Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/XytK8Cf1IqlHRkstTZP0IpTiwMk.roa
File: XytK8Cf1IqlHRkstTZP0IpTiwMk.roa (raw, json)
Hash identifier: T1QMFFjFiq3KVPkfKEkhF2uu+7hpiZBAdtD1X17Dif0=
Subject key identifier: 5F:2B:4A:F0:27:F5:22:A9:47:46:4B:2D:4D:93:F4:22:94:E2:C0:C9
Certificate issuer: /CN=37689eaacbaf68af35d3fafb9674de48a6fc0978
Certificate serial: 01856CEF105A836CD33A53C199C5B5481C4A
Authority key identifier: 37:68:9E:AA:CB:AF:68:AF:35:D3:FA:FB:96:74:DE:48:A6:FC:09:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N2ieqsuvaK810_r7lnTeSKb8CXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/XytK8Cf1IqlHRkstTZP0IpTiwMk.roa
Signing time: Sun 01 Jan 2023 10:44:44 +0000
ROA not before: Sun 01 Jan 2023 10:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210482
IP address blocks: 141.80.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:10:5a:83:6c:d3:3a:53:c1:99:c5:b5:48:1c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37689eaacbaf68af35d3fafb9674de48a6fc0978
Validity
Not Before: Jan 1 10:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f2b4af027f522a947464b2d4d93f42294e2c0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:88:69:c8:1d:c2:85:b1:7b:35:de:af:7d:
ad:86:3e:c6:24:1f:9e:0d:96:13:f9:1a:e1:4f:61:
3a:00:ab:1c:ec:b1:29:ab:ef:c7:29:7a:6f:a4:bd:
cc:ba:0e:8c:51:04:17:0b:69:a7:ac:32:47:db:e5:
71:02:89:70:19:12:43:72:43:31:fc:74:6e:92:f6:
fa:d7:37:2b:95:13:2f:12:ac:16:f4:0a:60:e2:37:
c7:20:7a:65:f6:d4:c1:f8:b6:75:26:b0:d1:4c:3d:
65:83:34:08:99:bf:eb:1a:23:26:e0:bd:db:78:3d:
c0:88:e5:3c:bd:b5:7a:6c:b5:6b:5d:11:c5:c6:35:
63:92:16:c8:fb:1d:f7:01:af:3f:57:74:6f:a1:02:
41:2a:59:df:0d:94:1b:ac:07:bf:33:e1:e3:66:fd:
7d:43:5c:7f:63:14:bd:eb:91:74:7a:cd:6f:51:08:
49:7a:b0:16:f1:6d:25:66:fe:35:b1:74:af:27:7c:
a7:18:56:2b:ee:05:41:e6:68:3c:94:03:48:bd:08:
06:7e:4f:25:e8:4c:7e:f8:92:c5:d7:bb:73:a1:09:
d9:ef:2c:da:d5:5e:fe:6c:e0:b0:25:97:3e:2f:71:
2a:92:e8:9b:ec:a3:21:11:40:1d:36:ee:d8:3f:4a:
bc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2B:4A:F0:27:F5:22:A9:47:46:4B:2D:4D:93:F4:22:94:E2:C0:C9
X509v3 Authority Key Identifier:
keyid:37:68:9E:AA:CB:AF:68:AF:35:D3:FA:FB:96:74:DE:48:A6:FC:09:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2ieqsuvaK810_r7lnTeSKb8CXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/XytK8Cf1IqlHRkstTZP0IpTiwMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/N2ieqsuvaK810_r7lnTeSKb8CXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:74:8d:ab:56:58:1d:62:4b:c1:2d:f6:36:98:c9:2b:fa:2d:
