Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XnhMKSvHpwvC6Pz61mOTQbR0bTA.roa
File: XnhMKSvHpwvC6Pz61mOTQbR0bTA.roa (raw, json)
Hash identifier: qGbdB6WG+VHYJcvS15qqzfhMUb0jlaCFksasVY8D0A0=
Subject key identifier: 5E:78:4C:29:2B:C7:A7:0B:C2:E8:FC:FA:D6:63:93:41:B4:74:6D:30
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01915F5AF719DBEB8CDBDBF1C49CF7EBFE13
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XnhMKSvHpwvC6Pz61mOTQbR0bTA.roa
Signing time: Sat 17 Aug 2024 08:01:22 +0000
ROA not before: Sat 17 Aug 2024 08:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a14:1100::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Aug 2024 06:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5f:5a:f7:19:db:eb:8c:db:db:f1:c4:9c:f7:eb:fe:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Aug 17 08:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e784c292bc7a70bc2e8fcfad6639341b4746d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:27:01:44:0c:2f:8d:86:16:d1:6d:50:e9:
a1:cb:b3:b2:d8:68:25:2b:d9:b0:c7:3e:0d:2f:c4:
cd:05:7e:ee:f7:b6:98:3f:b6:57:74:ce:b1:d0:d7:
e0:ce:e8:2b:a9:4c:5a:bc:db:aa:a1:0a:23:cd:cd:
a4:f8:0c:1a:d1:b1:93:d5:aa:fd:3d:de:01:54:89:
2d:aa:68:4c:5a:bc:9a:e4:24:c3:3b:26:0b:ac:3c:
40:bb:4b:a4:35:2a:61:c6:a5:6a:e9:9a:18:79:ef:
a0:74:00:3d:99:95:e4:11:69:fd:36:4e:63:78:93:
96:dc:60:43:bb:42:95:f1:b4:b2:a0:80:c8:ad:55:
b2:38:0b:3f:b8:ed:ec:c2:80:90:bc:c7:03:80:39:
60:7a:09:2a:32:54:9a:d6:6f:93:f2:f8:eb:e7:50:
11:12:eb:18:ae:9b:91:d9:99:48:09:91:fd:07:94:
33:d6:47:07:e9:37:49:81:5f:3c:f3:64:d2:c5:57:
c7:6f:e2:00:ac:ac:ff:6a:6c:38:25:76:ef:12:54:
86:d1:41:76:be:ec:96:46:d0:4f:ac:ac:5d:d0:56:
47:b6:a2:88:d6:e8:c3:3a:85:1a:ea:8a:34:25:18:
35:55:18:27:17:a5:a9:20:16:ca:dc:97:99:8a:e0:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:78:4C:29:2B:C7:A7:0B:C2:E8:FC:FA:D6:63:93:41:B4:74:6D:30
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XnhMKSvHpwvC6Pz61mOTQbR0bTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1100::/29
Signature Algorithm: sha256WithRSAEncryption
91:95:64:e8:22:21:87:6f:cd:4e:24:db:6d:c5:fa:49:43:5c:
c5:af:97:f2:a0:d6:e9:76:72:79:33:6f:7e:9c:d5:8e:88:5e:
87:d8:48:e2:49:36:57:cf:7b:2a:27:8b:58:f2:cf:52:d9:0b:
3e:b7:17:5b:52:b0:05:26:5d:7c:32:3c:1f:ce:73:ae:40:7c:
95:9d:51:77:b3:23:18:34:5f:21:01:0c:cd:8b:c1:63:da:ec:
b8:a1:3d:85:f3:12:f6:78:0a:b9:55:48:ea:61:d1:58:40:cc:
ab:e1:57:38:d1:60:14:54:03:f7:c4:21:e3:9f:14:b2:9b:af:
cf:86:54:88:2e:52:c8:a9:29:95:1b:88:2c:c0:ea:52:92:7c:
3a:28:d8:93:8f:3b:a2:aa:72:06:54:21:09:79:70:a1:28:33:
76:ac:93:f6:4e:2e:9e:84:69:5b:e7:14:1a:9a:b1:f6:d7:4d:
68:27:84:04:62:17:e1:d4:7f:05:9b:55:7b:cb:06:65:45:59:
e7:ca:5f:94:20:06:29:5b:ec:4e:17:fa:b0:da:e2:7d:72:04:
fb:97:60:f0:f6:2e:42:d9:1a:2c:df:76:fa:d3:8b:9e:64:3d:
13:2b:fb:3e:0a:54:fc:cd:9e:01:70:59:51:96:ad:c2:57:3c:
8d:b2:bb:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFfWvcZ2+uM29vxxJz36/4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwODE3MDgwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc4NGMyOTJiYzdhNzBiYzJlOGZjZmFkNjYzOTM0MWI0NzQ2ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPsnAUQML42GFtFtUOmhy7Oy2Ggl
K9mwxz4NL8TNBX7u97aYP7ZXdM6x0NfgzugrqUxavNuqoQojzc2k+Awa0bGT1ar9
Pd4BVIktqmhMWrya5CTDOyYLrDxAu0ukNSphxqVq6ZoYee+gdAA9mZXkEWn9Nk5j
eJOW3GBDu0KV8bSyoIDIrVWyOAs/uO3swoCQvMcDgDlgegkqMlSa1m+T8vjr51AR
EusYrpuR2ZlICZH9B5Qz1kcH6TdJgV8882TSxVfHb+IArKz/amw4JXbvElSG0UF2
vuyWRtBPrKxd0FZHtqKI1ujDOoUa6oo0JRg1VRgnF6WpIBbK3JeZiuDpAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF54TCkrx6cLwuj8+tZjk0G0dG0wMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWG5oTUtTdkhwd3ZDNlB6NjFtT1RRYlIwYlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQRADAN
BgkqhkiG9w0BAQsFAAOCAQEAkZVk6CIhh2/NTiTbbcX6SUNcxa+X8qDW6XZyeTNv
fpzVjoheh9hI4kk2V897KieLWPLPUtkLPrcXW1KwBSZdfDI8H85zrkB8lZ1Rd7Mj
GDRfIQEMzYvBY9rsuKE9hfMS9ngKuVVI6mHRWEDMq+FXONFgFFQD98Qh458Uspuv
z4ZUiC5SyKkplRuILMDqUpJ8OijYk487oqpyBlQhCXlwoSgzdqyT9k4unoRpW+cU
Gpqx9tdNaCeEBGIX4dR/BZtVe8sGZUVZ58pflCAGKVvsThf6sNrifXIE+5dg8PYu
QtkaLN92+tOLnmQ9Eyv7PgpU/M2eAXBZUZatwlc8jbK7Kg==
-----END CERTIFICATE-----
Generated at Sat Aug 24 08:01:11 2024 by rpki-client on console-fra.rpki-client.org