Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/xk8QWVajN1053YPLa3tYZg-ZqIM.roa
File: xk8QWVajN1053YPLa3tYZg-ZqIM.roa (raw, json)
Hash identifier: oPnQ4kPNqvtx+dWDngwjkFiHJSnn0bb8v4UMuhzEIR0=
Subject key identifier: C6:4F:10:59:56:A3:37:5D:39:DD:83:CB:6B:7B:58:66:0F:99:A8:83
Certificate issuer: /CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Certificate serial: 01856ED4A81C00EC6883AA2612D660581830
Authority key identifier: 39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/xk8QWVajN1053YPLa3tYZg-ZqIM.roa
Signing time: Sun 01 Jan 2023 19:35:08 +0000
ROA not before: Sun 01 Jan 2023 19:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 217.12.202.0/23 maxlen: 23
2a02:27aa::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a8:1c:00:ec:68:83:aa:26:12:d6:60:58:18:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Validity
Not Before: Jan 1 19:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64f105956a3375d39dd83cb6b7b58660f99a883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:d3:b1:fb:78:fb:08:9b:38:fa:1a:48:ea:
c4:09:3d:cf:ce:74:e4:cc:1a:ce:f5:5a:f0:e2:82:
66:d3:6a:cc:e2:66:dd:15:ca:56:d9:71:a2:37:c5:
b6:09:ed:1b:a6:ae:1f:26:43:c6:70:2f:39:fe:c2:
93:c7:72:8e:25:2d:b6:77:9d:97:fb:11:81:19:6b:
84:63:b4:2b:76:9c:f0:26:32:2c:9d:ef:c3:4b:ef:
86:82:3c:19:91:91:2a:8f:a9:90:c7:ac:db:1a:52:
9f:4a:a6:e1:e8:b4:bc:c2:6d:26:36:6d:38:35:39:
d5:81:c1:dc:1b:79:35:14:94:29:ef:9f:30:0d:2a:
06:b1:5a:12:45:11:22:31:3e:88:7e:95:da:0b:74:
3c:95:16:2d:7a:4d:01:7e:8b:c3:16:aa:d1:3c:5c:
a9:75:9d:b6:95:f8:fd:a4:db:09:fe:54:ac:1e:26:
cb:5f:b8:c5:fa:a2:89:19:e4:8e:60:f1:10:12:35:
a6:4c:8f:62:01:f6:f8:12:64:f4:49:c7:93:c0:9c:
c9:fc:e5:c7:51:65:47:d3:95:97:4a:40:5b:29:32:
15:1b:49:b3:7d:cc:6a:1f:46:80:ac:c2:44:53:55:
5f:98:7f:ff:fe:f7:a0:3d:d4:f8:1a:3f:d1:f9:ac:
9b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4F:10:59:56:A3:37:5D:39:DD:83:CB:6B:7B:58:66:0F:99:A8:83
X509v3 Authority Key Identifier:
keyid:39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/xk8QWVajN1053YPLa3tYZg-ZqIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/OVAwNhWspuX29bVpHHwsjcpfI00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.202.0/23
IPv6:
2a02:27aa::/32
Signature Algorithm: sha256WithRSAEncryption
8f:62:7a:7d:3e:08:30:9f:9f:e8:df:a5:ed:27:11:57:7a:60:
18:a8:d0:ca:7a:22:2f:67:54:7d:7d:23:3e:70:03:1a:77:c6:
24:99:3c:98:fd:44:08:54:7e:14:c9:6f:47:95:0a:b3:57:84:
0c:98:a9:c7:74:ae:7c:77:c2:c9:f5:a0:2f:84:04:12:18:e3:
b3:ec:e8:15:ed:39:48:1d:20:b5:45:ec:7a:e7:c8:04:41:66:
f4:7d:a1:36:96:9c:07:71:3c:de:f0:c9:0b:8e:a6:1f:ff:cb:
23:06:65:a9:95:4d:fb:d4:4b:0a:9d:ab:c2:d9:7e:03:f4:5d:
28:93:04:ae:6b:a7:98:81:9c:33:95:48:5b:5c:52:f7:30:68:
de:89:1b:61:e3:b4:ae:8b:93:fc:72:6b:16:0c:d7:9f:c8:af:
cf:2f:ce:75:33:0c:f3:be:2c:77:99:f4:78:06:44:4a:a8:06:
f9:9a:05:42:19:0a:f2:ac:cd:88:92:7d:92:e0:18:8f:45:c7:
58:06:dc:c0:91:16:48:d5:0f:23:1e:30:36:bc:ae:a6:9e:a0:
39:62:01:80:2c:7d:15:31:1e:61:c6:66:8a:5e:49:ce:5f:8e:
1e:0e:6e:ea:58:69:bf:03:82:4d:3a:48:2c:4d:fe:70:77:d0:
e6:40:69:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1KgcAOxog6omEtZgWBgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTAzMDM2MTVhY2E2ZTVmNmY1YjU2OTFjN2MyYzhkY2E1
ZjIzNGQwHhcNMjMwMTAxMTkzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRmMTA1OTU2YTMzNzVkMzlkZDgzY2I2YjdiNTg2NjBmOTlhODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOnTsft4+wibOPoaSOrECT3PznTk
zBrO9Vrw4oJm02rM4mbdFcpW2XGiN8W2Ce0bpq4fJkPGcC85/sKTx3KOJS22d52X
+xGBGWuEY7QrdpzwJjIsne/DS++GgjwZkZEqj6mQx6zbGlKfSqbh6LS8wm0mNm04
NTnVgcHcG3k1FJQp758wDSoGsVoSRREiMT6IfpXaC3Q8lRYtek0BfovDFqrRPFyp
dZ22lfj9pNsJ/lSsHibLX7jF+qKJGeSOYPEQEjWmTI9iAfb4EmT0SceTwJzJ/OXH
UWVH05WXSkBbKTIVG0mzfcxqH0aArMJEU1VfmH///vegPdT4Gj/R+aybJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMZPEFlWozddOd2Dy2t7WGYPmaiDMB8GA1UdIwQY
MBaAFDlQMDYVrKbl9vW1aRx8LI3KXyNNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMt
NmM4ZmQwYmM1YjAwLzEveGs4UVdWYWpOMTA1M1lQTGEzdFlaZy1acUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMtNmM4ZmQwYmM1YjAw
LzEvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB2QzKMA0E
AgACMAcDBQAqAieqMA0GCSqGSIb3DQEBCwUAA4IBAQCPYnp9Pggwn5/o36XtJxFX
emAYqNDKeiIvZ1R9fSM+cAMad8YkmTyY/UQIVH4UyW9HlQqzV4QMmKnHdK58d8LJ
9aAvhAQSGOOz7OgV7TlIHSC1Rex658gEQWb0faE2lpwHcTze8MkLjqYf/8sjBmWp
lU371EsKnavC2X4D9F0okwSua6eYgZwzlUhbXFL3MGjeiRth47Sui5P8cmsWDNef
yK/PL851Mwzzvix3mfR4BkRKqAb5mgVCGQryrM2Ikn2S4BiPRcdYBtzAkRZI1Q8j
HjA2vK6mnqA5YgGALH0VMR5hxmaKXknOX44eDm7qWGm/A4JNOkgsTf5wd9DmQGmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:46 2024 by rpki-client on console-ams.rpki-client.org