Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/X5YeYcHfSls7smfKC-X8bnanhLM.roa
File: X5YeYcHfSls7smfKC-X8bnanhLM.roa (raw, json)
Hash identifier: pDNlQxHetHN1qMjYBCe1kwSA1ln7O44n2W0utaIAHoU=
Subject key identifier: 5F:96:1E:61:C1:DF:4A:5B:3B:B2:67:CA:0B:E5:FC:6E:76:A7:84:B3
Certificate issuer: /CN=1ac2456c70f8aaa53bd8940fe23f13cfa270e748
Certificate serial: 01869386BA734F8D5B229F56D359EE4725A8
Authority key identifier: 1A:C2:45:6C:70:F8:AA:A5:3B:D8:94:0F:E2:3F:13:CF:A2:70:E7:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsJFbHD4qqU72JQP4j8Tz6Jw50g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/X5YeYcHfSls7smfKC-X8bnanhLM.roa
Signing time: Mon 27 Feb 2023 15:38:45 +0000
ROA not before: Mon 27 Feb 2023 15:38:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29316
IP address blocks: 185.49.76.0/22 maxlen: 22
2a01:9fa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:86:ba:73:4f:8d:5b:22:9f:56:d3:59:ee:47:25:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ac2456c70f8aaa53bd8940fe23f13cfa270e748
Validity
Not Before: Feb 27 15:38:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f961e61c1df4a5b3bb267ca0be5fc6e76a784b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ae:f9:71:68:ec:b9:da:76:d8:de:3d:19:bf:
8d:6e:78:c8:c9:73:57:b4:9e:1b:8a:ba:ff:1c:f4:
a7:6c:df:a2:cb:a3:45:09:6f:46:da:c3:a8:6f:e4:
48:c3:9b:4d:5b:96:6e:0c:d3:28:9d:c4:b8:d6:d5:
d9:69:1f:dc:2b:04:75:f1:52:f8:48:34:96:38:24:
0a:11:07:08:f3:3e:46:b2:85:a8:55:f9:22:fc:7d:
5e:58:1e:fa:48:61:2d:23:b5:5c:46:dd:b3:ce:b1:
51:1c:21:fc:86:6b:47:9a:a9:66:8e:34:cf:f8:f6:
88:a4:76:42:73:99:26:9b:79:25:a7:42:cb:5a:80:
16:56:e1:37:d1:4f:9e:95:cb:f8:21:88:86:0a:56:
08:42:fe:05:55:82:46:65:7b:5e:d5:67:f2:e0:60:
08:a2:3d:9e:11:64:ef:e6:b2:fe:9a:63:05:58:96:
5c:d8:12:a6:93:85:a9:46:6a:2e:a1:28:2e:db:b7:
77:1e:2b:e3:ff:c7:62:e3:f4:94:28:51:42:b9:30:
92:4a:f2:1d:cd:12:9c:51:ed:05:a0:03:f6:79:17:
9b:43:25:9b:f4:bc:7a:cb:96:3b:fc:76:e5:ea:72:
e4:1d:01:b6:b5:09:29:3f:3e:f7:94:26:12:56:4c:
b7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:96:1E:61:C1:DF:4A:5B:3B:B2:67:CA:0B:E5:FC:6E:76:A7:84:B3
X509v3 Authority Key Identifier:
keyid:1A:C2:45:6C:70:F8:AA:A5:3B:D8:94:0F:E2:3F:13:CF:A2:70:E7:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsJFbHD4qqU72JQP4j8Tz6Jw50g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/X5YeYcHfSls7smfKC-X8bnanhLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/GsJFbHD4qqU72JQP4j8Tz6Jw50g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.76.0/22
IPv6:
