Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3ad9c1-3e09-41ac-acca-d11339fe7df0/1/XLqa-utPXvfkG0QcUKk0zMTMC7s.roa
File: XLqa-utPXvfkG0QcUKk0zMTMC7s.roa (raw, json)
Hash identifier: NSjKk1jhiwtrWSLLMfFmURc4K0h1RpulvouzNFWdTJA=
Subject key identifier: 5C:BA:9A:FA:EB:4F:5E:F7:E4:1B:44:1C:50:A9:34:CC:C4:CC:0B:BB
Certificate issuer: /CN=34f481a9ddcfb48591f78938c4fcc7b8b67c6302
Certificate serial: 018570C2BA78B1E0C4FD38FDE395BC3A1E7D
Authority key identifier: 34:F4:81:A9:DD:CF:B4:85:91:F7:89:38:C4:FC:C7:B8:B6:7C:63:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPSBqd3PtIWR94k4xPzHuLZ8YwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3ad9c1-3e09-41ac-acca-d11339fe7df0/1/XLqa-utPXvfkG0QcUKk0zMTMC7s.roa
Signing time: Mon 02 Jan 2023 04:34:47 +0000
ROA not before: Mon 02 Jan 2023 04:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199216
IP address blocks: 193.56.204.0/22 maxlen: 24
2a0c:8f40::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:ba:78:b1:e0:c4:fd:38:fd:e3:95:bc:3a:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f481a9ddcfb48591f78938c4fcc7b8b67c6302
Validity
Not Before: Jan 2 04:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cba9afaeb4f5ef7e41b441c50a934ccc4cc0bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5d:7d:df:bb:44:58:da:c7:7c:0d:6e:7b:e4:
2f:40:e5:55:f9:94:eb:29:82:0d:df:35:2c:3c:8c:
0c:dd:b1:25:dc:74:18:77:d9:5b:2a:18:d6:d2:0e:
19:4a:ee:d0:c6:77:8d:ee:dc:02:42:e9:45:c8:c6:
6e:22:c8:ac:c4:37:f6:4f:31:c8:23:97:e6:5c:b6:
22:d5:fc:29:7c:3c:52:36:7b:66:32:2f:8d:96:14:
65:10:a0:dd:9d:a3:50:94:ac:af:a8:aa:42:37:21:
d3:34:81:40:7f:aa:15:56:47:c7:e7:3b:61:c2:04:
69:73:41:16:11:2e:74:53:2e:82:77:87:33:74:b4:
6c:4c:98:19:db:c9:ab:86:6c:5a:ff:0d:c0:9b:4e:
8c:32:5c:80:30:0b:4d:68:94:75:50:78:d9:9c:c0:
2b:50:26:14:0c:e0:a8:8f:74:04:f8:9e:dc:e6:bf:
7a:27:53:74:6a:fd:bc:31:2f:4d:6b:1e:83:68:f5:
00:86:68:ac:bf:7d:72:38:7a:1b:ad:f8:56:cd:d1:
19:59:c0:cf:fc:ca:4d:15:6b:e5:9f:13:e4:9f:f2:
30:9a:7f:f0:08:17:b0:77:09:b7:fc:3a:4d:41:aa:
67:8d:db:ed:4d:25:80:60:b6:3b:9e:59:5b:35:66:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BA:9A:FA:EB:4F:5E:F7:E4:1B:44:1C:50:A9:34:CC:C4:CC:0B:BB
X509v3 Authority Key Identifier:
keyid:34:F4:81:A9:DD:CF:B4:85:91:F7:89:38:C4:FC:C7:B8:B6:7C:63:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPSBqd3PtIWR94k4xPzHuLZ8YwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3ad9c1-3e09-41ac-acca-d11339fe7df0/1/XLqa-utPXvfkG0QcUKk0zMTMC7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3ad9c1-3e09-41ac-acca-d11339fe7df0/1/NPSBqd3PtIWR94k4xPzHuLZ8YwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.204.0/22
