Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/XRGTurwm2iWOoQAC_DNT-3iHArY.roa
File: XRGTurwm2iWOoQAC_DNT-3iHArY.roa (raw, json)
Hash identifier: xYEgqL9AENuIfx5ZSd2aHbp8XLzpBaZSa3dOFJpbgL8=
Subject key identifier: 5D:11:93:BA:BC:26:DA:25:8E:A1:00:02:FC:33:53:FB:78:87:02:B6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E35046D735FAAE82EAB345E4905C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/XRGTurwm2iWOoQAC_DNT-3iHArY.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211869
IP address blocks: 2a0e:8f02:2150::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e3:50:46:d7:35:fa:ae:82:ea:b3:45:e4:90:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d1193babc26da258ea10002fc3353fb788702b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:82:5e:66:16:5f:46:61:1d:85:cd:c1:df:f6:
45:0d:4b:2c:a7:d5:fb:63:58:a7:be:14:0a:5c:fb:
99:4e:d5:31:0a:bf:7c:74:9d:1a:7f:34:4c:51:a1:
51:00:66:90:5b:75:e5:3c:07:1c:28:86:48:aa:75:
60:50:2f:ae:7c:ac:98:28:b6:39:d0:9c:fa:6d:cb:
bf:12:37:cd:30:7f:e1:60:ec:3c:00:43:77:b2:8e:
20:54:d8:c5:16:8f:c7:f6:99:25:a5:d6:b5:6a:f4:
85:78:c8:b4:c2:1f:b6:1b:c1:a6:74:48:27:7e:62:
59:1b:30:a3:db:98:7b:5b:37:2a:a4:fe:3d:6e:1b:
55:0e:ef:f8:16:b8:87:66:da:13:bf:2d:92:78:99:
2e:46:e3:89:33:2d:23:94:75:bc:9f:a3:23:9f:ef:
f1:38:c4:98:3d:5d:e4:ab:de:ed:bc:2b:12:a4:05:
44:b6:3d:04:5e:12:5e:47:fc:de:4d:bb:e0:5e:e8:
76:0d:d3:e2:1f:2e:35:b0:11:d4:70:9a:e1:6a:0a:
48:a5:c9:4f:86:e4:62:01:d1:7b:f4:f5:0c:da:af:
23:2d:ba:67:21:99:5d:cc:9e:97:65:48:b2:a4:f2:
8d:ea:56:cf:fd:f9:8f:11:8f:66:fd:78:e6:0e:71:
88:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:11:93:BA:BC:26:DA:25:8E:A1:00:02:FC:33:53:FB:78:87:02:B6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/XRGTurwm2iWOoQAC_DNT-3iHArY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2150::/44
Signature Algorithm: sha256WithRSAEncryption
a4:ff:db:15:9f:92:ca:47:96:e8:56:5a:9b:79:a2:2b:f5:31:
49:f9:26:41:d2:26:56:a6:fa:55:e2:b3:66:bf:c9:0a:b2:8c:
1f:2f:55:f8:56:1b:d2:62:3e:0d:ab:81:9a:dc:24:d9:af:ff:
90:0a:56:38:21:57:5b:73:d3:92:af:12:66:fd:1f:f8:ef:10:
01:d1:6c:c9:1c:78:d6:30:be:8d:7d:70:75:b0:ec:60:28:9d:
15:3c:d4:d9:be:78:c4:a9:b3:5b:66:32:fe:f7:8b:96:c2:bd:
ed:25:5a:16:f5:10:51:07:a8:89:09:55:25:ec:ce:9c:fb:1a:
50:60:8d:da:db:50:ea:19:62:1d:c1:0c:7f:8f:2c:c9:f1:a0:
c2:b0:7b:ed:5f:34:ca:3f:d6:99:57:89:4d:b8:ca:b0:aa:ed:
f1:6e:d0:18:6f:a4:39:b4:7f:93:a0:e3:5e:94:70:4b:62:32:
56:b6:01:de:9a:d3:3a:a5:03:2b:5f:0f:e4:99:0d:52:83:0a:
1a:a3:0a:f0:80:39:07:48:3a:bd:6a:37:cd:84:dc:02:84:8d:
7d:7a:d3:4a:78:bc:33:da:8f:94:2b:ee:9c:2b:00:a0:44:d7:
06:63:12:fe:15:ac:f5:e5:89:6e:dc:11:f1:68:23:87:72:c6:
2c:33:f0:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuNQRtc1+q6C6rNF5JBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDExOTNiYWJjMjZkYTI1OGVhMTAwMDJmYzMzNTNmYjc4ODcwMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoJeZhZfRmEdhc3B3/ZFDUssp9X7
Y1invhQKXPuZTtUxCr98dJ0afzRMUaFRAGaQW3XlPAccKIZIqnVgUC+ufKyYKLY5
0Jz6bcu/EjfNMH/hYOw8AEN3so4gVNjFFo/H9pklpda1avSFeMi0wh+2G8GmdEgn
fmJZGzCj25h7WzcqpP49bhtVDu/4FriHZtoTvy2SeJkuRuOJMy0jlHW8n6Mjn+/x
OMSYPV3kq97tvCsSpAVEtj0EXhJeR/zeTbvgXuh2DdPiHy41sBHUcJrhagpIpclP
huRiAdF79PUM2q8jLbpnIZldzJ6XZUiypPKN6lbP/fmPEY9m/XjmDnGIYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF0Rk7q8JtoljqEAAvwzU/t4hwK2MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWFJHVHVyd20yaVdPb1FBQ19ETlQtM2lIQXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCk/9sVn5LKR5boVlqbeaIr9TFJ+SZB0iZWpvpV
4rNmv8kKsowfL1X4VhvSYj4Nq4Ga3CTZr/+QClY4IVdbc9OSrxJm/R/47xAB0WzJ
HHjWML6NfXB1sOxgKJ0VPNTZvnjEqbNbZjL+94uWwr3tJVoW9RBRB6iJCVUl7M6c
+xpQYI3a21DqGWIdwQx/jyzJ8aDCsHvtXzTKP9aZV4lNuMqwqu3xbtAYb6Q5tH+T
oONelHBLYjJWtgHemtM6pQMrXw/kmQ1SgwoaowrwgDkHSDq9ajfNhNwChI19etNK
eLwz2o+UK+6cKwCgRNcGYxL+Faz15Ylu3BHxaCOHcsYsM/Cf
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org