Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xId-TZpRdSX9GjR2HAOiKSetWTI.roa
File: xId-TZpRdSX9GjR2HAOiKSetWTI.roa (raw, json)
Hash identifier: ktAP2oQJXYtrR7ULI2dDXsd0CurseQo4vWgAeIVCPno=
Subject key identifier: C4:87:7E:4D:9A:51:75:25:FD:1A:34:76:1C:03:A2:29:27:AD:59:32
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 018BF5ED25C5DDFA3EA1ED426F49CDC82455
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xId-TZpRdSX9GjR2HAOiKSetWTI.roa
Signing time: Wed 22 Nov 2023 07:27:21 +0000
ROA not before: Wed 22 Nov 2023 07:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 442444
IP address blocks: 2.145.32.0/20 maxlen: 20
2.144.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 11:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:ed:25:c5:dd:fa:3e:a1:ed:42:6f:49:cd:c8:24:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Nov 22 07:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4877e4d9a517525fd1a34761c03a22927ad5932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:48:37:55:59:e1:f5:1a:84:24:ab:05:03:
36:c7:75:ef:74:40:6a:93:3a:a0:4d:7a:8a:ae:e4:
f6:1c:bd:b6:66:24:95:d1:07:8e:a5:77:8a:aa:87:
01:97:10:68:b9:ef:c5:52:22:a5:08:f5:89:cc:d7:
99:5c:a0:bb:7a:3a:3e:bf:81:88:4c:2c:c5:fa:c2:
76:76:a5:2e:0d:67:ee:73:48:83:3a:f1:92:76:65:
27:70:07:ac:a6:d5:49:e7:a6:25:99:29:ce:fc:33:
6d:97:99:09:fd:08:b8:72:b3:e1:38:d1:1d:e2:2c:
82:e3:18:34:78:79:30:3d:3b:b2:69:6c:1c:88:e5:
f6:4c:53:8c:23:26:cf:8a:d8:cd:ba:76:2a:0c:b0:
f9:98:10:d5:23:72:e8:2c:c7:03:62:24:99:22:33:
a8:01:f1:6a:71:cb:76:f5:8c:5c:aa:6c:59:38:1e:
21:71:09:fc:54:14:a2:e2:5c:45:c6:c1:a4:38:6f:
7e:f2:e9:a2:5e:4d:74:1e:0b:1d:b5:76:3a:e0:df:
31:a1:8c:f5:f9:1c:d3:00:45:8f:1a:8b:e5:56:bb:
ca:e8:ab:41:ff:79:23:34:1c:52:7f:34:ac:3d:92:
55:4d:5a:36:eb:5f:86:7d:e9:f8:60:fe:4c:1d:12:
24:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:87:7E:4D:9A:51:75:25:FD:1A:34:76:1C:03:A2:29:27:AD:59:32
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xId-TZpRdSX9GjR2HAOiKSetWTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.13.0/24
2.145.32.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:ba:49:50:5f:8a:a4:f9:f8:c3:9c:7e:90:71:59:2d:35:51:
75:d4:27:17:f6:62:f6:b3:c9:7c:dc:93:83:9b:68:ed:75:de:
5c:25:79:5b:6b:0c:3b:a4:3a:1a:dd:74:6f:74:3e:c7:37:1d:
35:d7:ea:81:36:05:9e:1d:05:16:43:a6:ce:40:15:2d:07:8a:
92:66:88:f8:8c:60:9c:b8:99:e7:60:a6:29:ca:cf:d6:0e:b9:
58:d7:6e:65:64:fe:9d:92:39:5b:54:10:9a:2b:df:69:cc:ad:
99:17:fd:40:a4:58:64:9f:b3:55:be:79:95:16:06:0d:b7:2d:
35:d3:62:cb:74:56:03:91:5c:17:1d:52:76:45:54:e1:73:6e:
9c:4b:a0:f5:56:0d:a2:d7:da:77:82:24:6e:11:33:f3:41:15:
d5:a9:d5:45:4f:e4:0b:a3:c6:b8:cd:c0:ab:31:51:6b:5b:42:
ea:07:af:54:98:99:db:48:08:3f:a1:0a:e0:de:78:29:51:51:
4d:27:2c:20:9c:03:1c:3f:5d:4e:03:f5:74:b9:dc:2d:2b:92:
06:89:98:b0:21:fa:8e:19:10:86:15:d4:a3:ce:aa:b4:10:53:
c1:2c:7e:39:df:85:e9:63:d8:87:84:6c:34:b4:ee:36:41:94:
c8:93:b0:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv17SXF3fo+oe1Cb0nNyCRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjMxMTIyMDcyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg3N2U0ZDlhNTE3NTI1ZmQxYTM0NzYxYzAzYTIyOTI3YWQ1OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAZIN1VZ4fUahCSrBQM2x3XvdEBq
kzqgTXqKruT2HL22ZiSV0QeOpXeKqocBlxBoue/FUiKlCPWJzNeZXKC7ejo+v4GI
TCzF+sJ2dqUuDWfuc0iDOvGSdmUncAesptVJ56YlmSnO/DNtl5kJ/Qi4crPhONEd
4iyC4xg0eHkwPTuyaWwciOX2TFOMIybPitjNunYqDLD5mBDVI3LoLMcDYiSZIjOo
AfFqcct29YxcqmxZOB4hcQn8VBSi4lxFxsGkOG9+8umiXk10HgsdtXY64N8xoYz1
+RzTAEWPGovlVrvK6KtB/3kjNBxSfzSsPZJVTVo261+Gfen4YP5MHRIk/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMSHfk2aUXUl/Ro0dhwDoiknrVkyMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEveElkLVRacFJkU1g5R2pSMkhBT2lLU2V0V1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAApANAwQE
ApEgMA0GCSqGSIb3DQEBCwUAA4IBAQB7uklQX4qk+fjDnH6QcVktNVF11CcX9mL2
s8l83JODm2jtdd5cJXlbaww7pDoa3XRvdD7HNx011+qBNgWeHQUWQ6bOQBUtB4qS
Zoj4jGCcuJnnYKYpys/WDrlY125lZP6dkjlbVBCaK99pzK2ZF/1ApFhkn7NVvnmV
FgYNty0102LLdFYDkVwXHVJ2RVThc26cS6D1Vg2i19p3giRuETPzQRXVqdVFT+QL
o8a4zcCrMVFrW0LqB69UmJnbSAg/oQrg3ngpUVFNJywgnAMcP11OA/V0udwtK5IG
iZiwIfqOGRCGFdSjzqq0EFPBLH4534XpY9iHhGw0tO42QZTIk7Cf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:39 2024 by rpki-client on console-ams.rpki-client.org