Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X5cjCq9okYdYhd-FeCbIsws46K8.roa
File: X5cjCq9okYdYhd-FeCbIsws46K8.roa (raw, json)
Hash identifier: bli0PUZxdondPtzZ17gbKODpTPH/FYSMLCHGsuKW66A=
Subject key identifier: 5F:97:23:0A:AF:68:91:87:58:85:DF:85:78:26:C8:B3:0B:38:E8:AF
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42DF536C1DA85FA0605AA1CE021801
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X5cjCq9okYdYhd-FeCbIsws46K8.roa
Signing time: Sun 01 Jan 2023 21:35:31 +0000
ROA not before: Sun 01 Jan 2023 21:35:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211521
IP address blocks: 2a0e:8f02:f024::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:df:53:6c:1d:a8:5f:a0:60:5a:a1:ce:02:18:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f97230aaf6891875885df857826c8b30b38e8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:32:8a:0e:5f:10:7b:96:84:63:40:09:53:59:
a8:86:95:46:b9:22:ca:d8:53:77:13:92:1e:4b:00:
65:c2:f3:56:44:bc:46:fc:7c:80:60:42:6f:63:a6:
8e:25:59:3d:9f:bd:7d:c2:7b:c1:af:76:7b:0b:a1:
fa:88:d1:97:e8:62:58:ed:25:61:b5:26:57:e1:8e:
eb:b8:99:31:9f:a5:fa:e9:18:90:3f:6d:fa:7f:43:
7a:bd:9e:da:78:0d:7a:41:41:b5:ce:68:71:73:77:
98:dc:8e:73:72:25:e1:59:c2:63:6e:92:ef:24:ef:
46:0d:ea:2c:cc:05:e6:57:5f:9d:a8:2a:20:d6:9b:
55:a8:98:98:52:2d:fc:ac:b1:f2:85:cc:2f:e1:d3:
53:31:6e:79:04:aa:29:81:6f:39:c0:72:a0:16:9c:
ce:c4:4f:2b:de:21:c4:8c:6e:48:2d:e2:e0:56:92:
f3:0a:38:5e:f1:ac:5b:f3:5b:27:73:08:33:71:bc:
2f:96:c4:d6:a3:3d:33:39:c5:ff:63:53:c6:bb:44:
e3:ce:db:3c:f0:a2:10:ab:3c:73:0e:8b:67:83:f0:
fd:c1:f2:e3:be:54:70:85:ff:e8:2f:88:61:18:f1:
54:d6:13:6a:09:82:bc:d5:d4:54:78:ab:9f:2b:7c:
d9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:97:23:0A:AF:68:91:87:58:85:DF:85:78:26:C8:B3:0B:38:E8:AF
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X5cjCq9okYdYhd-FeCbIsws46K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f024::/48
Signature Algorithm: sha256WithRSAEncryption
33:f5:d1:68:a2:b2:95:0c:34:b7:cf:63:5a:a1:9f:97:aa:30:
39:eb:97:b0:43:16:46:a7:95:c6:04:4d:ca:2c:a8:06:fd:56:
9e:34:cb:de:c1:be:21:68:a6:3f:e0:52:42:01:9b:33:57:e6:
a5:a4:89:d9:6c:db:73:e7:dd:ad:d1:7f:94:aa:eb:32:f9:01:
7f:6e:b1:9c:96:96:4f:cc:09:e4:25:22:e3:23:44:47:e0:e1:
ee:74:76:a5:69:4e:26:a6:cf:1e:c9:ad:d7:26:75:64:aa:16:
fb:4f:6b:0c:41:96:56:73:d9:0d:92:8d:1a:74:47:8b:30:12:
c6:65:8a:ad:8b:de:09:f9:9f:0a:81:81:b1:90:68:3b:37:c1:
11:23:6c:e7:f9:26:59:e0:80:1e:74:f8:4b:2d:a0:bc:7a:e4:
a8:4f:4e:2a:e5:69:30:b2:90:fe:09:8a:bd:ab:3f:9b:77:b1:
69:12:d7:36:de:0b:aa:fa:d5:71:39:f6:e5:c7:2c:67:ec:67:
08:19:80:bd:ad:3c:cc:96:d5:02:d2:cc:1a:7d:26:0f:39:5c:
77:15:fe:ef:6e:cf:19:84:58:61:67:88:b4:ba:a7:c1:cd:d4:
a7:79:7b:51:e9:b8:39:67:f7:f9:d9:d4:7d:a7:c7:88:9d:e6:
3b:c9:49:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQt9TbB2oX6BgWqHOAhgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk3MjMwYWFmNjg5MTg3NTg4NWRmODU3ODI2YzhiMzBiMzhlOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzKKDl8Qe5aEY0AJU1mohpVGuSLK
2FN3E5IeSwBlwvNWRLxG/HyAYEJvY6aOJVk9n719wnvBr3Z7C6H6iNGX6GJY7SVh
tSZX4Y7ruJkxn6X66RiQP236f0N6vZ7aeA16QUG1zmhxc3eY3I5zciXhWcJjbpLv
JO9GDeoszAXmV1+dqCog1ptVqJiYUi38rLHyhcwv4dNTMW55BKopgW85wHKgFpzO
xE8r3iHEjG5ILeLgVpLzCjhe8axb81sncwgzcbwvlsTWoz0zOcX/Y1PGu0Tjzts8
8KIQqzxzDotng/D9wfLjvlRwhf/oL4hhGPFU1hNqCYK81dRUeKufK3zZ5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF+XIwqvaJGHWIXfhXgmyLMLOOivMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWDVjakNxOW9rWWRZaGQtRmVDYklzd3M0Nks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAk
MA0GCSqGSIb3DQEBCwUAA4IBAQAz9dFoorKVDDS3z2NaoZ+XqjA565ewQxZGp5XG
BE3KLKgG/VaeNMvewb4haKY/4FJCAZszV+alpInZbNtz592t0X+Uqusy+QF/brGc
lpZPzAnkJSLjI0RH4OHudHalaU4mps8eya3XJnVkqhb7T2sMQZZWc9kNko0adEeL
MBLGZYqti94J+Z8KgYGxkGg7N8ERI2zn+SZZ4IAedPhLLaC8euSoT04q5WkwspD+
CYq9qz+bd7FpEtc23guq+tVxOfblxyxn7GcIGYC9rTzMltUC0swafSYPOVx3Ff7v
bs8ZhFhhZ4i0uqfBzdSneXtR6bg5Z/f52dR9p8eIneY7yUk2
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org