Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/xGH2cSSCoIBb5EVotytOMDPsrQQ.roa
File: xGH2cSSCoIBb5EVotytOMDPsrQQ.roa (raw, json)
Hash identifier: C4mO1sX6KgixU43IG19fxN6UEgcagkrb+rVWmx0pEjc=
Subject key identifier: C4:61:F6:71:24:82:A0:80:5B:E4:45:68:B7:2B:4E:30:33:EC:AD:04
Certificate issuer: /CN=d9112e8993b00bda2b4e9c02ac57837400aac404
Certificate serial: 01856C25BC4B81596080E01FE05BE81BF620
Authority key identifier: D9:11:2E:89:93:B0:0B:DA:2B:4E:9C:02:AC:57:83:74:00:AA:C4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2REuiZOwC9orTpwCrFeDdACqxAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/xGH2cSSCoIBb5EVotytOMDPsrQQ.roa
Signing time: Sun 01 Jan 2023 07:04:50 +0000
ROA not before: Sun 01 Jan 2023 07:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 198.205.12.0/24 maxlen: 24
198.205.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 14:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:bc:4b:81:59:60:80:e0:1f:e0:5b:e8:1b:f6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9112e8993b00bda2b4e9c02ac57837400aac404
Validity
Not Before: Jan 1 07:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c461f6712482a0805be44568b72b4e3033ecad04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1e:04:64:1b:c0:85:fa:b8:3b:95:d2:33:14:
23:58:09:ba:0f:8e:94:ba:31:28:09:d3:f2:ed:ff:
1d:f5:52:e9:bc:21:ab:74:6e:6d:f3:7d:72:59:93:
38:c4:a8:5f:df:44:0d:5f:cc:48:d5:dd:29:c8:a2:
bb:05:45:d7:d7:44:df:11:90:57:c5:1b:5b:40:51:
f1:6c:3a:a8:77:ef:d4:ed:ba:2a:21:08:63:8b:40:
8b:1e:43:2b:c5:15:7f:72:46:aa:3f:33:fd:71:7e:
21:41:12:a9:be:b7:8d:75:4d:54:b5:85:25:7f:08:
6c:41:74:10:5b:c7:9f:20:f4:ff:fc:36:65:03:06:
f0:72:da:a3:c3:fa:9f:c2:75:5e:06:fc:a5:1a:ee:
89:0f:ba:44:02:5e:21:de:27:7c:35:dd:a6:b6:96:
37:f2:16:06:c0:bc:e6:fc:b5:1e:b4:5b:e2:e6:86:
ee:62:3a:91:2c:4a:da:3b:77:ff:23:dd:6f:b2:6f:
92:88:e1:81:7f:f0:44:01:bf:f9:81:8a:19:ae:90:
97:8a:c6:fd:7f:a5:2b:fb:aa:d2:ea:ca:80:77:9b:
33:c4:8c:80:79:6b:4e:b8:de:f7:0f:4e:f4:54:8c:
48:d2:91:db:60:0a:13:3e:cf:c4:2e:f2:13:c7:18:
03:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:61:F6:71:24:82:A0:80:5B:E4:45:68:B7:2B:4E:30:33:EC:AD:04
X509v3 Authority Key Identifier:
keyid:D9:11:2E:89:93:B0:0B:DA:2B:4E:9C:02:AC:57:83:74:00:AA:C4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2REuiZOwC9orTpwCrFeDdACqxAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/xGH2cSSCoIBb5EVotytOMDPsrQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/2REuiZOwC9orTpwCrFeDdACqxAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.205.12.0/23
