Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/XnC4CrvSs19e9WAccrsIPSgzaCQ.roa
File: XnC4CrvSs19e9WAccrsIPSgzaCQ.roa (raw, json)
Hash identifier: 8MHR5g56Y5K1udWKVAQM/Y/32PnrySu//xvSx/ZDoxM=
Subject key identifier: 5E:70:B8:0A:BB:D2:B3:5F:5E:F5:60:1C:72:BB:08:3D:28:33:68:24
Certificate issuer: /CN=0d23064e3c27ec92b7eab667649d204e5673838e
Certificate serial: 01856FA6E389EF9C5661F96FF43C1276E2D5
Authority key identifier: 0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/XnC4CrvSs19e9WAccrsIPSgzaCQ.roa
Signing time: Sun 01 Jan 2023 23:24:46 +0000
ROA not before: Sun 01 Jan 2023 23:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20811
IP address blocks: 147.189.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e3:89:ef:9c:56:61:f9:6f:f4:3c:12:76:e2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d23064e3c27ec92b7eab667649d204e5673838e
Validity
Not Before: Jan 1 23:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e70b80abbd2b35f5ef5601c72bb083d28336824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e6:df:f7:a6:a5:c8:52:15:3c:c0:22:6f:0d:
57:f5:8d:db:9f:a5:42:58:79:17:58:96:7d:b8:74:
fb:a5:33:36:3d:c2:a0:5d:48:4c:1c:ba:27:fb:02:
a4:9a:66:54:df:94:19:98:d5:9a:69:b2:03:f2:62:
9a:ab:07:b5:6b:7e:d2:d1:6a:47:d8:27:06:b3:dd:
51:29:9f:f1:09:7e:2d:44:96:dc:c0:81:bb:c6:c1:
be:86:1e:43:fe:39:e4:ad:b8:bf:03:1a:18:2a:e6:
25:47:d1:eb:1d:61:9e:7d:f2:a8:ef:53:a7:92:b9:
b1:d5:87:4a:d1:99:7a:c6:80:81:a6:8b:87:3e:0a:
39:2a:3d:c5:0f:51:36:14:f0:a9:63:bd:4e:9a:c0:
ae:aa:57:f1:84:58:47:87:31:e3:42:47:d0:44:90:
61:1a:bc:93:16:e5:5f:aa:5a:f2:3b:4d:0b:aa:11:
c0:df:d5:2a:22:e6:59:b5:84:1b:0a:9d:0c:0d:82:
7d:bb:7d:49:73:fb:4e:f9:7b:83:51:82:42:77:ff:
22:85:6f:4b:07:5d:17:ba:64:62:a4:92:0e:8b:63:
ea:a1:d1:59:39:43:72:18:73:86:b5:d6:a8:9e:ac:
02:c6:89:61:99:2e:c0:5c:60:87:2d:ac:7a:20:af:
a0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:70:B8:0A:BB:D2:B3:5F:5E:F5:60:1C:72:BB:08:3D:28:33:68:24
X509v3 Authority Key Identifier:
keyid:0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/XnC4CrvSs19e9WAccrsIPSgzaCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.208.0/22
Signature Algorithm: sha256WithRSAEncryption
41:f4:6f:ac:56:43:6f:d1:a2:75:61:a4:11:e9:56:cb:92:0e:
e9:64:54:30:43:e3:4b:8b:be:00:d2:6b:ed:eb:92:9b:be:d7:
88:d0:12:e2:6b:65:b1:64:44:0e:21:ce:a5:9f:dc:c5:01:da:
62:84:66:9c:11:ab:91:44:d6:ae:df:71:9f:a1:c1:7e:d5:2f:
76:7d:23:6d:e7:28:ee:33:2f:e6:d3:e6:fe:13:a7:7f:9f:ca:
8d:a7:9e:fa:8d:04:8d:5d:a7:71:fe:19:e8:97:87:d3:f0:69:
d3:00:34:75:05:25:90:f7:c8:70:b9:c4:bd:1f:1a:5b:ac:b1:
f5:69:06:9d:77:90:6a:8f:8d:96:99:92:e4:c8:51:9d:aa:7d:
1e:bb:a0:4d:ac:c2:4d:18:77:6f:a6:7e:f5:98:ec:16:1e:1b:
18:1f:38:eb:29:e2:f7:dc:56:cc:77:a8:65:00:8c:74:a8:39:
c6:19:7e:f1:50:4d:85:d3:a5:d3:45:a7:a4:ba:40:de:d2:13:
99:72:1d:f4:8c:9d:c3:7b:95:64:b7:fe:63:fb:07:2c:97:36:
c6:a0:84:e3:2d:65:36:10:5d:2d:5d:0e:ba:1c:37:9b:5b:8e:
14:d1:93:a0:8f:82:94:24:0f:c7:e8:56:02:bb:52:1a:c5:29:
42:de:91:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpuOJ75xWYflv9DwSduLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjMwNjRlM2MyN2VjOTJiN2VhYjY2NzY0OWQyMDRlNTY3
MzgzOGUwHhcNMjMwMTAxMjMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcwYjgwYWJiZDJiMzVmNWVmNTYwMWM3MmJiMDgzZDI4MzM2ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+bf96alyFIVPMAibw1X9Y3bn6VC
WHkXWJZ9uHT7pTM2PcKgXUhMHLon+wKkmmZU35QZmNWaabID8mKaqwe1a37S0WpH
2CcGs91RKZ/xCX4tRJbcwIG7xsG+hh5D/jnkrbi/AxoYKuYlR9HrHWGeffKo71On
krmx1YdK0Zl6xoCBpouHPgo5Kj3FD1E2FPCpY71OmsCuqlfxhFhHhzHjQkfQRJBh
GryTFuVfqlryO00LqhHA39UqIuZZtYQbCp0MDYJ9u31Jc/tO+XuDUYJCd/8ihW9L
B10XumRipJIOi2PqodFZOUNyGHOGtdaonqwCxolhmS7AXGCHLax6IK+gMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5wuAq70rNfXvVgHHK7CD0oM2gkMB8GA1UdIwQY
MBaAFA0jBk48J+ySt+q2Z2SdIE5Wc4OOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMt
NWNlZjA0Yjc5NzM3LzEvWG5DNENydlNzMTllOVdBY2Nyc0lQU2d6YUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMtNWNlZjA0Yjc5NzM3
LzEvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk73QMA0G
CSqGSIb3DQEBCwUAA4IBAQBB9G+sVkNv0aJ1YaQR6VbLkg7pZFQwQ+NLi74A0mvt
65KbvteI0BLia2WxZEQOIc6ln9zFAdpihGacEauRRNau33GfocF+1S92fSNt5yju
My/m0+b+E6d/n8qNp576jQSNXadx/hnol4fT8GnTADR1BSWQ98hwucS9HxpbrLH1
aQadd5Bqj42WmZLkyFGdqn0eu6BNrMJNGHdvpn71mOwWHhsYHzjrKeL33FbMd6hl
AIx0qDnGGX7xUE2F06XTRaekukDe0hOZch30jJ3De5Vkt/5j+wcslzbGoITjLWU2
EF0tXQ66HDebW44U0ZOgj4KUJA/H6FYCu1IaxSlC3pGP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org