Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/37253d-02a1-46df-9413-580068df0fd1/1/XIfrjWFSW8OwMSxx40MmHK83APg.roa
File: XIfrjWFSW8OwMSxx40MmHK83APg.roa (raw, json)
Hash identifier: D7wtQSDu9m5D+YVwj0evfK7ndhpn3Qdz63CnUp1Xepo=
Subject key identifier: 5C:87:EB:8D:61:52:5B:C3:B0:31:2C:71:E3:43:26:1C:AF:37:00:F8
Certificate issuer: /CN=98ccb184d128384e4f767d85258e0dea73f18e43
Certificate serial: 01856F94938855409E9A8F0B2626228C3B74
Authority key identifier: 98:CC:B1:84:D1:28:38:4E:4F:76:7D:85:25:8E:0D:EA:73:F1:8E:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMyxhNEoOE5Pdn2FJY4N6nPxjkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/37253d-02a1-46df-9413-580068df0fd1/1/XIfrjWFSW8OwMSxx40MmHK83APg.roa
Signing time: Sun 01 Jan 2023 23:04:45 +0000
ROA not before: Sun 01 Jan 2023 23:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49580
IP address blocks: 193.33.22.0/24 maxlen: 24
193.33.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:93:88:55:40:9e:9a:8f:0b:26:26:22:8c:3b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98ccb184d128384e4f767d85258e0dea73f18e43
Validity
Not Before: Jan 1 23:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c87eb8d61525bc3b0312c71e343261caf3700f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:db:9d:a3:57:f2:45:ca:1e:22:d7:2c:f5:25:
43:30:72:e9:a5:87:22:8c:b8:f6:51:9f:8f:b0:da:
74:67:02:75:d6:dd:6c:d4:7e:28:ab:3e:44:da:ff:
11:f6:1e:9e:c3:65:7e:48:3f:52:11:17:b7:e8:e9:
17:d6:c3:19:4f:f8:78:8b:b2:60:5f:37:e9:b3:90:
bf:2c:08:8e:de:30:f9:71:4e:ee:02:4c:f8:79:74:
64:1b:b4:cf:ac:36:62:2f:3a:b5:52:ea:11:f6:9c:
52:66:84:39:26:2e:4a:dc:e0:c1:34:5d:13:fd:a8:
3b:ed:95:fb:9e:29:17:06:56:0e:fd:cb:36:da:8e:
f3:f2:44:c3:36:b6:61:e0:49:ac:df:48:0c:1c:c8:
a7:e7:2c:93:e0:e6:b2:65:08:98:78:60:e8:0a:7c:
d1:67:f7:61:41:a7:6b:e1:81:5c:ea:7c:9e:11:af:
90:1b:f3:f2:f6:e1:7b:c7:ca:67:9e:12:53:89:92:
e1:d4:96:dd:ca:3a:f3:36:91:0d:94:08:09:4d:15:
bc:94:1f:fe:f1:90:3d:80:c2:0f:5c:50:37:b6:64:
3a:7c:59:6a:8e:bb:21:51:e5:4b:cc:d4:c8:45:4b:
45:7a:61:42:39:da:3c:1a:73:7b:c7:73:71:ac:35:
33:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:87:EB:8D:61:52:5B:C3:B0:31:2C:71:E3:43:26:1C:AF:37:00:F8
X509v3 Authority Key Identifier:
keyid:98:CC:B1:84:D1:28:38:4E:4F:76:7D:85:25:8E:0D:EA:73:F1:8E:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMyxhNEoOE5Pdn2FJY4N6nPxjkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/37253d-02a1-46df-9413-580068df0fd1/1/XIfrjWFSW8OwMSxx40MmHK83APg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/37253d-02a1-46df-9413-580068df0fd1/1/mMyxhNEoOE5Pdn2FJY4N6nPxjkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.22.0/23
