Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/xtpxDckpEhQGtlCfD78IWgMNDxM.roa
File: xtpxDckpEhQGtlCfD78IWgMNDxM.roa (raw, json)
Hash identifier: 3Yv5Znx5YE31RCmDR/WRWtfs0HxbSjjW9oX+C0VTCTM=
Subject key identifier: C6:DA:71:0D:C9:29:12:14:06:B6:50:9F:0F:BF:08:5A:03:0D:0F:13
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CD82C775257EDFCE7C884F8EC7978
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/xtpxDckpEhQGtlCfD78IWgMNDxM.roa
Signing time: Mon 02 Jan 2023 03:35:56 +0000
ROA not before: Mon 02 Jan 2023 03:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21403
IP address blocks: 46.61.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d8:2c:77:52:57:ed:fc:e7:c8:84:f8:ec:79:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6da710dc929121406b6509f0fbf085a030d0f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:02:bd:ad:39:29:71:9c:07:d6:b2:42:8b:31:
85:bc:ef:a4:ba:fe:11:87:5f:d0:4d:d3:2d:73:f5:
9b:05:51:5f:04:a2:0b:d2:1f:be:25:e8:2b:ae:84:
d1:da:48:a2:4c:39:17:25:29:11:7f:33:b8:b0:40:
26:04:5d:f0:a7:9b:a9:63:8b:c6:b1:f4:ba:e8:37:
7f:3e:16:5b:35:2e:18:46:97:f9:f9:ba:6d:0b:18:
f8:55:62:d5:1f:0e:ba:40:42:b4:ac:2d:d2:d6:7c:
84:d5:eb:56:f3:f7:4e:b9:86:1a:30:2c:78:e7:f2:
fa:f7:0f:17:44:3b:8d:85:34:85:d2:b9:de:f5:15:
07:10:19:29:0c:2d:8e:e8:e3:dd:95:19:7f:e0:86:
b5:35:87:cd:5d:01:c4:c8:49:f5:60:55:93:a7:e4:
18:c1:12:73:39:26:c5:bf:83:f6:4e:e4:46:6e:8c:
9a:bf:3d:af:55:1b:83:dc:dd:56:dc:f1:01:48:b5:
9c:f9:0e:22:d8:21:ae:a1:82:da:42:58:7e:2f:55:
46:1a:ef:8b:9a:12:70:b2:05:8a:e6:fc:9b:f9:92:
f7:3f:21:c8:8a:23:ad:40:7f:60:f6:7c:6c:9d:d9:
7b:59:c1:b4:50:f5:23:82:87:3b:80:bd:0e:9f:23:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DA:71:0D:C9:29:12:14:06:B6:50:9F:0F:BF:08:5A:03:0D:0F:13
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/xtpxDckpEhQGtlCfD78IWgMNDxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.61.137.0/24
Signature Algorithm: sha256WithRSAEncryption
36:46:c1:1c:0f:0c:a4:ad:74:f7:af:c3:e1:aa:78:4c:bf:d7:
b3:b3:70:11:69:b7:aa:b5:ca:13:11:0f:b1:02:88:37:d9:ce:
1a:b8:36:d5:29:c3:41:c0:79:7b:4f:47:f1:d2:78:c2:b7:6c:
e6:70:dd:76:7d:f2:4d:34:08:48:28:81:21:fd:f4:8b:c8:a4:
50:34:77:c3:60:10:70:45:a1:92:ef:6a:cd:a6:3c:45:d8:a4:
ab:60:dd:0b:46:6d:38:27:9a:e1:1e:7e:10:bb:2f:b3:2b:df:
80:0f:5b:0d:57:61:d9:bd:c9:1a:78:75:fe:ba:41:74:77:05:
47:32:95:d9:2f:27:57:49:8b:8c:37:11:81:5e:55:f8:c0:f9:
9e:1b:97:1a:5c:a0:83:31:42:8a:81:d1:eb:b2:3a:c7:ff:f5:
62:58:67:94:42:90:bf:eb:3f:e7:2d:4c:89:8a:e2:ca:cd:83:
31:64:1d:3d:03:65:d6:5b:ea:fa:1e:0c:c0:ea:29:64:0b:46:
08:c5:18:1d:2d:c0:0e:1d:3d:00:d8:45:53:66:7c:91:c4:20:
29:64:a3:f8:90:43:52:69:70:e8:d6:10:1f:c7:a2:94:cd:2f:
0d:7e:aa:64:9e:f6:67:08:17:09:90:b9:11:78:69:6c:3d:e6:
97:35:08:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNgsd1JX7fznyIT47Hl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRhNzEwZGM5MjkxMjE0MDZiNjUwOWYwZmJmMDg1YTAzMGQwZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAK9rTkpcZwH1rJCizGFvO+kuv4R
h1/QTdMtc/WbBVFfBKIL0h++JegrroTR2kiiTDkXJSkRfzO4sEAmBF3wp5upY4vG
sfS66Dd/PhZbNS4YRpf5+bptCxj4VWLVHw66QEK0rC3S1nyE1etW8/dOuYYaMCx4
5/L69w8XRDuNhTSF0rne9RUHEBkpDC2O6OPdlRl/4Ia1NYfNXQHEyEn1YFWTp+QY
wRJzOSbFv4P2TuRGboyavz2vVRuD3N1W3PEBSLWc+Q4i2CGuoYLaQlh+L1VGGu+L
mhJwsgWK5vyb+ZL3PyHIiiOtQH9g9nxsndl7WcG0UPUjgoc7gL0OnyMfuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbacQ3JKRIUBrZQnw+/CFoDDQ8TMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEveHRweERja3BFaFFHdGxDZkQ3OElXZ01ORHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALj2JMA0G
CSqGSIb3DQEBCwUAA4IBAQA2RsEcDwykrXT3r8PhqnhMv9ezs3ARabeqtcoTEQ+x
Aog32c4auDbVKcNBwHl7T0fx0njCt2zmcN12ffJNNAhIKIEh/fSLyKRQNHfDYBBw
RaGS72rNpjxF2KSrYN0LRm04J5rhHn4Quy+zK9+AD1sNV2HZvckaeHX+ukF0dwVH
MpXZLydXSYuMNxGBXlX4wPmeG5caXKCDMUKKgdHrsjrH//ViWGeUQpC/6z/nLUyJ
iuLKzYMxZB09A2XWW+r6HgzA6ilkC0YIxRgdLcAOHT0A2EVTZnyRxCApZKP4kENS
aXDo1hAfx6KUzS8NfqpknvZnCBcJkLkReGlsPeaXNQgN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org