Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/XwHvDBhXOnEjYfOt_XcvnBrKwF8.roa
File: XwHvDBhXOnEjYfOt_XcvnBrKwF8.roa (raw, json)
Hash identifier: XvIUXGaPPKqwzi9/ZNypJSUV/J2wBmjaGiKkLAUCsy0=
Subject key identifier: 5F:01:EF:0C:18:57:3A:71:23:61:F3:AD:FD:77:2F:9C:1A:CA:C0:5F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01896471BF1ADBCFD3F6F139A42D9DA3123D
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/XwHvDBhXOnEjYfOt_XcvnBrKwF8.roa
Signing time: Mon 17 Jul 2023 15:22:03 +0000
ROA not before: Mon 17 Jul 2023 15:22:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209025
IP address blocks: 2a0a:280:2b00::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 27 Jul 2023 11:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:71:bf:1a:db:cf:d3:f6:f1:39:a4:2d:9d:a3:12:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jul 17 15:22:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f01ef0c18573a712361f3adfd772f9c1acac05f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:54:30:ca:c4:c8:65:6a:03:0a:76:d0:fb:
61:7c:32:32:d6:42:4a:ed:38:e9:50:6f:05:5e:5d:
1f:e0:17:65:3e:07:e9:53:f6:a9:58:94:b3:62:d7:
ea:28:74:4e:7b:07:da:20:b6:d9:27:a9:9f:15:29:
d8:a5:4b:66:53:8e:38:68:92:90:76:70:5d:cf:97:
b1:b3:91:77:3c:53:2d:8b:1c:f1:d1:f1:88:03:18:
39:ba:9f:06:58:59:73:1b:8c:bc:ad:a5:21:c6:f7:
14:04:59:02:62:be:04:5a:69:e8:b5:ed:30:47:36:
40:20:ea:cf:8b:3b:05:8f:db:3b:2c:9a:b5:28:11:
cd:33:1e:3c:9d:42:6c:85:f0:ac:61:cb:d3:ad:45:
11:76:21:c7:b2:95:24:97:3c:1c:af:0e:a8:d2:28:
62:4f:13:28:e1:67:e0:76:c6:b1:3f:ec:eb:d0:e1:
8a:44:71:b8:11:42:a0:75:73:91:d0:8c:d0:08:b2:
cd:2a:c9:92:95:c0:77:75:e2:b6:fc:1a:03:53:20:
4a:19:e4:6d:37:3b:4c:59:b4:30:67:35:34:48:c5:
f1:0f:af:6c:4e:19:70:5b:e4:e9:a2:ac:a5:eb:6b:
e2:94:9c:23:fa:6f:57:3b:63:58:26:ad:1c:35:76:
e3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:01:EF:0C:18:57:3A:71:23:61:F3:AD:FD:77:2F:9C:1A:CA:C0:5F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/XwHvDBhXOnEjYfOt_XcvnBrKwF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2b00::/40
Signature Algorithm: sha256WithRSAEncryption
01:82:65:e1:4f:71:b2:02:e0:0c:71:5b:55:14:b4:76:6f:90:
99:1c:21:43:8e:17:f7:b6:42:a3:8c:62:1c:b0:77:05:79:32:
c5:99:3d:85:81:44:16:6d:f9:4b:3d:5b:e4:02:8b:27:be:62:
71:57:bd:a4:9a:ed:c8:b3:46:1f:72:19:bd:46:73:d1:b7:47:
0e:50:4f:13:ec:cb:65:3a:5b:8b:22:fe:f1:18:a2:cb:70:89:
1b:c5:f5:0e:71:2d:cf:9e:34:90:86:27:33:cb:73:d2:7b:62:
4f:5f:ff:da:60:8a:05:89:0d:1b:4c:82:d9:b6:af:d6:65:11:
b9:66:45:8f:59:c6:09:72:21:ff:15:29:49:5c:1a:fc:88:f3:
db:73:00:04:65:de:22:11:7b:10:e7:a2:34:90:65:d5:98:4a:
dd:56:07:22:71:ea:b0:56:1e:9e:d7:f1:a8:89:dd:f1:d9:2d:
40:90:17:d1:5d:7a:70:06:aa:37:6a:1c:73:fa:3c:8f:51:77:
39:db:bd:7e:6c:58:27:fa:55:28:01:52:83:26:e1:22:6a:bf:
bf:60:1d:d9:d2:40:3d:3c:35:c1:ad:c0:b1:e3:6a:bf:af:d0:
15:5f:bb:e3:fa:72:39:ba:bb:85:f2:24:9a:79:88:d7:85:32:
17:4b:44:59
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYlkcb8a28/T9vE5pC2doxI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwNzE3MTUyMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAxZWYwYzE4NTczYTcxMjM2MWYzYWRmZDc3MmY5YzFhY2FjMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJVUMMrEyGVqAwp20PthfDIy1kJK
7TjpUG8FXl0f4BdlPgfpU/apWJSzYtfqKHROewfaILbZJ6mfFSnYpUtmU444aJKQ
dnBdz5exs5F3PFMtixzx0fGIAxg5up8GWFlzG4y8raUhxvcUBFkCYr4EWmnote0w
RzZAIOrPizsFj9s7LJq1KBHNMx48nUJshfCsYcvTrUURdiHHspUklzwcrw6o0ihi
TxMo4WfgdsaxP+zr0OGKRHG4EUKgdXOR0IzQCLLNKsmSlcB3deK2/BoDUyBKGeRt
NztMWbQwZzU0SMXxD69sThlwW+Tpoqyl62vilJwj+m9XO2NYJq0cNXbjmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF8B7wwYVzpxI2Hzrf13L5waysBfMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvWHdIdkRCaFhPbkVqWWZPdF9YY3ZuQnJLd0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCsw
DQYJKoZIhvcNAQELBQADggEBAAGCZeFPcbIC4AxxW1UUtHZvkJkcIUOOF/e2QqOM
YhywdwV5MsWZPYWBRBZt+Us9W+QCiye+YnFXvaSa7cizRh9yGb1Gc9G3Rw5QTxPs
y2U6W4si/vEYostwiRvF9Q5xLc+eNJCGJzPLc9J7Yk9f/9pgigWJDRtMgtm2r9Zl
EblmRY9ZxglyIf8VKUlcGvyI89tzAARl3iIRexDnojSQZdWYSt1WByJx6rBWHp7X
8aiJ3fHZLUCQF9FdenAGqjdqHHP6PI9RdznbvX5sWCf6VSgBUoMm4SJqv79gHdnS
QD08NcGtwLHjar+v0BVfu+P6cjm6u4XyJJp5iNeFMhdLRFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org