Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XkyLrC9BmML5A3oVta1fltIfmxA.roa
File: XkyLrC9BmML5A3oVta1fltIfmxA.roa (raw, json)
Hash identifier: IF0p4WLy0MtaJmzA6MK/dwsuKHUXgEIU5qzhBeSkCAU=
Subject key identifier: 5E:4C:8B:AC:2F:41:98:C2:F9:03:7A:15:B5:AD:5F:96:D2:1F:9B:10
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112482A300356869513244BAA9713FB31
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XkyLrC9BmML5A3oVta1fltIfmxA.roa
Signing time: Fri 02 Aug 2024 08:50:04 +0000
ROA not before: Fri 02 Aug 2024 08:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 84.247.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 18:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:48:2a:30:03:56:86:95:13:24:4b:aa:97:13:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e4c8bac2f4198c2f9037a15b5ad5f96d21f9b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:0b:1e:d4:86:36:fc:cb:ae:ae:d7:1d:c5:
ef:74:54:9c:db:e4:d6:f5:75:f9:57:95:6e:38:4c:
11:64:fd:37:fb:df:7e:7b:7f:a0:57:6a:83:8a:7e:
f0:32:32:34:4a:1d:3a:32:ce:ad:b4:b5:9d:47:86:
c9:d6:92:4e:32:86:3e:3f:5d:81:01:09:2e:0c:cc:
f0:68:67:55:8d:b9:f4:fe:85:04:f4:be:f0:40:80:
12:35:cb:c7:fb:7b:e3:36:a1:11:3d:0b:40:f7:38:
51:8d:39:0b:8c:b9:6a:38:fd:c8:58:26:ae:c4:9a:
d6:03:a1:6e:f5:4a:ee:e4:13:1b:09:54:4c:a1:ac:
7a:36:ba:5c:d6:15:a7:93:cb:7e:75:39:14:76:18:
1d:e7:82:26:ab:36:09:e0:27:f3:3d:f5:3a:ea:f2:
b7:7d:16:10:b2:68:39:d3:b7:94:b9:23:82:48:4d:
c7:35:57:51:b4:ad:a3:60:7b:fc:e3:6b:08:26:a7:
84:2e:13:b6:dc:d6:8a:87:d2:7e:cc:8d:23:a9:e9:
49:9e:4f:c5:7d:45:f7:e9:9c:4a:78:c1:51:46:96:
f3:4c:a3:75:a0:12:62:ad:95:85:ac:17:cb:02:09:
8d:2d:8a:85:58:9f:07:53:a9:67:95:a7:de:02:8f:
d3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4C:8B:AC:2F:41:98:C2:F9:03:7A:15:B5:AD:5F:96:D2:1F:9B:10
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XkyLrC9BmML5A3oVta1fltIfmxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a3:f3:7c:ca:50:2a:d5:67:87:f4:2c:ba:4d:c4:36:11:b0:
27:55:2f:3a:ac:4c:0b:c4:3c:9e:d1:5a:37:8d:db:6a:26:e9:
96:a4:b6:69:7e:76:d3:00:16:44:13:34:f6:73:d4:8a:81:d3:
9e:94:8f:17:8b:d4:84:b9:47:15:c0:2f:d5:6b:83:e1:04:63:
81:42:f5:a5:2c:92:c8:66:ac:5c:93:21:00:a0:18:56:41:6b:
6b:45:1e:62:ae:d5:97:87:42:13:13:95:ed:e2:56:58:49:44:
4e:2d:e0:86:d9:ca:cd:7c:ac:4a:27:40:cc:a1:56:60:65:b8:
10:24:45:a6:50:67:25:c6:8b:3e:91:4c:a7:c4:35:5c:04:17:
0f:ca:e4:27:85:94:fd:ef:cf:0f:65:46:37:34:81:7b:8b:64:
0f:04:69:61:e8:b1:c5:45:6e:5d:32:06:12:2e:97:ef:20:3e:
5d:13:b5:74:49:40:e9:46:5d:30:5d:cb:33:2b:48:68:36:d0:
0b:a9:ec:75:62:1a:52:bf:d4:73:3a:93:5b:a8:62:42:e1:23:
2e:97:9d:1e:c0:0f:15:cb:f6:2d:57:24:c8:eb:15:fc:7a:44:
90:01:04:ea:33:6a:cb:53:76:07:88:78:41:0e:c3:c4:c3:34:
8d:03:52:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESSCowA1aGlRMkS6qXE/sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRjOGJhYzJmNDE5OGMyZjkwMzdhMTViNWFkNWY5NmQyMWY5YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+0LHtSGNvzLrq7XHcXvdFSc2+TW
9XX5V5VuOEwRZP03+99+e3+gV2qDin7wMjI0Sh06Ms6ttLWdR4bJ1pJOMoY+P12B
AQkuDMzwaGdVjbn0/oUE9L7wQIASNcvH+3vjNqERPQtA9zhRjTkLjLlqOP3IWCau
xJrWA6Fu9Uru5BMbCVRMoax6Nrpc1hWnk8t+dTkUdhgd54ImqzYJ4CfzPfU66vK3
fRYQsmg507eUuSOCSE3HNVdRtK2jYHv842sIJqeELhO23NaKh9J+zI0jqelJnk/F
fUX36ZxKeMFRRpbzTKN1oBJirZWFrBfLAgmNLYqFWJ8HU6lnlafeAo/ToQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5Mi6wvQZjC+QN6FbWtX5bSH5sQMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWGt5THJDOUJtTUw1QTNvVnRhMWZsdElmbXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPc7MA0G
CSqGSIb3DQEBCwUAA4IBAQB7o/N8ylAq1WeH9Cy6TcQ2EbAnVS86rEwLxDye0Vo3
jdtqJumWpLZpfnbTABZEEzT2c9SKgdOelI8Xi9SEuUcVwC/Va4PhBGOBQvWlLJLI
ZqxckyEAoBhWQWtrRR5irtWXh0ITE5Xt4lZYSUROLeCG2crNfKxKJ0DMoVZgZbgQ
JEWmUGclxos+kUynxDVcBBcPyuQnhZT9788PZUY3NIF7i2QPBGlh6LHFRW5dMgYS
LpfvID5dE7V0SUDpRl0wXcszK0hoNtALqex1YhpSv9RzOpNbqGJC4SMul50ewA8V
y/YtVyTI6xX8ekSQAQTqM2rLU3YHiHhBDsPEwzSNA1KA
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:02 2025 by rpki-client