Signature Algorithm: sha256WithRSAEncryption
33:37:a5:05:24:a3:60:e2:70:6d:43:75:62:d3:eb:ec:c1:61:
2f:03:e0:ea:52:e3:34:0b:31:98:d7:08:9d:96:fe:9f:91:e7:
a6:4e:05:8f:03:87:a1:47:5d:98:d3:36:a0:ba:74:b2:9f:9a:
87:67:76:77:0c:fd:ee:66:17:a1:a2:8a:4a:26:ff:d7:e6:65:
27:d9:64:6c:fb:4e:99:c0:07:7a:b5:71:46:39:4e:3a:07:04:
6e:97:c4:f3:12:a0:88:0d:47:1e:0a:a6:21:fd:82:e3:a9:e5:
4a:81:d8:27:9f:36:c3:84:c4:31:fb:56:e1:04:e7:ce:78:ef:
d0:d8:6d:95:76:cc:90:c6:53:a6:9d:a3:5b:22:28:55:97:a9:
44:1c:88:57:67:cb:96:26:4b:b7:61:46:57:b9:36:d0:e5:51:
1f:55:43:47:48:7c:7c:39:7c:21:76:be:2f:e1:e9:77:b0:dd:
07:30:83:b2:ab:eb:d4:f0:17:e5:91:f6:d8:e9:52:e7:99:e3:
34:7b:b9:0b:0b:84:36:c0:f2:1d:c9:32:7c:c5:1f:8b:e7:01:
a4:54:37:20:7e:fe:81:a1:5f:b3:8e:fc:b1:3f:d9:b1:17:00:
17:67:7b:80:f7:19:5b:2a:c3:8f:6e:49:a3:9a:38:85:3f:ec:
e2:91:76:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJOIVUCemo8LJiYijDt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4Y2NiMTg0ZDEyODM4NGU0Zjc2N2Q4NTI1OGUwZGVhNzNm
MThlNDMwHhcNMjMwMTAxMjMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg3ZWI4ZDYxNTI1YmMzYjAzMTJjNzFlMzQzMjYxY2FmMzcwMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdudo1fyRcoeItcs9SVDMHLppYci
jLj2UZ+PsNp0ZwJ11t1s1H4oqz5E2v8R9h6ew2V+SD9SERe36OkX1sMZT/h4i7Jg
Xzfps5C/LAiO3jD5cU7uAkz4eXRkG7TPrDZiLzq1UuoR9pxSZoQ5Ji5K3ODBNF0T
/ag77ZX7nikXBlYO/cs22o7z8kTDNrZh4Ems30gMHMin5yyT4OayZQiYeGDoCnzR
Z/dhQadr4YFc6nyeEa+QG/Py9uF7x8pnnhJTiZLh1JbdyjrzNpENlAgJTRW8lB/+
8ZA9gMIPXFA3tmQ6fFlqjrshUeVLzNTIRUtFemFCOdo8GnN7x3NxrDUzSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyH641hUlvDsDEsceNDJhyvNwD4MB8GA1UdIwQY
MBaAFJjMsYTRKDhOT3Z9hSWODepz8Y5DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU15eGhORW9PRTVQZG4yRkpZNE42blB4amtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zNzI1M2QtMDJhMS00NmRmLTk0MTMt
NTgwMDY4ZGYwZmQxLzEvWElmcmpXRlNXOE93TVN4eDQwTW1ISzgzQVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zNzI1M2QtMDJhMS00NmRmLTk0MTMtNTgwMDY4ZGYwZmQx
LzEvbU15eGhORW9PRTVQZG4yRkpZNE42blB4amtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSEWMA0G
CSqGSIb3DQEBCwUAA4IBAQAzN6UFJKNg4nBtQ3Vi0+vswWEvA+DqUuM0CzGY1wid
lv6fkeemTgWPA4ehR12Y0zagunSyn5qHZ3Z3DP3uZhehoopKJv/X5mUn2WRs+06Z
wAd6tXFGOU46BwRul8TzEqCIDUceCqYh/YLjqeVKgdgnnzbDhMQx+1bhBOfOeO/Q
2G2VdsyQxlOmnaNbIihVl6lEHIhXZ8uWJku3YUZXuTbQ5VEfVUNHSHx8OXwhdr4v
4el3sN0HMIOyq+vU8BflkfbY6VLnmeM0e7kLC4Q2wPIdyTJ8xR+L5wGkVDcgfv6B
oV+zjvyxP9mxFwAXZ3uA9xlbKsOPbkmjmjiFP+zikXbj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:20 2024 by rpki-client on console-fra.rpki-client.org