2a01:9fa0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:94:f3:de:01:96:df:d8:84:c0:32:55:22:ef:65:9e:10:ea:
df:30:9a:58:33:72:cd:88:25:fd:3e:94:2b:46:3a:7a:d5:b2:
9f:eb:43:09:18:72:bd:af:44:2d:16:7a:7f:15:95:3e:4b:b8:
eb:b1:b3:cd:ee:c0:06:78:4e:2e:03:5c:8c:48:5d:85:da:c2:
79:64:8a:22:79:47:ef:4b:db:7c:22:5d:bf:9e:ae:03:6b:6a:
f1:11:46:91:e9:72:f4:d6:2b:bb:12:4f:34:4b:a9:9e:66:e2:
b9:00:26:cf:ab:3c:49:2c:dd:a6:c5:c1:68:2e:4f:0c:25:c4:
c8:e9:e6:2f:cd:40:7a:3b:de:da:f3:4f:df:93:04:59:46:f3:
0b:7e:a9:cb:b0:bc:bc:5d:e6:4a:29:b7:7d:ce:8c:41:87:02:
6d:fd:6a:72:f1:ba:5c:7e:a1:c7:3a:4c:70:ae:5c:68:d0:bd:
40:b7:ff:03:08:c2:5a:b9:b7:c2:25:93:6b:a8:07:5d:dc:45:
74:04:9f:88:e8:a8:a7:4c:59:9c:a9:8a:a9:6b:9f:e2:9d:18:
e0:9f:22:98:a3:6e:22:42:2e:c9:14:44:41:c3:22:91:b7:b5:
58:7a:6f:4f:db:54:28:5b:81:c3:58:57:9c:19:a7:dd:16:80:
fa:0b:20:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaThrpzT41bIp9W01nuRyWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYzI0NTZjNzBmOGFhYTUzYmQ4OTQwZmUyM2YxM2NmYTI3
MGU3NDgwHhcNMjMwMjI3MTUzODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk2MWU2MWMxZGY0YTViM2JiMjY3Y2EwYmU1ZmM2ZTc2YTc4NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta75cWjsudp22N49Gb+NbnjIyXNX
tJ4birr/HPSnbN+iy6NFCW9G2sOob+RIw5tNW5ZuDNMoncS41tXZaR/cKwR18VL4
SDSWOCQKEQcI8z5GsoWoVfki/H1eWB76SGEtI7VcRt2zzrFRHCH8hmtHmqlmjjTP
+PaIpHZCc5kmm3klp0LLWoAWVuE30U+elcv4IYiGClYIQv4FVYJGZXte1Wfy4GAI
oj2eEWTv5rL+mmMFWJZc2BKmk4WpRmouoSgu27d3Hivj/8di4/SUKFFCuTCSSvId
zRKcUe0FoAP2eRebQyWb9Lx6y5Y7/Hbl6nLkHQG2tQkpPz73lCYSVky3JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF+WHmHB30pbO7Jnygvl/G52p4SzMB8GA1UdIwQY
MBaAFBrCRWxw+KqlO9iUD+I/E8+icOdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NKRmJIRDRxcVU3MkpRUDRqOFR6Nkp3NTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mZjViODMtOWMyMC00ZDk3LTk3Yzct
NWExZDU1ODQzNzhkLzEvWDVZZVljSGZTbHM3c21mS0MtWDhibmFuaExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mZjViODMtOWMyMC00ZDk3LTk3YzctNWExZDU1ODQzNzhk
LzEvR3NKRmJIRDRxcVU3MkpRUDRqOFR6Nkp3NTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTFMMA0E
AgACMAcDBQAqAZ+gMA0GCSqGSIb3DQEBCwUAA4IBAQAslPPeAZbf2ITAMlUi72We
EOrfMJpYM3LNiCX9PpQrRjp61bKf60MJGHK9r0QtFnp/FZU+S7jrsbPN7sAGeE4u
A1yMSF2F2sJ5ZIoieUfvS9t8Il2/nq4Da2rxEUaR6XL01iu7Ek80S6meZuK5ACbP
qzxJLN2mxcFoLk8MJcTI6eYvzUB6O97a80/fkwRZRvMLfqnLsLy8XeZKKbd9zoxB
hwJt/Wpy8bpcfqHHOkxwrlxo0L1At/8DCMJaubfCJZNrqAdd3EV0BJ+I6KinTFmc
qYqpa5/inRjgnyKYo24iQi7JFERBwyKRt7VYem9P21QoW4HDWFecGafdFoD6CyBf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:42 2024 by rpki-client on console-ams.rpki-client.org