Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/XhqE4ZTbOY4rOUC5qa0nmXdBFDc.roa
File: XhqE4ZTbOY4rOUC5qa0nmXdBFDc.roa (raw, json)
Hash identifier: fvViFhfNIOjBHYEOlv4Sj9xVDHYcY8JxTyWMuEsda/8=
Subject key identifier: 5E:1A:84:E1:94:DB:39:8E:2B:39:40:B9:A9:AD:27:99:77:41:14:37
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42DC481CBFC7CBD148992C72FC67D9
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/XhqE4ZTbOY4rOUC5qa0nmXdBFDc.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51235
IP address blocks: 92.242.208.0/24 maxlen: 24
5.160.180.0/22 maxlen: 22
5.160.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:dc:48:1c:bf:c7:cb:d1:48:99:2c:72:fc:67:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e1a84e194db398e2b3940b9a9ad279977411437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:77:f6:ef:ac:ee:a1:8d:12:e6:e7:af:62:f1:
ca:b0:e4:3f:61:2f:55:37:14:f8:e8:7b:1c:8c:47:
79:4e:d3:0e:73:25:4e:d2:51:c3:e8:e9:37:ee:16:
6e:fa:d6:2a:5f:a4:d3:57:67:9b:fd:9c:8c:c4:1e:
57:d5:ca:84:45:71:ea:ec:43:53:cc:1f:c7:f4:5a:
fd:97:95:82:f8:5f:c6:9e:4b:39:21:cb:b8:59:5a:
a3:3d:77:01:b3:c5:7f:92:42:1e:ab:88:c8:bb:1f:
07:8f:63:92:d8:08:4e:bb:76:65:81:7d:55:e7:8a:
f9:e6:95:ae:e1:3b:65:c7:34:ee:b4:fc:ac:57:1c:
b1:50:c1:2e:57:b1:71:c5:06:7a:b7:f7:14:98:7f:
4e:d8:a3:5c:7a:93:81:54:74:80:04:62:20:a8:62:
d5:a2:8b:f3:b3:04:c4:5b:da:22:9c:76:1f:ad:80:
9a:cc:3c:f0:7e:01:88:2a:b6:6a:9c:73:14:47:f0:
ad:86:a4:2d:5f:c8:d9:5a:bd:13:44:7c:3a:62:5b:
72:95:09:bb:e7:79:1a:88:29:40:44:34:4b:20:c3:
88:f1:8b:b3:68:5a:4a:e6:b3:00:aa:f6:70:0d:32:
3c:c7:b3:16:e9:74:40:1e:3e:30:4b:9a:bf:3d:69:
17:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1A:84:E1:94:DB:39:8E:2B:39:40:B9:A9:AD:27:99:77:41:14:37
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/XhqE4ZTbOY4rOUC5qa0nmXdBFDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.128.0/24
5.160.180.0/22
92.242.208.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:82:28:6f:d3:ce:02:63:13:f9:6f:78:1a:d6:ea:7e:9a:95:
63:bd:e8:9a:54:15:15:b9:46:a3:f6:9e:eb:73:0e:96:e0:a9:
32:0d:21:72:12:df:ef:f3:56:be:92:6d:9c:8d:a8:1b:58:1c:
ec:78:ba:19:da:cb:a5:2d:7e:97:de:77:83:3a:b8:32:e2:2d:
6c:aa:fd:4b:c7:6d:9b:ce:3d:a4:ea:47:08:e1:ce:ae:63:7d:
e2:ff:7f:d8:cf:0b:a9:23:dc:8f:f6:79:b7:9e:2f:25:db:aa:
96:07:ba:6b:0a:8b:56:f2:fa:b3:cf:30:62:52:d7:df:68:82:
36:43:ae:3a:7e:47:36:c1:db:d9:96:a1:34:d3:34:0e:77:7f:
b9:2a:35:4d:ba:7a:da:a0:ae:aa:bc:5a:6e:9a:87:6f:1b:b0:
48:13:10:5c:73:86:9c:6e:3c:f0:12:ee:6a:54:9a:c6:9d:af:
c8:c1:bb:7f:15:0a:bd:b1:d4:0e:f8:f3:c3:9a:7b:23:da:61:
be:a6:ee:ae:72:18:b1:de:ff:48:b8:70:2d:66:6f:91:91:aa:
48:0a:ee:3f:3c:a1:07:76:0b:8b:37:fd:70:d7:ef:70:4a:71:
2e:c5:38:cc:aa:8a:ec:d6:19:23:d1:3a:5b:ce:2a:31:28:66:
cd:f3:58:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQtxIHL/Hy9FImSxy/GfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFhODRlMTk0ZGIzOThlMmIzOTQwYjlhOWFkMjc5OTc3NDExNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXf276zuoY0S5uevYvHKsOQ/YS9V
NxT46HscjEd5TtMOcyVO0lHD6Ok37hZu+tYqX6TTV2eb/ZyMxB5X1cqERXHq7ENT
zB/H9Fr9l5WC+F/Gnks5Icu4WVqjPXcBs8V/kkIeq4jIux8Hj2OS2AhOu3ZlgX1V
54r55pWu4TtlxzTutPysVxyxUMEuV7FxxQZ6t/cUmH9O2KNcepOBVHSABGIgqGLV
oovzswTEW9oinHYfrYCazDzwfgGIKrZqnHMUR/CthqQtX8jZWr0TRHw6YltylQm7
53kaiClARDRLIMOI8YuzaFpK5rMAqvZwDTI8x7MW6XRAHj4wS5q/PWkX3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF4ahOGU2zmOKzlAuamtJ5l3QRQ3MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWGhxRTRaVGJPWTRyT1VDNXFhMG5tWGRCRkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaCAAwQC
BaC0AwQAXPLQMA0GCSqGSIb3DQEBCwUAA4IBAQCqgihv084CYxP5b3ga1up+mpVj
veiaVBUVuUaj9p7rcw6W4KkyDSFyEt/v81a+km2cjagbWBzseLoZ2sulLX6X3neD
Orgy4i1sqv1Lx22bzj2k6kcI4c6uY33i/3/YzwupI9yP9nm3ni8l26qWB7prCotW
8vqzzzBiUtffaII2Q646fkc2wdvZlqE00zQOd3+5KjVNunraoK6qvFpumodvG7BI
ExBcc4acbjzwEu5qVJrGna/Iwbt/FQq9sdQO+PPDmnsj2mG+pu6uchix3v9IuHAt
Zm+RkapICu4/PKEHdguLN/1w1+9wSnEuxTjMqors1hkj0TpbzioxKGbN81hU
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:49 2024 by rpki-client on console-fra.rpki-client.org