55:67:e4:2c:86:57:6f:7f:f9:07:db:04:8b:e6:72:98:45:1f:
18:9f:af:0a:e1:a2:a7:2c:0f:34:18:1c:99:72:42:8d:1b:0a:
21:99:5e:19:2f:e6:73:30:26:f4:b4:b4:b2:65:a2:ff:b4:91:
ae:0f:cb:b5:c6:06:c7:b0:7f:99:c2:1f:f9:f8:7c:d2:e3:42:
be:fe:72:6b:36:bf:35:56:b6:6d:20:ed:a7:d6:00:e3:92:2a:
0e:8a:50:2c:d3:1e:1b:ef:39:e3:03:4a:dc:e4:7e:ce:71:32:
a5:f8:bc:3d:15:29:ea:49:f4:85:25:78:dc:52:5e:06:e2:d5:
0c:6f:b8:5c:a2:4c:df:91:3e:70:5f:0b:e2:21:6c:a7:fd:2c:
28:c7:f1:de:d7:86:b5:66:bc:8f:25:9e:9e:c2:fc:7c:8e:d6:
27:3c:1f:0c:08:e2:0e:5f:9a:ab:7f:c2:a7:3e:f2:06:6a:de:
f8:6b:28:70:9c:08:c0:f0:fa:92:08:4e:ff:4e:da:d6:a5:30:
be:ef:fc:73:c6:5c:36:53:fc:7f:61:90:d7:ff:ee:5e:2f:fb:
8a:7e:0f:e8:41:c4:43:e4:c1:00:18:73:7a:8f:8f:cf:57:e8:
74:7a:2b:f6
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVs7xBag2zTOlPBmcW1SBxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njg5ZWFhY2JhZjY4YWYzNWQzZmFmYjk2NzRkZTQ4YTZm
YzA5NzgwHhcNMjMwMTAxMTA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJiNGFmMDI3ZjUyMmE5NDc0NjRiMmQ0ZDkzZjQyMjk0ZTJjMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8eIacgdwoWxezXer32thj7GJB+e
DZYT+RrhT2E6AKsc7LEpq+/HKXpvpL3Mug6MUQQXC2mnrDJH2+VxAolwGRJDckMx
/HRukvb61zcrlRMvEqwW9Apg4jfHIHpl9tTB+LZ1JrDRTD1lgzQImb/rGiMm4L3b
eD3AiOU8vbV6bLVrXRHFxjVjkhbI+x33Aa8/V3RvoQJBKlnfDZQbrAe/M+HjZv19
Q1x/YxS965F0es1vUQhJerAW8W0lZv41sXSvJ3ynGFYr7gVB5mg8lANIvQgGfk8l
6Ex++JLF17tzoQnZ7yza1V7+bOCwJZc+L3Eqkuib7KMhEUAdNu7YP0q8+wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFF8rSvAn9SKpR0ZLLU2T9CKU4sDJMB8GA1UdIwQY
MBaAFDdonqrLr2ivNdP6+5Z03kim/Al4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJpZXFzdXZhSzgxMF9yN2xuVGVTS2I4Q1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NDE3OWQtNGM2NS00NGI4LWIzMGIt
NWRhYmI0ZTQ3YWJiLzEvWHl0SzhDZjFJcWxIUmtzdFRaUDBJcFRpd01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NDE3OWQtNGM2NS00NGI4LWIzMGItNWRhYmI0ZTQ3YWJi
LzEvTjJpZXFzdXZhSzgxMF9yN2xuVGVTS2I4Q1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjVAwDQYJ
KoZIhvcNAQELBQADggEBAAV0jatWWB1iS8Et9jaYySv6LVVn5CyGV29/+QfbBIvm
cphFHxifrwrhoqcsDzQYHJlyQo0bCiGZXhkv5nMwJvS0tLJlov+0ka4Py7XGBsew
f5nCH/n4fNLjQr7+cms2vzVWtm0g7afWAOOSKg6KUCzTHhvvOeMDStzkfs5xMqX4
vD0VKepJ9IUleNxSXgbi1QxvuFyiTN+RPnBfC+IhbKf9LCjH8d7XhrVmvI8lnp7C
/HyO1ic8HwwI4g5fmqt/wqc+8gZq3vhrKHCcCMDw+pIITv9O2talML7v/HPGXDZT
/H9hkNf/7l4v+4p+D+hBxEPkwQAYc3qPj89X6HR6K/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:18 2024 by rpki-client on console-fra.rpki-client.org