Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/xeCC09-APkVgot3bZ8TLvkYxGz4.roa
File: xeCC09-APkVgot3bZ8TLvkYxGz4.roa (raw, json)
Hash identifier: sCsChzvcOaPGQ9zzClwfRx8AsWAbZWQXGAakl44CtdE=
Subject key identifier: C5:E0:82:D3:DF:80:3E:45:60:A2:DD:DB:67:C4:CB:BE:46:31:1B:3E
Certificate issuer: /CN=c77549551405d9948c662dfe4de24de055daff5e
Certificate serial: 018CC7276D945EEDB30CD35A2EA98AC31F40
Authority key identifier: C7:75:49:55:14:05:D9:94:8C:66:2D:FE:4D:E2:4D:E0:55:DA:FF:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3VJVRQF2ZSMZi3-TeJN4FXa_14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/xeCC09-APkVgot3bZ8TLvkYxGz4.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209256
IP address blocks: 217.20.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6d:94:5e:ed:b3:0c:d3:5a:2e:a9:8a:c3:1f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77549551405d9948c662dfe4de24de055daff5e
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5e082d3df803e4560a2dddb67c4cbbe46311b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f4:d4:69:f2:b1:f1:88:5e:4f:f0:51:27:8d:
fd:4a:f1:36:8f:84:48:f4:18:7d:6b:62:c4:18:f7:
80:70:ab:81:63:d1:35:e6:95:5f:b6:29:68:01:fa:
17:94:32:46:15:e4:37:53:2d:7e:d5:6f:a3:3f:90:
f6:71:ec:26:b1:d6:d2:bd:6c:93:67:7e:95:60:d4:
b3:c2:59:21:28:77:e1:50:0c:76:fd:12:f7:c5:d0:
63:b3:90:1a:08:20:8c:fb:80:09:c8:cd:33:6b:09:
13:53:b3:29:f9:af:78:36:24:61:ea:09:04:96:31:
3e:74:44:22:93:4f:c8:97:67:ae:4a:1d:42:c1:18:
23:ab:ce:b4:3d:0c:fd:cc:66:72:53:8a:2a:0a:8f:
ce:28:02:30:4b:f5:53:ef:c1:c2:27:4e:94:d4:1b:
d5:e7:bd:b6:5d:35:35:a8:a3:55:14:a2:f4:02:95:
96:6e:61:7d:ca:1d:a2:a3:ec:0d:86:c9:aa:46:8b:
dc:ea:48:5b:f6:79:90:9c:50:6b:24:b7:b1:77:19:
50:d1:03:55:36:5c:0b:dd:d9:3a:54:76:82:e6:ce:
9c:04:25:ae:f0:45:a4:49:8c:e1:3e:ab:04:3c:ed:
f7:f1:f1:4d:f2:61:e8:98:c2:8b:e3:0d:96:26:b0:
6c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E0:82:D3:DF:80:3E:45:60:A2:DD:DB:67:C4:CB:BE:46:31:1B:3E
X509v3 Authority Key Identifier:
keyid:C7:75:49:55:14:05:D9:94:8C:66:2D:FE:4D:E2:4D:E0:55:DA:FF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3VJVRQF2ZSMZi3-TeJN4FXa_14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/xeCC09-APkVgot3bZ8TLvkYxGz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/x3VJVRQF2ZSMZi3-TeJN4FXa_14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:bd:20:a1:b7:29:dc:af:d9:5e:de:80:fd:f2:b6:62:4a:2f:
