Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/xkvqxP4B7xBM1bLqoRcefQitoiQ.roa
File: xkvqxP4B7xBM1bLqoRcefQitoiQ.roa (raw, json)
Hash identifier: XuuQJiYgcXdkS8TwxDJHkUMAkgrXx7C25d0Aaa+m8Nk=
Subject key identifier: C6:4B:EA:C4:FE:01:EF:10:4C:D5:B2:EA:A1:17:1E:7D:08:AD:A2:24
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018CCA29D9F27E04FBD6E057B518515E4BA4
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/xkvqxP4B7xBM1bLqoRcefQitoiQ.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29345
IP address blocks: 85.254.192.0/23 maxlen: 24
85.254.193.0/24 maxlen: 24
91.240.246.0/23 maxlen: 23
2a02:501::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d9:f2:7e:04:fb:d6:e0:57:b5:18:51:5e:4b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64beac4fe01ef104cd5b2eaa1171e7d08ada224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:12:36:3e:cb:a3:56:f2:d0:8e:93:cd:30:
17:3f:52:a4:c6:a4:d0:6d:b3:c3:d0:be:96:a2:39:
24:48:d1:54:c4:f3:cd:aa:60:df:32:4c:78:18:71:
91:2e:ff:e8:62:b3:0e:d9:39:98:f0:1c:5c:b0:18:
15:17:c9:e3:5d:cc:30:ca:94:4f:85:92:55:52:9c:
e2:bc:33:ea:bf:35:7d:5b:28:61:83:09:34:45:a4:
bd:59:be:71:0a:d1:a6:5e:e8:5b:3a:3f:55:63:2f:
8f:f2:89:a7:3e:c4:34:41:59:b9:1c:a4:8e:58:31:
0e:70:f1:9b:37:ca:c3:0a:28:80:3f:bb:ad:53:71:
ab:34:92:fd:5f:bb:ac:af:f8:8a:d6:4c:bf:26:8e:
d1:be:74:cc:2f:bd:7e:f6:24:8f:f0:a3:68:44:6e:
f1:c7:e4:a1:6c:2b:84:b0:19:55:77:d5:b8:59:90:
78:14:2c:92:7b:01:82:7f:7c:b7:b2:25:4b:55:8f:
b8:70:df:3e:ba:1c:ee:1e:34:f7:b4:a2:5a:d0:50:
5e:e0:d7:29:1b:fd:9b:49:83:4f:bf:c6:5a:f0:48:
a6:ac:93:3c:f7:4d:b2:7a:c2:ed:3a:43:b6:23:be:
6f:e1:79:43:70:83:aa:1e:c8:28:ad:b6:e6:9c:c7:
49:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:EA:C4:FE:01:EF:10:4C:D5:B2:EA:A1:17:1E:7D:08:AD:A2:24
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/xkvqxP4B7xBM1bLqoRcefQitoiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.192.0/23
91.240.246.0/23
IPv6:
2a02:501::/32
Signature Algorithm: sha256WithRSAEncryption
6b:3b:e1:77:ce:41:13:b2:86:79:82:66:08:0d:88:1c:97:9f:
92:d7:d8:ca:04:15:67:a5:26:94:6e:21:e5:49:a4:1e:27:33:
3a:cd:0e:b3:7f:0e:72:73:00:ab:aa:43:76:70:8a:72:7e:18:
b5:6c:64:bc:26:4a:d1:83:31:5e:20:1d:40:b5:bd:af:42:48:
3d:45:2e:5f:2e:a7:5a:c6:55:68:60:47:2f:10:58:bf:9b:4b:
28:c0:e6:23:88:a3:58:eb:a6:13:fc:73:88:96:12:51:97:15:
47:2b:52:15:ae:e1:dd:07:12:ed:98:31:6a:0b:c1:4a:44:2e:
74:7c:73:e6:c1:ab:f5:54:7a:d6:2d:36:f7:a5:4d:bf:1b:41:
b3:2c:f4:c8:95:7f:3a:80:20:99:17:92:a5:a4:fb:a5:5b:b2:
71:04:93:f0:48:a8:37:4b:e3:d7:ed:f5:c9:32:82:29:40:5d:
eb:74:f5:88:d2:ef:5d:58:e2:7e:24:26:71:d0:22:25:3e:e1:
79:47:94:de:fd:0b:76:26:c6:0c:c7:0e:d4:03:f4:66:f5:60:
8b:76:97:74:1c:cb:3b:e2:66:6b:6c:68:9a:19:ad:9d:59:7b:
bd:fb:99:43:ac:f2:15:c9:18:4d:b4:8b:09:6f:05:3a:36:19:
62:f3:6d:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKdnyfgT71uBXtRhRXkukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiZWFjNGZlMDFlZjEwNGNkNWIyZWFhMTE3MWU3ZDA4YWRhMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8USNj7Lo1by0I6TzTAXP1KkxqTQ
bbPD0L6WojkkSNFUxPPNqmDfMkx4GHGRLv/oYrMO2TmY8BxcsBgVF8njXcwwypRP
hZJVUpzivDPqvzV9Wyhhgwk0RaS9Wb5xCtGmXuhbOj9VYy+P8omnPsQ0QVm5HKSO
WDEOcPGbN8rDCiiAP7utU3GrNJL9X7usr/iK1ky/Jo7RvnTML71+9iSP8KNoRG7x
x+ShbCuEsBlVd9W4WZB4FCySewGCf3y3siVLVY+4cN8+uhzuHjT3tKJa0FBe4Ncp
G/2bSYNPv8Za8EimrJM8902yesLtOkO2I75v4XlDcIOqHsgorbbmnMdJhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMZL6sT+Ae8QTNWy6qEXHn0IraIkMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEveGt2cXhQNEI3eEJNMWJMcW9SY2VmUWl0b2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBVf7AAwQB
W/D2MA0EAgACMAcDBQAqAgUBMA0GCSqGSIb3DQEBCwUAA4IBAQBrO+F3zkETsoZ5
gmYIDYgcl5+S19jKBBVnpSaUbiHlSaQeJzM6zQ6zfw5ycwCrqkN2cIpyfhi1bGS8
JkrRgzFeIB1Atb2vQkg9RS5fLqdaxlVoYEcvEFi/m0sowOYjiKNY66YT/HOIlhJR
lxVHK1IVruHdBxLtmDFqC8FKRC50fHPmwav1VHrWLTb3pU2/G0GzLPTIlX86gCCZ
F5KlpPulW7JxBJPwSKg3S+PX7fXJMoIpQF3rdPWI0u9dWOJ+JCZx0CIlPuF5R5Te
/Qt2JsYMxw7UA/Rm9WCLdpd0HMs74mZrbGiaGa2dWXu9+5lDrPIVyRhNtIsJbwU6
Nhli822t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:31 2024 by rpki-client on console-ams.rpki-client.org