Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xpq_08Sg3Pb0bQe8miWgvqSWKrY.roa
File: xpq_08Sg3Pb0bQe8miWgvqSWKrY.roa (raw, json)
Hash identifier: Ry/Y24kePt08rvueF4sGiWTeVccTVVsgArfVIZshUDE=
Subject key identifier: C6:9A:BF:D3:C4:A0:DC:F6:F4:6D:07:BC:9A:25:A0:BE:A4:96:2A:B6
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018A2C28B3AB2FCD4E581768D59B564EAFA3
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xpq_08Sg3Pb0bQe8miWgvqSWKrY.roa
Signing time: Fri 25 Aug 2023 10:06:19 +0000
ROA not before: Fri 25 Aug 2023 10:06:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42695
IP address blocks: 80.254.229.0/24 maxlen: 24
80.254.230.0/23 maxlen: 23
2a13:5243::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:28:b3:ab:2f:cd:4e:58:17:68:d5:9b:56:4e:af:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Aug 25 10:06:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c69abfd3c4a0dcf6f46d07bc9a25a0bea4962ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:18:21:8f:90:b0:e8:fe:e8:37:25:85:62:de:
db:ff:59:2d:89:ba:3b:a3:c6:8c:52:86:fe:0e:b5:
dd:1f:7e:7f:2c:a9:b6:fc:3b:0e:1c:c7:d0:aa:30:
68:50:bc:52:83:93:ee:9e:23:5c:6f:cc:72:e2:d9:
26:1f:92:e7:66:7b:77:e3:ad:55:b9:e8:49:05:83:
09:93:4e:07:6c:9f:f3:4a:57:38:b9:d4:32:0b:2b:
e2:78:61:be:a9:76:68:70:3d:4c:31:6b:5b:c6:7e:
a5:b1:d4:c3:f2:f1:69:91:45:49:44:8c:a6:05:ed:
b9:5c:51:3e:52:23:6d:cd:3a:74:2a:53:4d:0a:89:
50:af:78:62:58:ee:8e:20:70:75:54:47:e3:34:a5:
63:c8:b1:c8:9b:d8:d9:89:6b:d6:d0:d2:89:68:f4:
0c:0a:1d:be:cf:a1:07:24:5c:ae:6f:d1:8e:f8:af:
f2:df:40:6b:34:73:8f:e5:ef:a6:65:71:41:ed:2a:
fe:27:2b:c7:12:51:2d:8d:aa:1a:05:36:29:86:50:
2f:8c:b7:87:07:82:d6:25:54:52:5c:42:c0:bb:9e:
fe:15:b6:e5:2b:c4:ad:a1:1a:fc:ec:c4:5f:2d:6a:
bd:b4:e6:f3:d3:d5:ff:e0:ac:41:01:07:13:82:af:
6c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9A:BF:D3:C4:A0:DC:F6:F4:6D:07:BC:9A:25:A0:BE:A4:96:2A:B6
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xpq_08Sg3Pb0bQe8miWgvqSWKrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.229.0-80.254.231.255
IPv6:
2a13:5243::/32
Signature Algorithm: sha256WithRSAEncryption
85:1c:14:20:82:89:9d:db:31:47:56:a2:70:fe:b6:5a:c2:fa:
0b:6e:95:b6:07:f1:9d:aa:5c:59:ae:a6:8f:90:3b:0f:bd:07:
81:d7:4b:32:45:18:89:4b:6b:40:10:d9:0d:c6:3f:da:55:c0:
14:ce:d0:b9:69:b9:b4:db:8e:70:48:b9:10:b4:6b:94:e4:66:
03:3c:f0:d3:3c:7b:6c:2e:4e:d5:ea:86:f6:7b:5e:9e:b0:25:
32:1c:9f:3a:b0:1d:5b:db:84:8e:17:33:c6:cc:f7:ba:aa:61:
3d:9f:33:ca:1c:d1:23:29:45:9c:13:a1:e1:82:bf:4d:c1:ba:
d3:63:d2:63:07:dc:06:3c:73:e8:f9:cb:38:32:80:3f:15:9f:
86:92:5f:95:73:c3:c7:29:8c:ec:d4:64:8e:50:52:83:d3:51:
19:2c:35:00:7d:52:50:15:3b:ca:b5:c0:a2:e0:cb:a8:70:80:
4f:63:ce:d6:00:43:87:04:30:84:6e:6d:a6:47:d4:1b:8f:df:
0e:81:08:ba:75:f3:06:a8:0b:c8:be:4e:56:97:ef:76:8a:e1:
58:3f:23:a6:d2:56:76:2c:14:b8:82:6f:ae:8a:e2:23:a9:8e:
48:a6:ef:1a:a9:8c:b6:e8:5e:61:c8:f1:0c:72:3f:6d:cf:fc:
c2:4e:bf:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYosKLOrL81OWBdo1ZtWTq+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjMwODI1MTAwNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlhYmZkM2M0YTBkY2Y2ZjQ2ZDA3YmM5YTI1YTBiZWE0OTYyYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhghj5Cw6P7oNyWFYt7b/1ktibo7
o8aMUob+DrXdH35/LKm2/DsOHMfQqjBoULxSg5PuniNcb8xy4tkmH5LnZnt3461V
uehJBYMJk04HbJ/zSlc4udQyCyvieGG+qXZocD1MMWtbxn6lsdTD8vFpkUVJRIym
Be25XFE+UiNtzTp0KlNNColQr3hiWO6OIHB1VEfjNKVjyLHIm9jZiWvW0NKJaPQM
Ch2+z6EHJFyub9GO+K/y30BrNHOP5e+mZXFB7Sr+JyvHElEtjaoaBTYphlAvjLeH
B4LWJVRSXELAu57+FbblK8StoRr87MRfLWq9tObz09X/4KxBAQcTgq9sjwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMaav9PEoNz29G0HvJoloL6kliq2MB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEveHBxXzA4U2czUGIwYlFlOG1pV2d2cVNXS3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABQ/uUD
BANQ/uAwDQQCAAIwBwMFACoTUkMwDQYJKoZIhvcNAQELBQADggEBAIUcFCCCiZ3b
MUdWonD+tlrC+gtulbYH8Z2qXFmupo+QOw+9B4HXSzJFGIlLa0AQ2Q3GP9pVwBTO
0LlpubTbjnBIuRC0a5TkZgM88NM8e2wuTtXqhvZ7Xp6wJTIcnzqwHVvbhI4XM8bM
97qqYT2fM8oc0SMpRZwToeGCv03ButNj0mMH3AY8c+j5yzgygD8Vn4aSX5Vzw8cp
jOzUZI5QUoPTURksNQB9UlAVO8q1wKLgy6hwgE9jztYAQ4cEMIRubaZH1BuP3w6B
CLp18waoC8i+TlaX73aK4Vg/I6bSVnYsFLiCb66K4iOpjkim7xqpjLboXmHI8Qxy
P23P/MJOv8w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:35 2024 by rpki-client on console-fra.rpki-client.org