IPv6:
2a0c:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
87:75:cf:ea:27:83:6e:79:fe:52:45:48:07:63:94:06:73:f3:
1f:6a:b8:06:5e:b1:a8:df:22:69:bf:6c:82:7f:e4:dd:3c:b2:
b9:08:b9:b0:8f:07:8f:06:76:54:cc:af:86:30:8a:36:34:54:
af:39:85:ee:f8:c0:9a:56:80:1e:69:83:21:c8:b7:82:02:04:
c8:e4:88:0b:ef:65:09:71:0c:c5:2f:e5:82:25:8c:0a:1e:d7:
fe:a8:51:18:22:39:3c:b4:f0:ac:cf:ca:45:a7:5e:cb:06:4e:
1d:2f:07:99:ff:f4:1f:d4:57:c3:d5:df:e6:a9:95:8f:24:96:
7b:c2:c5:6b:87:a8:05:6d:bf:65:b9:14:44:3e:6e:c9:60:0c:
81:82:e1:e4:0f:52:3b:bf:fb:42:1e:c7:73:42:4b:04:70:b5:
9c:7a:e3:2f:61:2d:fe:40:db:21:dc:a2:97:2a:58:cb:59:72:
96:21:70:fb:c9:b3:2c:14:c1:1f:c2:d0:cd:61:07:47:c1:1e:
f2:3f:00:1e:6a:e3:67:a5:eb:e6:06:d5:ef:50:71:e3:a4:e4:
e9:0e:43:fe:3c:5e:1b:fd:ab:ba:90:6e:77:ff:cb:e2:0d:f1:
cf:15:2b:e3:b2:d6:35:5e:e5:23:b0:12:8e:6d:67:2c:77:b1:
d6:f3:e2:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwwrp4seDE/Tj945W8Oh59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ4MWE5ZGRjZmI0ODU5MWY3ODkzOGM0ZmNjN2I4YjY3
YzYzMDIwHhcNMjMwMTAyMDQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JhOWFmYWViNGY1ZWY3ZTQxYjQ0MWM1MGE5MzRjY2M0Y2MwYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF1937tEWNrHfA1ue+QvQOVV+ZTr
KYIN3zUsPIwM3bEl3HQYd9lbKhjW0g4ZSu7QxneN7twCQulFyMZuIsisxDf2TzHI
I5fmXLYi1fwpfDxSNntmMi+NlhRlEKDdnaNQlKyvqKpCNyHTNIFAf6oVVkfH5zth
wgRpc0EWES50Uy6Cd4czdLRsTJgZ28mrhmxa/w3Am06MMlyAMAtNaJR1UHjZnMAr
UCYUDOCoj3QE+J7c5r96J1N0av28MS9Nax6DaPUAhmisv31yOHobrfhWzdEZWcDP
/MpNFWvlnxPkn/Iwmn/wCBewdwm3/DpNQapnjdvtTSWAYLY7nllbNWZclQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFy6mvrrT1735BtEHFCpNMzEzAu7MB8GA1UdIwQY
MBaAFDT0gandz7SFkfeJOMT8x7i2fGMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBTQnFkM1B0SVdSOTRrNHhQekh1TFo4WXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zYWQ5YzEtM2UwOS00MWFjLWFjY2Et
ZDExMzM5ZmU3ZGYwLzEvWExxYS11dFBYdmZrRzBRY1VLazB6TVRNQzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zYWQ5YzEtM2UwOS00MWFjLWFjY2EtZDExMzM5ZmU3ZGYw
LzEvTlBTQnFkM1B0SVdSOTRrNHhQekh1TFo4WXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTjMMA0E
AgACMAcDBQMqDI9AMA0GCSqGSIb3DQEBCwUAA4IBAQCHdc/qJ4Nuef5SRUgHY5QG
c/MfargGXrGo3yJpv2yCf+TdPLK5CLmwjwePBnZUzK+GMIo2NFSvOYXu+MCaVoAe
aYMhyLeCAgTI5IgL72UJcQzFL+WCJYwKHtf+qFEYIjk8tPCsz8pFp17LBk4dLweZ
//Qf1FfD1d/mqZWPJJZ7wsVrh6gFbb9luRREPm7JYAyBguHkD1I7v/tCHsdzQksE
cLWceuMvYS3+QNsh3KKXKljLWXKWIXD7ybMsFMEfwtDNYQdHwR7yPwAeauNnpevm
BtXvUHHjpOTpDkP+PF4b/au6kG53/8viDfHPFSvjstY1XuUjsBKObWcsd7HW8+Jn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:22 2024 by rpki-client on console-ams.rpki-client.org