74:a7:8d:
52:7e:1c:88:4a:75:82:e9:1a:47:ea:8b:98:6c:64:76:72:a7:
e3:ee:6b:15:e4:d8:17:d5:6c:61:ca:13:52:70:99:c2:5c:e5:
8b:ec:5d:5c:84:76:74:4a:11:93:65:de:b8:21:c0:cf:f4:82:
02:1a:d9:38:45:7f:4f:70:61:a6:42:fb:a6:84:0e:88:81:55:
4a:b3:e7:c8:f6:4d:be:e4:57:17:6d:ca:98:c5:74:40:d1:4d:
07:15:1f:6b:c3:25:e3:a2:36:1f:80:1b:8b:70:82:f4:30:1c:
55:9d:f5:e7:a4:be:02:95:8e:13:36:4c:b0:fc:79:7b:4b:57:
42:b0:f7:7f:9e:46:b9:35:13:75:96:7b:3d:33:e5:72:09:4e:
72:3f:0c:ff:ba:41:a3:b7:34:6d:10:57:9a:69:b3:45:a5:53:
d1:db:ae:ef:2c:c5:01:4f:85:13:06:1f:ab:81:7e:ae:05:98:
ce:d0:bb:23:4d:41:21:38:7c:d0:5a:e3:2f:22:54:62:85:de:
7d:d5:48:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsysObKmZHtNhe4L8wRXoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmU2YjlhMGU2ODk4YTdhMmU5ZDg0ZDNkYmY2MzI3YjQ1
M2U2NjIwHhcNMjMwMTAxMTAwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU0NWQzYzEwYzQwZTVkMWU5MmRjZGZjOGE0MGI0ZDM5ODAyMzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixMEHDdMHp7lOQJ6DCZ4tot2qRGs
L61N2oXIZPHA8fZJUd7l7pjwL+6wK5MTH42tIjvccwYH2MePFiSKmGH7Fs30ClVE
3PCIkBmVrUgEt+hiV1MvA/++a9pfCYseKPpAnrh1Z4oBq/gCtYxjS3HwsS3flbkz
tga4fAvFJpCeFR7FGgKkYZkPvCLB+/1JjEspW9iN6ZKTHxI3JADiwfUXAdJ4R11j
FALHisOvEqwSBC+VKq7LdOkPsNnybzH36M5MwxXVs9wlYLSoUFZox34BsaGR4lbY
1sXvVC4/RBfemT0Sfh22NRfW43xVQrhamEq/MFgIy8gHe3kCsSMbVfiUOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF7kXTwQxA5dHpLc38ikC005gCOWMB8GA1UdIwQY
MBaAFBv+a5oOaJinounYTT2/Yye0U+ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEt
NmUyMmJmNDM2MzA0LzEvWHVSZFBCREVEbDBla3R6ZnlLUUxUVG1BSTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEtNmUyMmJmNDM2MzA0
LzEvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYUYMA8E
AgACMAkDBwAqAGcAAAEwDQYJKoZIhvcNAQELBQADggEBABxHi7NTXh7L8xq4XQQo
dqSb1qMQ+/64fH4DG+/pq93j1Y/YIbqjK/SiON3U6mqvDTV0J3SnjVJ+HIhKdYLp
Gkfqi5hsZHZyp+PuaxXk2BfVbGHKE1JwmcJc5YvsXVyEdnRKEZNl3rghwM/0ggIa
2ThFf09wYaZC+6aEDoiBVUqz58j2Tb7kVxdtypjFdEDRTQcVH2vDJeOiNh+AG4tw
gvQwHFWd9eekvgKVjhM2TLD8eXtLV0Kw93+eRrk1E3WWez0z5XIJTnI/DP+6QaO3
NG0QV5pps0WlU9Hbru8sxQFPhRMGH6uBfq4FmM7QuyNNQSE4fNBa4y8iVGKF3n3V
SPE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org