Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XK5-7lM1mZyv0rbQSKjnsoh7kLE.roa
File: XK5-7lM1mZyv0rbQSKjnsoh7kLE.roa (raw, json)
Hash identifier: VNrXbn4a9iuEKYzoVd+YWvkLEUoFMtdU7kAwOFoPJ5E=
Subject key identifier: 5C:AE:7E:EE:53:35:99:9C:AF:D2:B6:D0:48:A8:E7:B2:88:7B:90:B1
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018890A01C153FBFA7A339A29A22A3EEDB99
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XK5-7lM1mZyv0rbQSKjnsoh7kLE.roa
Signing time: Tue 06 Jun 2023 12:13:12 +0000
ROA not before: Tue 06 Jun 2023 12:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 78.108.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:a0:1c:15:3f:bf:a7:a3:39:a2:9a:22:a3:ee:db:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 6 12:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cae7eee5335999cafd2b6d048a8e7b2887b90b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:c3:22:22:4d:02:3f:01:45:74:ae:94:26:
aa:f0:f7:6f:78:aa:46:a9:78:66:7c:05:2d:b0:d3:
c5:cc:bb:72:39:2f:cb:4a:1a:83:a7:93:4e:0b:bc:
b9:35:65:2d:9d:04:cf:ec:fe:fb:dc:a0:1c:f8:a4:
8f:23:1b:a1:bf:aa:19:c8:4b:df:63:85:2f:8e:95:
40:ee:2a:87:cb:fe:26:41:e7:ad:ed:7a:70:1a:70:
34:50:e5:6e:e9:64:a8:5e:89:f6:c6:f2:69:0a:0c:
f4:58:30:0e:3e:1f:d4:a4:1f:70:d0:e1:cf:18:05:
da:bd:42:75:be:d4:7f:49:5b:c3:6a:ba:6c:65:e7:
2c:78:3d:63:25:d6:3f:19:0c:46:e8:04:77:99:1a:
bf:e3:9d:de:0b:6b:7a:78:a5:88:bd:57:a3:84:5d:
53:9e:a2:80:29:5a:85:8b:93:22:da:93:f0:7a:11:
a8:12:d8:a3:1a:95:d6:fd:cc:4d:11:64:48:82:64:
b6:34:a0:44:05:9c:32:be:6c:94:5f:a2:3a:ce:9d:
a7:a3:ad:86:c8:30:02:aa:dc:6a:9a:82:ac:7d:52:
b1:7f:55:7c:63:0e:bb:ab:fc:cd:70:8b:b2:06:37:
80:42:be:e8:6c:5b:a4:7e:89:b3:3c:8f:7d:b4:9b:
4a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AE:7E:EE:53:35:99:9C:AF:D2:B6:D0:48:A8:E7:B2:88:7B:90:B1
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XK5-7lM1mZyv0rbQSKjnsoh7kLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.217.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:33:72:99:bb:d8:c3:90:6e:94:51:64:22:6b:5b:1d:dc:8e:
34:02:ac:48:c2:7f:fa:17:0a:88:ec:96:21:52:69:5e:b7:6a:
55:62:2b:29:b7:a0:83:8e:a6:ad:34:98:63:ea:4e:f6:21:5e:
ef:17:4a:2d:49:c6:72:df:14:fb:9e:e8:3a:e3:2c:80:27:04:
3d:26:99:15:68:5d:1d:c6:06:a7:34:4f:08:d1:10:ea:e8:6a:
d0:42:87:b2:d7:99:0b:3f:72:2a:64:16:3c:30:b5:f0:3c:52:
e1:90:01:51:de:10:67:96:91:f4:98:39:04:4b:f1:4b:d1:cd:
dd:4a:85:6c:9e:db:87:05:e2:78:86:fb:14:ed:a1:b0:80:5e:
4d:fb:3d:f2:bf:23:30:bb:7b:bc:68:d6:57:1e:4f:b7:dc:a5:
b3:48:71:aa:6c:15:96:1f:61:b8:d6:f3:5f:21:75:c6:22:6f:
0b:01:ca:81:97:16:22:1a:c7:6d:f8:e7:ff:df:cc:8b:62:ad:
86:c4:36:93:4e:3e:de:f0:ce:16:1f:fb:fd:1e:d4:1a:fc:e8:
67:23:a7:29:78:3a:60:b8:25:95:a0:ed:54:2b:3b:8c:d7:51:
cb:f5:5c:4f:6f:06:08:14:fe:99:a6:63:c7:e2:d3:d6:cd:69:
db:a3:0d:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQoBwVP7+nozmimiKj7tuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNjA2MTIxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FlN2VlZTUzMzU5OTljYWZkMmI2ZDA0OGE4ZTdiMjg4N2I5MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCLDIiJNAj8BRXSulCaq8PdveKpG
qXhmfAUtsNPFzLtyOS/LShqDp5NOC7y5NWUtnQTP7P773KAc+KSPIxuhv6oZyEvf
Y4UvjpVA7iqHy/4mQeet7XpwGnA0UOVu6WSoXon2xvJpCgz0WDAOPh/UpB9w0OHP
GAXavUJ1vtR/SVvDarpsZecseD1jJdY/GQxG6AR3mRq/453eC2t6eKWIvVejhF1T
nqKAKVqFi5Mi2pPwehGoEtijGpXW/cxNEWRIgmS2NKBEBZwyvmyUX6I6zp2no62G
yDACqtxqmoKsfVKxf1V8Yw67q/zNcIuyBjeAQr7obFukfomzPI99tJtK4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyufu5TNZmcr9K20Eio57KIe5CxMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWEs1LTdsTTFtWnl2MHJiUVNLam5zb2g3a0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATmzZMA0G
CSqGSIb3DQEBCwUAA4IBAQDUM3KZu9jDkG6UUWQia1sd3I40AqxIwn/6FwqI7JYh
Umlet2pVYispt6CDjqatNJhj6k72IV7vF0otScZy3xT7nug64yyAJwQ9JpkVaF0d
xganNE8I0RDq6GrQQoey15kLP3IqZBY8MLXwPFLhkAFR3hBnlpH0mDkES/FL0c3d
SoVsntuHBeJ4hvsU7aGwgF5N+z3yvyMwu3u8aNZXHk+33KWzSHGqbBWWH2G41vNf
IXXGIm8LAcqBlxYiGsdt+Of/38yLYq2GxDaTTj7e8M4WH/v9HtQa/OhnI6cpeDpg
uCWVoO1UKzuM11HL9VxPbwYIFP6ZpmPH4tPWzWnbow1v
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org