Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XEN0he3ttd4MXpJVuiTT2xNU3jk.roa
File: XEN0he3ttd4MXpJVuiTT2xNU3jk.roa (raw, json)
Hash identifier: rRUHZ2uX1sXJdDYklUXxxB1IWmffB7PNwYFB+B1tU7g=
Subject key identifier: 5C:43:74:85:ED:ED:B5:DE:0C:5E:92:55:BA:24:D3:DB:13:54:DE:39
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 018798F0F7F162BC3D63E3754E4CA8A1E60A
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XEN0he3ttd4MXpJVuiTT2xNU3jk.roa
Signing time: Wed 19 Apr 2023 09:55:41 +0000
ROA not before: Wed 19 Apr 2023 09:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.142.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Apr 2023 12:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:f0:f7:f1:62:bc:3d:63:e3:75:4e:4c:a8:a1:e6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Apr 19 09:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c437485ededb5de0c5e9255ba24d3db1354de39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2a:29:1e:02:f3:3a:65:6f:43:eb:4f:9c:ee:
08:bf:bc:66:09:39:7b:8c:0b:2e:c2:e0:74:ab:43:
91:72:60:ac:e6:03:7b:10:89:f3:8e:96:6e:eb:a7:
ee:15:52:0c:d0:19:b7:6f:13:af:3d:67:54:69:5c:
1c:e9:11:2f:e9:9b:6e:08:1e:b0:04:bf:f8:fb:19:
4b:b4:d6:25:fe:0d:81:08:1a:00:f0:3a:27:4b:9b:
e7:6d:7e:08:74:4a:2d:1f:af:e9:f1:ff:4a:a4:f9:
16:09:43:8b:8e:85:2a:cf:ab:41:f0:3e:bb:e7:51:
a9:4e:b1:05:93:41:b3:ca:c0:13:91:c2:84:6b:6c:
05:79:40:f8:5d:d5:26:27:eb:46:40:78:53:01:29:
b1:64:55:b8:c7:16:4c:dd:25:3e:79:34:39:7f:45:
d5:dc:4d:7a:79:fd:9c:62:a7:0e:d0:41:11:a1:68:
1a:c4:1b:52:fa:0d:8a:d6:c4:00:e3:4e:82:60:93:
e8:a2:32:0d:78:1d:7c:cc:b2:2a:78:a8:83:20:17:
11:b2:7d:4e:88:4d:da:f0:35:fb:25:e1:69:ce:b8:
0b:3b:f0:4d:50:4b:a2:f5:05:69:9a:f3:90:81:07:
6b:12:72:19:25:98:13:51:bf:69:d7:ea:82:70:e3:
71:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:43:74:85:ED:ED:B5:DE:0C:5E:92:55:BA:24:D3:DB:13:54:DE:39
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XEN0he3ttd4MXpJVuiTT2xNU3jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.144.0/24
Signature Algorithm: sha256WithRSAEncryption
67:08:63:dd:c8:23:e7:2e:03:78:8c:5e:cd:fe:d5:e1:63:4c:
fb:db:45:99:99:9d:c6:ab:96:d1:8b:2e:ba:dd:30:60:f4:2f:
32:63:61:e8:10:ce:8f:6d:96:1b:50:56:30:2a:5a:62:89:7b:
f3:a9:64:97:2b:c6:82:b6:93:95:42:cd:44:65:ee:e3:d1:27:
4e:4a:df:c6:98:0c:9d:27:4e:62:97:db:36:2b:41:d6:8b:2c:
fa:9b:26:16:a7:b4:da:9c:c2:f9:94:95:92:df:55:52:c0:0b:
34:ce:8d:ea:74:a0:78:df:e7:2b:ee:9c:8c:77:c9:7e:3a:5c:
b7:ca:39:ff:ed:01:f7:c0:bd:c1:a2:a0:ec:b5:5b:5e:49:61:
7a:33:59:c8:be:6d:bb:68:88:e4:6e:92:9a:1b:31:19:9b:6c:
2f:0e:30:a5:4d:9b:4c:ad:0f:59:1b:70:16:3e:0d:f0:58:e1:
31:dc:b9:c3:cb:e7:1a:fb:ab:64:09:a3:e7:96:0e:dc:1c:f5:
b8:42:60:57:a8:f9:e5:b5:b7:0b:ad:0c:27:9f:15:6b:0a:3d:
20:be:b4:aa:d2:f1:72:19:6a:24:12:b6:a6:b9:d9:80:a8:85:
f0:b6:8f:a3:db:5b:16:1b:b7:81:5d:77:22:2a:e8:57:d1:1b:
27:8b:70:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeY8PfxYrw9Y+N1TkyooeYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjMwNDE5MDk1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQzNzQ4NWVkZWRiNWRlMGM1ZTkyNTViYTI0ZDNkYjEzNTRkZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiopHgLzOmVvQ+tPnO4Iv7xmCTl7
jAsuwuB0q0ORcmCs5gN7EInzjpZu66fuFVIM0Bm3bxOvPWdUaVwc6REv6ZtuCB6w
BL/4+xlLtNYl/g2BCBoA8DonS5vnbX4IdEotH6/p8f9KpPkWCUOLjoUqz6tB8D67
51GpTrEFk0GzysATkcKEa2wFeUD4XdUmJ+tGQHhTASmxZFW4xxZM3SU+eTQ5f0XV
3E16ef2cYqcO0EERoWgaxBtS+g2K1sQA406CYJPoojINeB18zLIqeKiDIBcRsn1O
iE3a8DX7JeFpzrgLO/BNUEui9QVpmvOQgQdrEnIZJZgTUb9p1+qCcONx8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxDdIXt7bXeDF6SVbok09sTVN45MB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvWEVOMGhlM3R0ZDRNWHBKVnVpVFQyeE5VM2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBnCGPdyCPnLgN4jF7N/tXhY0z720WZmZ3Gq5bRiy66
3TBg9C8yY2HoEM6PbZYbUFYwKlpiiXvzqWSXK8aCtpOVQs1EZe7j0SdOSt/GmAyd
J05il9s2K0HWiyz6myYWp7TanML5lJWS31VSwAs0zo3qdKB43+cr7pyMd8l+Oly3
yjn/7QH3wL3BoqDstVteSWF6M1nIvm27aIjkbpKaGzEZm2wvDjClTZtMrQ9ZG3AW
Pg3wWOEx3LnDy+ca+6tkCaPnlg7cHPW4QmBXqPnltbcLrQwnnxVrCj0gvrSq0vFy
GWokEramudmAqIXwto+j21sWG7eBXXciKuhX0Rsni3Az
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org