Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/XZWEcRFm-3AoDyz5FZwBA5M2OLA.roa
File: XZWEcRFm-3AoDyz5FZwBA5M2OLA.roa (raw, json)
Hash identifier: IB2TONXofN5YMgEreR6eN17ZnrypVbdg28IymWRtLvg=
Subject key identifier: 5D:95:84:71:11:66:FB:70:28:0F:2C:F9:15:9C:01:03:93:36:38:B0
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018AF96C5FB0F0BB6C8D162AE732BC8AAB63
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/XZWEcRFm-3AoDyz5FZwBA5M2OLA.roa
Signing time: Wed 04 Oct 2023 06:42:23 +0000
ROA not before: Wed 04 Oct 2023 06:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 160.214.105.0/24 maxlen: 24
160.214.104.0/24 maxlen: 24
160.214.107.0/24 maxlen: 24
160.214.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:6c:5f:b0:f0:bb:6c:8d:16:2a:e7:32:bc:8a:ab:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Oct 4 06:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d9584711166fb70280f2cf9159c0103933638b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b1:13:64:fa:bb:50:34:ce:a7:79:11:6d:0b:
0b:b5:09:df:ee:13:7a:6d:8c:f6:1e:28:97:92:82:
f8:1f:22:fb:9c:2d:98:9d:63:70:1c:74:9e:54:5c:
14:b3:4a:31:aa:a4:fe:91:dd:98:cb:f4:ce:0c:52:
59:78:3f:8c:f6:f0:f7:ec:8d:03:f7:93:a1:78:63:
c4:29:a0:7b:69:f9:27:e4:51:3c:13:02:a2:0c:a5:
4c:23:d4:3b:9a:df:37:f2:f5:03:cd:1a:c6:de:b0:
f0:86:34:44:c3:b9:3b:70:18:55:e4:34:ba:a0:ca:
d0:f5:9f:3a:f2:4c:70:c6:f0:6c:e7:50:fe:e4:54:
fe:8f:6e:0a:64:e6:f7:78:75:2f:94:de:6f:e2:00:
69:9f:71:a0:2e:95:b4:4a:9a:91:30:01:5f:aa:72:
97:1d:f8:ba:12:2b:43:62:04:ca:4b:0b:1d:f6:e7:
8f:3c:33:19:97:5b:3c:10:37:20:b3:92:7a:a5:d4:
6c:ab:4d:cb:d0:0a:0e:e2:0e:b6:dc:aa:18:22:9e:
2a:34:2c:e0:95:7a:6b:70:5c:3f:e9:18:e9:b5:bb:
88:1f:6f:27:81:b7:45:e1:e6:05:83:6e:43:af:4f:
4c:47:12:c2:2f:0c:71:77:bc:a5:1d:e0:d2:f9:0d:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:95:84:71:11:66:FB:70:28:0F:2C:F9:15:9C:01:03:93:36:38:B0
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/XZWEcRFm-3AoDyz5FZwBA5M2OLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.104.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:e3:80:2e:eb:5a:e5:62:32:4d:5d:4e:e3:01:0e:02:8f:8a:
c2:ef:a7:a7:0b:b9:0c:3f:d8:74:78:9c:09:65:5c:0a:7e:18:
51:88:94:a7:d2:2d:a8:f2:fa:ea:00:3c:0d:3a:51:6a:f3:80:
fe:bd:91:91:b4:bb:41:45:54:19:80:a2:29:39:34:a3:55:39:
a4:40:52:ce:7e:bf:84:db:d1:c9:25:e7:3d:ef:03:2e:99:fd:
2c:86:de:74:a0:31:77:fa:56:75:bd:33:da:72:46:a7:0a:6e:
17:42:27:49:c2:50:1d:dc:01:bd:ee:8b:a1:29:31:8f:d5:40:
a5:a5:3a:c4:80:10:ff:be:de:c0:b6:de:e4:0e:10:de:1f:c1:
04:ad:5e:bc:43:b6:4a:49:fb:cb:74:78:67:7c:cd:75:94:32:
d0:ca:bc:84:18:64:ed:3d:c0:b9:8c:e2:a5:82:86:9a:a1:78:
71:14:0a:0a:ba:55:82:d8:cf:70:d4:5c:51:73:88:ba:4c:38:
f7:1b:ae:8c:10:f9:88:3d:22:48:3c:14:2f:33:0d:67:6f:77:
38:1c:47:71:60:23:5a:14:06:ba:73:cf:ec:16:5f:89:99:37:
90:07:55:44:c3:1a:48:f5:c3:5b:73:83:f2:be:0e:b2:83:da:
20:77:a7:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr5bF+w8LtsjRYq5zK8iqtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMDA0MDY0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk1ODQ3MTExNjZmYjcwMjgwZjJjZjkxNTljMDEwMzkzMzYzOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bETZPq7UDTOp3kRbQsLtQnf7hN6
bYz2HiiXkoL4HyL7nC2YnWNwHHSeVFwUs0oxqqT+kd2Yy/TODFJZeD+M9vD37I0D
95OheGPEKaB7afkn5FE8EwKiDKVMI9Q7mt838vUDzRrG3rDwhjREw7k7cBhV5DS6
oMrQ9Z868kxwxvBs51D+5FT+j24KZOb3eHUvlN5v4gBpn3GgLpW0SpqRMAFfqnKX
Hfi6EitDYgTKSwsd9uePPDMZl1s8EDcgs5J6pdRsq03L0AoO4g623KoYIp4qNCzg
lXprcFw/6RjptbuIH28ngbdF4eYFg25Dr09MRxLCLwxxd7ylHeDS+Q1aXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2VhHERZvtwKA8s+RWcAQOTNjiwMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvWFpXRWNSRm0tM0FvRHl6NUZad0JBNU0yT0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoNZoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/44Au61rlYjJNXU7jAQ4Cj4rC76enC7kMP9h0eJwJ
ZVwKfhhRiJSn0i2o8vrqADwNOlFq84D+vZGRtLtBRVQZgKIpOTSjVTmkQFLOfr+E
29HJJec97wMumf0sht50oDF3+lZ1vTPackanCm4XQidJwlAd3AG97ouhKTGP1UCl
pTrEgBD/vt7Att7kDhDeH8EErV68Q7ZKSfvLdHhnfM11lDLQyryEGGTtPcC5jOKl
goaaoXhxFAoKulWC2M9w1FxRc4i6TDj3G66MEPmIPSJIPBQvMw1nb3c4HEdxYCNa
FAa6c8/sFl+JmTeQB1VEwxpI9cNbc4Pyvg6yg9ogd6dd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org