dc:85:4c:ee:04:b2:77:62:93:3b:33:e6:25:7f:f6:b9:76:68:
f0:bf:70:bc:51:34:d1:9c:e9:32:c7:ac:6e:ba:07:b6:f9:f6:
37:72:2c:97:0b:e3:b1:60:db:85:3a:3d:f5:da:71:d6:c6:2a:
4c:ad:74:c8:27:a5:b9:ba:36:7a:a5:46:ed:7d:70:b9:22:8b:
fa:0d:34:fe:5f:46:52:d5:b6:d3:ae:00:8b:e1:d0:ce:9c:46:
4d:1e:4c:f2:8f:f9:5f:ba:b4:81:a8:da:a2:2c:04:25:05:72:
e1:49:51:d2:f4:e0:68:38:8a:19:6d:9e:7f:c6:3a:2a:28:8e:
44:15:42:f1:de:0f:1e:36:e6:d4:d4:6c:60:6b:4f:d9:bd:10:
2d:db:7a:4f:94:44:0d:81:96:74:32:e8:34:8d:e4:58:e8:b7:
c5:03:46:53:01:60:a6:67:91:85:c4:1e:54:15:62:ef:4b:26:
59:93:e4:84:41:b1:a4:d3:33:fb:71:7b:b4:28:03:2d:36:05:
ca:9d:7b:fb:c0:03:bf:41:2f:6a:77:45:52:b3:a9:0b:f8:69:
b6:d8:05:d0:21:4b:3a:4a:23:f2:66:b6:db:51:2c:86:22:e6:
d7:a4:32:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ22UXu2zDNNaLqmKwx9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzU0OTU1MTQwNWQ5OTQ4YzY2MmRmZTRkZTI0ZGUwNTVk
YWZmNWUwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUwODJkM2RmODAzZTQ1NjBhMmRkZGI2N2M0Y2JiZTQ2MzExYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/TUafKx8YheT/BRJ439SvE2j4RI
9Bh9a2LEGPeAcKuBY9E15pVftiloAfoXlDJGFeQ3Uy1+1W+jP5D2cewmsdbSvWyT
Z36VYNSzwlkhKHfhUAx2/RL3xdBjs5AaCCCM+4AJyM0zawkTU7Mp+a94NiRh6gkE
ljE+dEQik0/Il2euSh1CwRgjq860PQz9zGZyU4oqCo/OKAIwS/VT78HCJ06U1BvV
5722XTU1qKNVFKL0ApWWbmF9yh2io+wNhsmqRovc6khb9nmQnFBrJLexdxlQ0QNV
NlwL3dk6VHaC5s6cBCWu8EWkSYzhPqsEPO338fFN8mHomMKL4w2WJrBswQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXggtPfgD5FYKLd22fEy75GMRs+MB8GA1UdIwQY
MBaAFMd1SVUUBdmUjGYt/k3iTeBV2v9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNWSlZSUUYyWlNNWmkzLVRlSk40RlhhXzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC81YTQzNDEtYmM1Zi00MjQ2LTkyZWEt
MWJmNzVmNzVmYTg3LzEveGVDQzA5LUFQa1Znb3QzYlo4VEx2a1l4R3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC81YTQzNDEtYmM1Zi00MjQ2LTkyZWEtMWJmNzVmNzVmYTg3
LzEveDNWSlZSUUYyWlNNWmkzLVRlSk40RlhhXzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RRgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOvSChtyncr9le3oD98rZiSi/chUzuBLJ3YpM7M+Yl
f/a5dmjwv3C8UTTRnOkyx6xuuge2+fY3ciyXC+OxYNuFOj312nHWxipMrXTIJ6W5
ujZ6pUbtfXC5Iov6DTT+X0ZS1bbTrgCL4dDOnEZNHkzyj/lfurSBqNqiLAQlBXLh
SVHS9OBoOIoZbZ5/xjoqKI5EFULx3g8eNubU1Gxga0/ZvRAt23pPlEQNgZZ0Mug0
jeRY6LfFA0ZTAWCmZ5GFxB5UFWLvSyZZk+SEQbGk0zP7cXu0KAMtNgXKnXv7wAO/
QS9qd0VSs6kL+Gm22AXQIUs6SiPyZrbbUSyGIubXpDIp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:10 2025 by rpki-client