Signature Algorithm: sha256WithRSAEncryption
09:5f:03:ec:b1:92:ed:72:80:67:a6:db:09:be:22:a8:4e:23:
58:1f:e5:47:8e:22:72:03:37:54:2f:3b:01:58:68:f1:da:64:
12:02:4f:4f:4f:ec:d5:58:70:b8:cb:1e:2f:54:52:4f:c5:a7:
13:fc:69:9b:80:87:f5:3a:fd:01:8c:62:23:00:37:4f:9b:d9:
00:41:8c:ee:08:79:d7:a3:81:e8:62:aa:ab:64:88:9c:f3:25:
d2:66:01:a0:69:79:34:74:d7:ef:c7:58:62:07:2c:de:79:32:
b8:01:94:e7:34:70:be:69:30:14:00:89:4e:94:c1:e9:05:44:
44:23:1c:68:27:c0:70:a3:db:88:e5:17:9f:6a:46:1b:d4:8f:
df:cd:b1:08:1b:0f:e1:e5:62:1f:21:d7:07:98:5f:69:36:bf:
46:6a:74:64:ba:e6:1b:c0:4b:5e:e9:ee:1b:ca:47:03:e1:b5:
6d:c8:ee:0d:39:6c:20:fc:ee:94:30:85:90:59:8e:e6:0a:c0:
95:df:56:b9:62:2e:58:f5:6d:27:ce:b9:2a:6a:2d:4c:44:96:
9b:a0:9a:2c:35:29:2d:fd:b1:25:ce:d7:e7:a1:98:c9:49:2f:
10:61:37:27:41:d3:9c:9a:42:f2:74:7d:58:78:3d:bc:b7:ba:
e1:93:5d:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJbxLgVlggOAf4FvoG/YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTEyZTg5OTNiMDBiZGEyYjRlOWMwMmFjNTc4Mzc0MDBh
YWM0MDQwHhcNMjMwMTAxMDcwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDYxZjY3MTI0ODJhMDgwNWJlNDQ1NjhiNzJiNGUzMDMzZWNhZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh4EZBvAhfq4O5XSMxQjWAm6D46U
ujEoCdPy7f8d9VLpvCGrdG5t831yWZM4xKhf30QNX8xI1d0pyKK7BUXX10TfEZBX
xRtbQFHxbDqod+/U7boqIQhji0CLHkMrxRV/ckaqPzP9cX4hQRKpvreNdU1UtYUl
fwhsQXQQW8efIPT//DZlAwbwctqjw/qfwnVeBvylGu6JD7pEAl4h3id8Nd2mtpY3
8hYGwLzm/LUetFvi5obuYjqRLEraO3f/I91vsm+SiOGBf/BEAb/5gYoZrpCXisb9
f6Ur+6rS6sqAd5szxIyAeWtOuN73D070VIxI0pHbYAoTPs/ELvITxxgDUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRh9nEkgqCAW+RFaLcrTjAz7K0EMB8GA1UdIwQY
MBaAFNkRLomTsAvaK06cAqxXg3QAqsQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJFdWlaT3dDOW9yVHB3Q3JGZURkQUNxeEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jNmY5ZTgtNGI3NS00NGU0LWEwZDYt
NTE3YTY2MWFlNmJkLzEveEdIMmNTU0NvSUJiNUVWb3R5dE9NRFBzclFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jNmY5ZTgtNGI3NS00NGU0LWEwZDYtNTE3YTY2MWFlNmJk
LzEvMlJFdWlaT3dDOW9yVHB3Q3JGZURkQUNxeEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBxs0MMA0G
CSqGSIb3DQEBCwUAA4IBAQAJXwPssZLtcoBnptsJviKoTiNYH+VHjiJyAzdULzsB
WGjx2mQSAk9PT+zVWHC4yx4vVFJPxacT/GmbgIf1Ov0BjGIjADdPm9kAQYzuCHnX
o4HoYqqrZIic8yXSZgGgaXk0dNfvx1hiByzeeTK4AZTnNHC+aTAUAIlOlMHpBURE
IxxoJ8Bwo9uI5RefakYb1I/fzbEIGw/h5WIfIdcHmF9pNr9GanRkuuYbwEte6e4b
ykcD4bVtyO4NOWwg/O6UMIWQWY7mCsCV31a5Yi5Y9W0nzrkqai1MRJaboJosNSkt
/bElztfnoZjJSS8QYTcnQdOcmkLydH1YeD28t7rhk12I
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org