Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/xyDc1r3-fmX27eiqCyxABoCw8Y4.roa
File: xyDc1r3-fmX27eiqCyxABoCw8Y4.roa (raw, json)
Hash identifier: xeuBCJuzt+ymSZiWzBBr8/Xict5L2ucsa3U8Oc9Tlug=
Subject key identifier: C7:20:DC:D6:BD:FE:7E:65:F6:ED:E8:AA:0B:2C:40:06:80:B0:F1:8E
Certificate issuer: /CN=3ec2c20d6b3acf84802c2b7ca0722deb72c670bb
Certificate serial: 018BA3EDDA538EE70CB62BC37B4938D59FDD
Authority key identifier: 3E:C2:C2:0D:6B:3A:CF:84:80:2C:2B:7C:A0:72:2D:EB:72:C6:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsLCDWs6z4SALCt8oHIt63LGcLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/xyDc1r3-fmX27eiqCyxABoCw8Y4.roa
Signing time: Mon 06 Nov 2023 09:19:15 +0000
ROA not before: Mon 06 Nov 2023 09:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 195.211.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:ed:da:53:8e:e7:0c:b6:2b:c3:7b:49:38:d5:9f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec2c20d6b3acf84802c2b7ca0722deb72c670bb
Validity
Not Before: Nov 6 09:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c720dcd6bdfe7e65f6ede8aa0b2c400680b0f18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:95:bb:86:ef:9d:04:90:2c:90:de:d4:76:dc:
6f:67:ff:ae:d5:14:b9:9e:86:31:f3:69:61:e9:43:
ff:c0:c9:d3:98:5e:0f:79:99:75:e4:0f:0d:30:26:
90:79:2a:a4:66:79:16:d2:74:b3:38:0a:7e:52:c2:
42:fe:a6:4a:fe:bf:48:e9:9f:40:f6:f0:27:0c:8d:
4d:ef:0f:5f:2d:9f:44:75:db:a5:d3:4f:f4:96:95:
05:c7:d3:69:24:68:3e:ea:b6:99:83:8f:b3:c8:6d:
64:6f:09:b1:6f:0c:c3:80:92:b4:03:19:85:1f:59:
ba:c4:be:a5:f3:0d:4d:7f:48:76:f5:16:cc:03:ff:
f8:a7:bc:9a:97:4f:0b:f1:07:82:61:6a:c5:9b:8f:
48:87:9d:d5:a3:fc:0a:de:01:85:21:cd:aa:f6:4e:
35:77:cd:12:48:4c:c9:59:72:df:56:95:75:9f:48:
0c:4c:ed:12:d4:75:4a:91:2e:1b:91:86:2f:17:b4:
aa:4e:b2:ae:0f:b2:a6:94:b7:6d:d8:d8:17:a8:52:
77:22:d7:4e:d0:b7:4f:00:6b:43:ca:6a:2f:2a:ac:
13:ae:40:a7:0d:50:3f:6e:fb:22:09:44:2a:47:dc:
0d:7c:85:de:e0:cc:ab:3f:0e:5a:7b:5d:27:2d:3b:
27:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:20:DC:D6:BD:FE:7E:65:F6:ED:E8:AA:0B:2C:40:06:80:B0:F1:8E
X509v3 Authority Key Identifier:
keyid:3E:C2:C2:0D:6B:3A:CF:84:80:2C:2B:7C:A0:72:2D:EB:72:C6:70:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsLCDWs6z4SALCt8oHIt63LGcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/xyDc1r3-fmX27eiqCyxABoCw8Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/PsLCDWs6z4SALCt8oHIt63LGcLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.167.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c2:b6:c2:ff:e1:89:b5:cc:f5:01:78:f0:bc:80:f0:b0:11:
