Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/XyO3w3GENt2gjGPuGjyP7gW5fH4.roa
File: XyO3w3GENt2gjGPuGjyP7gW5fH4.roa (raw, json)
Hash identifier: lvEwGYio1bWEwsacp0z7DOD9425hPeOBoPlsRNqdGs8=
Subject key identifier: 5F:23:B7:C3:71:84:36:DD:A0:8C:63:EE:1A:3C:8F:EE:05:B9:7C:7E
Certificate issuer: /CN=bc3a4697447d190308644a58bceaa124c074b7e1
Certificate serial: 01856F1DAC7E36B5534EEE14E2237860273C
Authority key identifier: BC:3A:46:97:44:7D:19:03:08:64:4A:58:BC:EA:A1:24:C0:74:B7:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDpGl0R9GQMIZEpYvOqhJMB0t-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/XyO3w3GENt2gjGPuGjyP7gW5fH4.roa
Signing time: Sun 01 Jan 2023 20:54:53 +0000
ROA not before: Sun 01 Jan 2023 20:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209766
IP address blocks: 192.145.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ac:7e:36:b5:53:4e:ee:14:e2:23:78:60:27:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc3a4697447d190308644a58bceaa124c074b7e1
Validity
Not Before: Jan 1 20:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f23b7c3718436dda08c63ee1a3c8fee05b97c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ef:54:85:bd:76:e4:21:8c:72:bf:6d:28:cb:
e9:ed:6d:cd:7b:bd:a6:01:62:0b:08:6b:d9:45:0d:
4b:75:7f:d4:d3:67:de:45:5d:2f:20:1e:e8:b9:b5:
ee:7c:42:1a:35:60:ad:03:48:d1:80:5d:74:53:e0:
c8:44:13:0e:0b:55:79:35:50:45:01:9f:46:81:e1:
0e:ae:d4:3a:f3:5e:bf:ce:3a:86:94:57:db:41:f7:
32:54:2a:dd:68:6e:de:a8:8d:c9:0e:76:86:f6:9e:
3b:f4:81:ca:53:8f:05:ef:41:0a:07:e7:1e:cd:52:
8d:bc:68:62:e8:49:d7:bd:17:94:93:2f:1f:25:5a:
ca:ec:23:d4:5f:a8:f2:ad:3e:37:f0:84:2c:5b:ee:
ba:22:0c:2b:31:44:e8:38:ed:71:a9:5a:02:a1:a4:
34:5b:57:6a:10:27:55:bb:27:61:da:2d:bf:b6:63:
b8:df:a1:22:9c:a4:b6:38:c7:e5:2d:c9:83:4a:b6:
4f:a1:57:82:e6:22:4c:5e:d3:60:18:38:42:3b:41:
be:31:eb:19:0d:07:92:b6:b0:bf:b7:6e:ac:04:0e:
e6:a9:df:2b:43:ad:26:4b:42:30:2a:34:70:ce:5d:
a8:ea:22:00:18:47:8e:92:8a:f0:40:6b:4d:b5:ab:
3c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:23:B7:C3:71:84:36:DD:A0:8C:63:EE:1A:3C:8F:EE:05:B9:7C:7E
X509v3 Authority Key Identifier:
keyid:BC:3A:46:97:44:7D:19:03:08:64:4A:58:BC:EA:A1:24:C0:74:B7:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDpGl0R9GQMIZEpYvOqhJMB0t-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/XyO3w3GENt2gjGPuGjyP7gW5fH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/vDpGl0R9GQMIZEpYvOqhJMB0t-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.4.0/22
Signature Algorithm: sha256WithRSAEncryption
