Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xBkG6r23rHH3qrK43GtkDPeoUP8.roa
File: xBkG6r23rHH3qrK43GtkDPeoUP8.roa (raw, json)
Hash identifier: QRNEzMeqGQ1kIkfkx52Zv1D2PrJn2GPPzvCcKzA8lX8=
Subject key identifier: C4:19:06:EA:BD:B7:AC:71:F7:AA:B2:B8:DC:6B:64:0C:F7:A8:50:FF
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018CC8DECA1579EA8A3DBAD368D3C98C4BE8
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xBkG6r23rHH3qrK43GtkDPeoUP8.roa
Signing time: Tue 02 Jan 2024 06:31:33 +0000
ROA not before: Tue 02 Jan 2024 06:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 86.107.58.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 29 Jan 2024 16:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ca:15:79:ea:8a:3d:ba:d3:68:d3:c9:8c:4b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c41906eabdb7ac71f7aab2b8dc6b640cf7a850ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:83:bb:4c:3f:95:62:b6:f2:51:4c:55:78:
18:b9:09:33:31:5e:9f:b8:6f:21:52:02:62:e1:c8:
db:88:e6:55:4d:53:17:d3:0a:7e:45:b7:a3:a1:1a:
a8:61:4e:00:7f:32:a2:30:c7:40:6c:ef:29:dc:b9:
d4:7d:26:fe:27:66:f1:21:8e:8b:90:c8:d9:38:c8:
34:04:c3:61:d1:8a:6c:8a:d2:b5:eb:5b:83:37:54:
58:9d:83:ac:28:f9:a8:63:04:85:ee:cc:a0:bb:64:
d5:ae:ba:e4:d6:33:c1:53:45:d7:f3:7f:25:7a:09:
af:e2:fb:7f:55:93:35:04:2a:ea:8d:f5:0c:ad:c8:
da:80:25:85:73:0d:88:8d:d8:b0:6c:5b:9e:27:69:
80:7d:69:85:73:94:23:d7:1c:cf:14:6d:77:09:a9:
94:02:27:1f:49:52:56:01:09:11:50:1e:fe:1f:26:
6e:8a:2f:43:9a:16:e7:e2:da:b5:3c:94:ec:86:61:
df:4b:3b:9b:47:3f:0d:82:e7:b7:c4:df:42:ed:33:
c7:69:b5:61:5f:57:30:12:9c:77:f0:32:b9:2b:af:
2d:1e:58:9c:79:60:40:42:fc:3a:30:8b:b1:ca:30:
9c:76:af:ba:1d:dd:70:6e:84:14:5c:84:f9:df:59:
23:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:19:06:EA:BD:B7:AC:71:F7:AA:B2:B8:DC:6B:64:0C:F7:A8:50:FF
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xBkG6r23rHH3qrK43GtkDPeoUP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.58.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:60:c2:00:69:ec:6a:dd:ee:ca:34:87:66:8b:6f:ab:fa:5f:
bd:94:10:86:34:ee:b4:30:db:b3:e1:39:d2:61:3e:51:0c:c0:
bc:c6:2b:bf:89:ea:f9:a9:99:20:70:ab:30:d4:6f:0a:ea:c4:
0e:31:4f:d1:63:49:4e:e9:86:26:81:27:8e:77:ef:1c:af:a3:
32:ff:18:02:8e:7e:a8:bb:60:9a:53:6b:8f:b5:dc:c7:51:2c:
f5:3a:18:42:58:b9:74:b9:46:0c:f5:a7:01:4a:59:09:14:7a:
f2:cf:f1:82:06:3d:74:94:d6:f1:70:ea:7d:cd:ba:cb:a0:b2:
5a:8a:59:59:b9:3c:26:5c:a3:84:3a:bb:10:b0:c1:d3:61:2e:
ae:08:d9:f6:7e:23:21:b3:ea:f8:a9:85:1b:ed:d1:57:3a:5d:
c9:bb:45:d0:43:9f:7d:d8:ca:b9:c5:38:cf:66:82:5d:fc:09:
ab:35:36:d8:62:a6:c1:fc:45:b5:38:9b:01:b6:4f:ee:26:68:
32:fa:8e:17:49:ac:d5:08:ce:b4:76:a6:c7:62:35:10:c1:9b:
08:f2:29:8a:85:ff:a4:e2:74:83:cd:ac:17:8e:e6:02:48:2c:
cc:8d:66:71:35:37:b0:0c:35:e3:25:79:f5:cc:93:65:d7:3c:
91:e1:70:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3soVeeqKPbrTaNPJjEvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE5MDZlYWJkYjdhYzcxZjdhYWIyYjhkYzZiNjQwY2Y3YTg1MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNeDu0w/lWK28lFMVXgYuQkzMV6f
uG8hUgJi4cjbiOZVTVMX0wp+RbejoRqoYU4AfzKiMMdAbO8p3LnUfSb+J2bxIY6L
kMjZOMg0BMNh0YpsitK161uDN1RYnYOsKPmoYwSF7sygu2TVrrrk1jPBU0XX838l
egmv4vt/VZM1BCrqjfUMrcjagCWFcw2IjdiwbFueJ2mAfWmFc5Qj1xzPFG13CamU
AicfSVJWAQkRUB7+HyZuii9Dmhbn4tq1PJTshmHfSzubRz8Ngue3xN9C7TPHabVh
X1cwEpx38DK5K68tHliceWBAQvw6MIuxyjCcdq+6Hd1wboQUXIT531kj8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQZBuq9t6xx96qyuNxrZAz3qFD/MB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEveEJrRzZyMjNySEgzcXJLNDNHdGtEUGVvVVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVms6MA0G
CSqGSIb3DQEBCwUAA4IBAQCaYMIAaexq3e7KNIdmi2+r+l+9lBCGNO60MNuz4TnS
YT5RDMC8xiu/ier5qZkgcKsw1G8K6sQOMU/RY0lO6YYmgSeOd+8cr6My/xgCjn6o
u2CaU2uPtdzHUSz1OhhCWLl0uUYM9acBSlkJFHryz/GCBj10lNbxcOp9zbrLoLJa
illZuTwmXKOEOrsQsMHTYS6uCNn2fiMhs+r4qYUb7dFXOl3Ju0XQQ5992Mq5xTjP
ZoJd/AmrNTbYYqbB/EW1OJsBtk/uJmgy+o4XSazVCM60dqbHYjUQwZsI8imKhf+k
4nSDzawXjuYCSCzMjWZxNTewDDXjJXn1zJNl1zyR4XB1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:24 2024 by rpki-client on console-fra.rpki-client.org