Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/xZ1FkNRUi85pMSh0XyCe8zDG5_k.roa
File: xZ1FkNRUi85pMSh0XyCe8zDG5_k.roa (raw, json)
Hash identifier: fL+ZfqxYMQ/RlR/d/BdxUWvYNMwQqLxdWvEU4v3DX04=
Subject key identifier: C5:9D:45:90:D4:54:8B:CE:69:31:28:74:5F:20:9E:F3:30:C6:E7:F9
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 01856CAF350859013A6865415CAA62D39821
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/xZ1FkNRUi85pMSh0XyCe8zDG5_k.roa
Signing time: Sun 01 Jan 2023 09:34:59 +0000
ROA not before: Sun 01 Jan 2023 09:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48571
IP address blocks: 37.143.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:35:08:59:01:3a:68:65:41:5c:aa:62:d3:98:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Jan 1 09:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c59d4590d4548bce693128745f209ef330c6e7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:49:e1:a5:42:77:4f:b8:3f:8a:23:9e:32:
d7:a5:3a:50:ff:41:dd:e0:e8:fd:98:7a:f9:45:3e:
20:c6:95:05:ed:3e:c6:99:53:83:79:6f:4d:1c:a8:
f6:aa:97:27:d4:d2:b5:d6:8d:9d:6e:cf:49:22:79:
b6:21:52:d4:8c:b5:ea:e7:7e:8d:50:49:e9:1b:eb:
08:d9:0d:fe:5d:12:96:7e:8a:89:3a:69:64:58:51:
41:f8:c9:28:53:8d:ba:42:4d:73:5e:e3:de:af:70:
32:f3:29:be:c7:b5:89:1f:89:de:23:6d:f3:1d:b1:
55:9a:0c:2f:d8:c8:e2:ea:6b:3f:a3:49:86:08:cc:
cc:f2:a0:c6:98:0b:2a:0f:80:77:5a:bd:83:b3:fe:
65:ac:12:70:b3:db:79:0f:57:2c:61:21:2c:c7:50:
44:9c:45:61:94:a5:68:f2:08:27:4c:a0:03:2f:3b:
04:94:06:c9:34:43:8d:20:e2:5b:47:4b:49:17:af:
fa:ec:d7:37:58:10:4b:42:58:41:28:09:7a:fc:ac:
cf:83:b0:ce:5c:b3:08:68:6f:90:5c:99:35:cb:73:
f0:b8:07:31:76:41:fd:1d:1a:0d:8d:7e:9b:ef:4f:
ea:7f:9d:a5:2c:1a:48:a8:7a:eb:6d:f2:7c:81:04:
45:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9D:45:90:D4:54:8B:CE:69:31:28:74:5F:20:9E:F3:30:C6:E7:F9
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/xZ1FkNRUi85pMSh0XyCe8zDG5_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.173.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:4e:d1:4f:b5:43:63:25:9d:8f:2f:2e:95:41:bb:05:5a:68:
73:1f:b5:01:01:14:2c:64:e6:ea:1b:dc:e2:b6:8c:a7:d0:9d:
e8:f6:d2:80:b5:43:79:2d:d1:cc:ce:29:cd:b2:14:ab:9a:fd:
20:9b:b5:5a:60:d9:5c:79:9d:1b:d9:06:fd:cb:77:6f:56:22:
a3:3c:65:e5:84:e8:74:77:e1:c3:79:b3:f4:cf:51:53:3b:da:
13:1b:ba:92:98:14:17:1b:c7:41:03:a4:5d:a5:e9:a2:50:27:
e8:3d:c6:e3:df:38:2e:ff:ec:21:b9:cb:78:c0:af:38:c2:ca:
f2:d8:2a:5d:f9:61:ef:30:45:99:30:ae:c2:23:b9:58:e9:c2:
55:1a:ac:f3:24:73:b0:40:03:e0:91:3c:98:11:bd:49:dc:ef:
1f:49:5d:b2:6a:9b:ad:29:86:b7:c0:33:63:9d:b4:2c:99:1d:
95:8f:c6:16:92:c3:88:5e:15:93:5b:70:b6:1c:4c:10:f0:ed:
c1:73:ee:63:c3:72:b6:76:a5:f6:be:7f:94:56:57:c6:a4:ca:
0e:1a:99:52:d2:90:4f:a5:f2:f6:36:7e:56:42:98:5d:9d:36:
23:bb:fd:c7:43:70:0f:79:16:5a:ab:e2:c8:a9:d0:12:b3:ac:
21:4e:52:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrzUIWQE6aGVBXKpi05ghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGRlNjU5NzU5YjAyNzQxMjRhN2I0ODFkMDk3Njg0MGI3
YWRlMDYwHhcNMjMwMTAxMDkzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTlkNDU5MGQ0NTQ4YmNlNjkzMTI4NzQ1ZjIwOWVmMzMwYzZlN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQtJ4aVCd0+4P4ojnjLXpTpQ/0Hd
4Oj9mHr5RT4gxpUF7T7GmVODeW9NHKj2qpcn1NK11o2dbs9JInm2IVLUjLXq536N
UEnpG+sI2Q3+XRKWfoqJOmlkWFFB+MkoU426Qk1zXuPer3Ay8ym+x7WJH4neI23z
HbFVmgwv2Mji6ms/o0mGCMzM8qDGmAsqD4B3Wr2Ds/5lrBJws9t5D1csYSEsx1BE
nEVhlKVo8ggnTKADLzsElAbJNEONIOJbR0tJF6/67Nc3WBBLQlhBKAl6/KzPg7DO
XLMIaG+QXJk1y3PwuAcxdkH9HRoNjX6b70/qf52lLBpIqHrrbfJ8gQRFdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWdRZDUVIvOaTEodF8gnvMwxuf5MB8GA1UdIwQY
MBaAFNRN5ll1mwJ0Ekp7SB0JdoQLet4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUt
ZGI0ZDM5ZGM0ZWM3LzEveFoxRmtOUlVpODVwTVNoMFh5Q2U4ekRHNV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUtZGI0ZDM5ZGM0ZWM3
LzEvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJY+tMA0G
CSqGSIb3DQEBCwUAA4IBAQCPTtFPtUNjJZ2PLy6VQbsFWmhzH7UBARQsZObqG9zi
toyn0J3o9tKAtUN5LdHMzinNshSrmv0gm7VaYNlceZ0b2Qb9y3dvViKjPGXlhOh0
d+HDebP0z1FTO9oTG7qSmBQXG8dBA6RdpemiUCfoPcbj3zgu/+whuct4wK84wsry
2Cpd+WHvMEWZMK7CI7lY6cJVGqzzJHOwQAPgkTyYEb1J3O8fSV2yaputKYa3wDNj
nbQsmR2Vj8YWksOIXhWTW3C2HEwQ8O3Bc+5jw3K2dqX2vn+UVlfGpMoOGplS0pBP
pfL2Nn5WQphdnTYju/3HQ3APeRZaq+LIqdASs6whTlLi
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:57 2024 by rpki-client on console-fra.rpki-client.org