47:3d:f2:21:28:7b:f5:99:d9:dd:81:fa:4a:c8:ca:d0:60:fb:
45:92:1e:9a:5f:65:a3:af:cc:c6:a3:bf:99:04:55:f1:ab:17:
bb:94:07:58:11:36:a3:e2:c4:01:c0:a0:c9:8d:e1:3c:cb:40:
cf:07:b9:b6:07:85:31:c9:ca:5c:94:3b:3e:b1:34:a1:58:38:
1c:d8:71:8b:c9:8d:d0:f9:63:79:3a:9a:30:ab:b1:5b:70:8d:
4c:df:8e:4b:bc:39:b8:32:e4:3d:c7:56:1e:b2:3d:17:27:78:
61:e3:6a:6b:61:43:55:02:85:55:7f:44:c0:30:c3:8b:3c:fc:
f2:b0:d2:05:5e:a1:af:14:9b:0c:e0:ec:67:95:74:c5:13:49:
34:63:5f:3f:bc:36:42:02:59:4d:66:4c:73:a6:00:06:c9:85:
84:75:73:9e:27:a9:59:77:77:b5:75:ae:fc:40:be:bf:78:57:
f2:79:5d:29:c0:ac:9e:86:9d:d3:3e:b0:40:05:5d:0e:7a:7c:
6c:27:11:ba:88:08:46:c9:25:85:fd:4d:ce:bd:dc:1c:f6:19:
00:bf:72:59:ab:b4:1b:82:36:a4:d7:4d:67:dd:9e:e4:3f:f9:
44:92:49:f2:91:8f:40:22:9a:87:28:1b:4e:5b:45:2e:5b:aa:
e5:dc:22:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHax+NrVTTu4U4iN4YCc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjM2E0Njk3NDQ3ZDE5MDMwODY0NGE1OGJjZWFhMTI0YzA3
NGI3ZTEwHhcNMjMwMTAxMjA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIzYjdjMzcxODQzNmRkYTA4YzYzZWUxYTNjOGZlZTA1Yjk3YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme9Uhb125CGMcr9tKMvp7W3Ne72m
AWILCGvZRQ1LdX/U02feRV0vIB7oubXufEIaNWCtA0jRgF10U+DIRBMOC1V5NVBF
AZ9GgeEOrtQ6816/zjqGlFfbQfcyVCrdaG7eqI3JDnaG9p479IHKU48F70EKB+ce
zVKNvGhi6EnXvReUky8fJVrK7CPUX6jyrT438IQsW+66IgwrMUToOO1xqVoCoaQ0
W1dqECdVuydh2i2/tmO436EinKS2OMflLcmDSrZPoVeC5iJMXtNgGDhCO0G+MesZ
DQeStrC/t26sBA7mqd8rQ60mS0IwKjRwzl2o6iIAGEeOkorwQGtNtas8gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8jt8NxhDbdoIxj7ho8j+4FuXx+MB8GA1UdIwQY
MBaAFLw6RpdEfRkDCGRKWLzqoSTAdLfhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRwR2wwUjlHUU1JWkVwWXZPcWhKTUIwdC1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81YWE2MTktZGNjYS00OWQ1LTkwMWYt
YTVhYjdiNjQxNTVmLzEvWHlPM3czR0VOdDJnakdQdUdqeVA3Z1c1Zkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81YWE2MTktZGNjYS00OWQ1LTkwMWYtYTVhYjdiNjQxNTVm
LzEvdkRwR2wwUjlHUU1JWkVwWXZPcWhKTUIwdC1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJEEMA0G
CSqGSIb3DQEBCwUAA4IBAQBHPfIhKHv1mdndgfpKyMrQYPtFkh6aX2Wjr8zGo7+Z
BFXxqxe7lAdYETaj4sQBwKDJjeE8y0DPB7m2B4UxycpclDs+sTShWDgc2HGLyY3Q
+WN5Opowq7FbcI1M345LvDm4MuQ9x1Yesj0XJ3hh42prYUNVAoVVf0TAMMOLPPzy
sNIFXqGvFJsM4OxnlXTFE0k0Y18/vDZCAllNZkxzpgAGyYWEdXOeJ6lZd3e1da78
QL6/eFfyeV0pwKyehp3TPrBABV0OenxsJxG6iAhGySWF/U3Ovdwc9hkAv3JZq7Qb
gjak101n3Z7kP/lEkknykY9AIpqHKBtOW0UuW6rl3CLu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:47 2024 by rpki-client on console-ams.rpki-client.org