Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/xrEQ872lJXnHWKgYx4R6tRmQ3mg.roa
File: xrEQ872lJXnHWKgYx4R6tRmQ3mg.roa (raw, json)
Hash identifier: kytI0GoiYrGfdKAX+HB3tj1yrYZoYWP98S1VNz+iNi4=
Subject key identifier: C6:B1:10:F3:BD:A5:25:79:C7:58:A8:18:C7:84:7A:B5:19:90:DE:68
Certificate issuer: /CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Certificate serial: 0191A2A8460C343295A3AA652F3B85B3D410
Authority key identifier: BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/xrEQ872lJXnHWKgYx4R6tRmQ3mg.roa
Signing time: Fri 30 Aug 2024 09:40:22 +0000
ROA not before: Fri 30 Aug 2024 09:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 84.38.48.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Sep 2024 08:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:a8:46:0c:34:32:95:a3:aa:65:2f:3b:85:b3:d4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Validity
Not Before: Aug 30 09:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6b110f3bda52579c758a818c7847ab51990de68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:52:22:8a:dc:14:e4:67:dc:a4:5c:24:f8:
d2:3d:0d:3a:e3:75:34:84:37:f9:56:df:fd:bf:94:
67:26:3d:01:2e:bb:90:9e:32:dd:b0:09:3a:14:f2:
d7:b2:13:1f:d9:7b:b9:9d:16:b1:86:01:66:f2:8e:
47:94:e4:87:b3:84:23:3e:0d:58:72:8c:9c:ca:de:
6d:f7:93:41:02:35:69:90:66:2b:c0:da:fd:05:b6:
b2:86:69:d7:68:df:cc:04:77:3c:3e:b0:49:f2:31:
9e:13:05:0e:fc:aa:36:a6:0e:f9:c1:06:7d:e9:07:
88:5d:18:37:13:56:18:63:22:b4:b9:91:67:fa:aa:
80:45:5c:35:83:ac:ea:09:c3:82:b1:57:7a:e0:18:
c9:15:68:02:12:a8:3c:52:f4:a9:28:e8:c4:fc:45:
23:e8:05:d0:cb:58:a0:d3:50:d0:b6:e2:bb:1e:1a:
8d:2b:96:0d:07:f1:a1:e5:96:fc:b2:58:d9:f1:87:
12:6f:63:ae:eb:98:89:d8:05:88:2f:d2:ac:21:ae:
08:c2:52:4b:b4:ed:e5:bd:12:86:5d:8a:85:62:0e:
7b:56:d8:f9:16:85:2b:1c:df:38:99:ec:37:3f:b2:
fb:59:56:5e:b4:9a:2b:a9:1b:3d:38:65:83:e1:64:
14:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:10:F3:BD:A5:25:79:C7:58:A8:18:C7:84:7A:B5:19:90:DE:68
X509v3 Authority Key Identifier:
keyid:BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/xrEQ872lJXnHWKgYx4R6tRmQ3mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.48.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:ed:fe:15:88:c0:2a:3a:f2:65:6f:3e:f4:2a:a4:b4:01:b0:
8b:a5:7a:07:52:9f:c5:cf:50:70:5e:10:27:88:6f:d2:13:82:
2a:d1:0b:0f:b5:2d:aa:f4:9b:c3:a6:5a:c4:1b:83:ed:06:f5:
67:07:8d:14:7e:3f:d8:97:df:7e:2a:3f:7f:d2:ca:94:14:15:
0c:c8:91:fc:fc:ac:e4:94:e3:0f:6f:c5:3b:d5:bc:17:80:35:
11:f0:b6:d2:02:c1:d1:2c:45:4d:7c:b6:1a:81:18:f1:42:c4:
7d:94:33:4a:65:de:7d:bc:ac:34:db:cf:92:b9:83:7d:ce:d0:
46:1e:19:a4:70:43:9d:d5:13:d7:a5:0f:39:36:71:2e:f5:e4:
ba:5c:ab:58:a8:88:a7:bd:32:e0:ab:81:c8:8c:e8:2d:40:37:
0d:23:09:6f:7a:e9:f2:05:08:5a:08:7b:36:16:e8:b1:54:85:
45:ac:99:eb:17:5c:47:f9:fd:7c:cd:75:89:9c:7d:e8:38:c1:
75:68:bf:29:32:2f:aa:ee:f8:1b:28:c7:c2:be:40:6c:90:62:
83:b2:e6:25:b1:90:89:47:ac:12:d7:b7:42:73:84:d2:65:64:
8a:79:e3:d6:38:ff:f5:47:42:30:de:a6:1d:62:ef:bd:34:cd:
fb:84:8e:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGiqEYMNDKVo6plLzuFs9QQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTJkYjg0OThlZThmN2IzYWI1Y2FhZTgzODI5NTk2NjIw
NzAyYzEwHhcNMjQwODMwMDk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxMTBmM2JkYTUyNTc5Yzc1OGE4MThjNzg0N2FiNTE5OTBkZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAhSIorcFORn3KRcJPjSPQ0643U0
hDf5Vt/9v5RnJj0BLruQnjLdsAk6FPLXshMf2Xu5nRaxhgFm8o5HlOSHs4QjPg1Y
coycyt5t95NBAjVpkGYrwNr9BbayhmnXaN/MBHc8PrBJ8jGeEwUO/Ko2pg75wQZ9
6QeIXRg3E1YYYyK0uZFn+qqARVw1g6zqCcOCsVd64BjJFWgCEqg8UvSpKOjE/EUj
6AXQy1ig01DQtuK7HhqNK5YNB/Gh5Zb8sljZ8YcSb2Ou65iJ2AWIL9KsIa4IwlJL
tO3lvRKGXYqFYg57Vtj5FoUrHN84mew3P7L7WVZetJorqRs9OGWD4WQU/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaxEPO9pSV5x1ioGMeEerUZkN5oMB8GA1UdIwQY
MBaAFL3i24SY7o97OrXKroOClZZiBwLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYt
MTIyNTVlMzYxMmVjLzEveHJFUTg3MmxKWG5IV0tnWXg0UjZ0Um1RM21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYtMTIyNTVlMzYxMmVj
LzEvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCYwMA0G
CSqGSIb3DQEBCwUAA4IBAQA67f4ViMAqOvJlbz70KqS0AbCLpXoHUp/Fz1BwXhAn
iG/SE4Iq0QsPtS2q9JvDplrEG4PtBvVnB40Ufj/Yl99+Kj9/0sqUFBUMyJH8/Kzk
lOMPb8U71bwXgDUR8LbSAsHRLEVNfLYagRjxQsR9lDNKZd59vKw028+SuYN9ztBG
HhmkcEOd1RPXpQ85NnEu9eS6XKtYqIinvTLgq4HIjOgtQDcNIwlveunyBQhaCHs2
FuixVIVFrJnrF1xH+f18zXWJnH3oOMF1aL8pMi+q7vgbKMfCvkBskGKDsuYlsZCJ
R6wS17dCc4TSZWSKeePWOP/1R0Iw3qYdYu+9NM37hI7U
-----END CERTIFICATE-----
Generated at Mon Sep 2 10:21:48 2024 by rpki-client on console-ams.rpki-client.org