ae:e4:53:7f:aa:59:34:78:dd:88:39:0e:f4:17:1e:3b:6c:9a:
49:6c:41:b8:b3:9d:e6:3a:45:e8:7e:7d:0d:f2:ec:fb:73:df:
dc:92:02:0e:ee:22:98:b2:88:3e:d2:71:45:44:fa:b9:53:62:
37:3f:96:d7:7d:e6:49:f2:d0:0b:16:0d:96:ca:53:90:cb:c8:
ab:df:ed:8a:45:3c:c7:dd:d5:d7:08:46:f0:a3:55:7a:63:7c:
fc:ee:1b:1c:b2:07:d3:54:03:50:79:22:3f:ab:e7:32:25:52:
50:7d:41:eb:83:7a:25:f7:69:78:68:bd:68:ec:40:0b:0c:8c:
3d:5d:41:0b:c7:ab:07:f6:39:60:68:8c:14:97:9d:7b:bc:6f:
3a:04:c4:2a:72:88:da:47:ba:38:3c:fc:a5:45:8e:d9:27:c5:
a5:66:b7:c1:d2:88:92:82:ee:c7:98:87:a2:b2:3f:ce:5b:bf:
08:d1:97:bf:94:ae:28:91:98:fb:90:f1:d7:80:d2:d2:27:b2:
85:9b:3d:85:08:25:80:be:af:5e:04:f5:d1:51:af:1d:7e:b1:
05:75:fb:87:6d:26:06:2a:f8:2b:41:3d:e0:32:0e:e1:7f:05:
95:95:56:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuj7dpTjucMtivDe0k41Z/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzJjMjBkNmIzYWNmODQ4MDJjMmI3Y2EwNzIyZGViNzJj
NjcwYmIwHhcNMjMxMTA2MDkxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIwZGNkNmJkZmU3ZTY1ZjZlZGU4YWEwYjJjNDAwNjgwYjBmMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipW7hu+dBJAskN7UdtxvZ/+u1RS5
noYx82lh6UP/wMnTmF4PeZl15A8NMCaQeSqkZnkW0nSzOAp+UsJC/qZK/r9I6Z9A
9vAnDI1N7w9fLZ9Eddul00/0lpUFx9NpJGg+6raZg4+zyG1kbwmxbwzDgJK0AxmF
H1m6xL6l8w1Nf0h29RbMA//4p7yal08L8QeCYWrFm49Ih53Vo/wK3gGFIc2q9k41
d80SSEzJWXLfVpV1n0gMTO0S1HVKkS4bkYYvF7SqTrKuD7KmlLdt2NgXqFJ3ItdO
0LdPAGtDymovKqwTrkCnDVA/bvsiCUQqR9wNfIXe4MyrPw5ae10nLTsnvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcg3Na9/n5l9u3oqgssQAaAsPGOMB8GA1UdIwQY
MBaAFD7Cwg1rOs+EgCwrfKByLetyxnC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNMQ0RXczZ6NFNBTEN0OG9ISXQ2M0xHY0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yNzEwYjAtNmM0YS00YTk0LWI5MmEt
YjFjZWZjOTk1Mzc5LzEveHlEYzFyMy1mbVgyN2VpcUN5eEFCb0N3OFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yNzEwYjAtNmM0YS00YTk0LWI5MmEtYjFjZWZjOTk1Mzc5
LzEvUHNMQ0RXczZ6NFNBTEN0OG9ISXQ2M0xHY0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9OnMA0G
CSqGSIb3DQEBCwUAA4IBAQBlwrbC/+GJtcz1AXjwvIDwsBGu5FN/qlk0eN2IOQ70
Fx47bJpJbEG4s53mOkXofn0N8uz7c9/ckgIO7iKYsog+0nFFRPq5U2I3P5bXfeZJ
8tALFg2WylOQy8ir3+2KRTzH3dXXCEbwo1V6Y3z87hscsgfTVANQeSI/q+cyJVJQ
fUHrg3ol92l4aL1o7EALDIw9XUELx6sH9jlgaIwUl517vG86BMQqcojaR7o4PPyl
RY7ZJ8WlZrfB0oiSgu7HmIeisj/OW78I0Ze/lK4okZj7kPHXgNLSJ7KFmz2FCCWA
vq9eBPXRUa8dfrEFdfuHbSYGKvgrQT3gMg7hfwWVlVY2
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:22 2024 by rpki-client on console-ams.rpki-client.org