Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/deb064-a922-46a6-86ca-e43523983793/1/XIpJn-lSQDFoksYbAUtr28pzozM.roa
File: XIpJn-lSQDFoksYbAUtr28pzozM.roa (raw, json)
Hash identifier: gfRHtfQ2aQq5XI8Sea03rYv16eC9IU/6RZZW0zi31SI=
Subject key identifier: 5C:8A:49:9F:E9:52:40:31:68:92:C6:1B:01:4B:6B:DB:CA:73:A3:33
Certificate issuer: /CN=bf4b51b0bac45fa226bd2dcff11730ed40ec2149
Certificate serial: 01856E41D8ADC01D23FD4A532995F9353F3B
Authority key identifier: BF:4B:51:B0:BA:C4:5F:A2:26:BD:2D:CF:F1:17:30:ED:40:EC:21:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0tRsLrEX6ImvS3P8Rcw7UDsIUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/deb064-a922-46a6-86ca-e43523983793/1/XIpJn-lSQDFoksYbAUtr28pzozM.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.74.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d8:ad:c0:1d:23:fd:4a:53:29:95:f9:35:3f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf4b51b0bac45fa226bd2dcff11730ed40ec2149
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c8a499fe95240316892c61b014b6bdbca73a333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:7e:af:2e:87:50:82:87:dd:4a:b9:d1:a9:
2f:cb:4c:bd:70:b0:08:97:9d:54:f6:f3:12:67:cc:
e0:76:ec:d9:1e:da:13:4b:70:c4:c2:3f:4a:ad:5b:
b2:89:03:d9:5c:db:77:c9:fa:81:36:76:8e:d4:ef:
67:14:22:d8:e2:e5:c0:7c:7b:bd:39:fe:14:a5:9e:
53:31:94:49:ea:75:45:5f:42:a1:f8:11:95:be:06:
c0:37:a6:90:0d:d4:72:d8:7f:50:42:2a:de:be:16:
6b:6e:41:9e:c5:42:8a:02:74:ee:e5:b0:ae:78:8a:
6c:9a:a6:d1:c1:bc:1a:06:76:c5:e6:24:25:e1:ca:
17:50:41:52:74:11:80:24:d3:3b:a3:7a:8a:4b:04:
2d:23:50:55:44:ae:48:97:23:56:b5:bc:3e:f6:4f:
21:8f:b7:7d:6d:71:7c:52:8e:8c:9b:69:07:aa:8c:
6f:9e:87:63:68:43:80:d3:b9:46:9e:06:9f:fa:4b:
a2:1e:0d:45:1c:df:df:2a:23:9b:98:1b:34:24:d9:
a8:2e:f6:13:18:4a:9c:ec:b9:f8:42:ad:b2:6f:85:
a8:77:fb:7e:d9:50:a6:ec:81:1f:24:fb:e0:ce:02:
fb:7a:56:74:79:d3:7e:8a:e1:9a:07:43:86:c6:10:
9e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8A:49:9F:E9:52:40:31:68:92:C6:1B:01:4B:6B:DB:CA:73:A3:33
X509v3 Authority Key Identifier:
keyid:BF:4B:51:B0:BA:C4:5F:A2:26:BD:2D:CF:F1:17:30:ED:40:EC:21:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0tRsLrEX6ImvS3P8Rcw7UDsIUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/deb064-a922-46a6-86ca-e43523983793/1/XIpJn-lSQDFoksYbAUtr28pzozM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/deb064-a922-46a6-86ca-e43523983793/1/v0tRsLrEX6ImvS3P8Rcw7UDsIUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:17:a4:cd:be:73:e8:ac:c1:fa:0e:fd:1d:0c:ff:df:9e:35:
0b:54:1b:6a:2a:2c:dc:ad:00:0e:3f:77:a1:8a:80:cd:34:1f:
f3:04:26:67:c3:45:57:49:ad:11:31:c3:47:50:f6:7e:6c:7a:
9a:6f:74:a7:ef:df:a1:a6:bf:9f:66:56:b7:43:ea:d3:11:eb:
e6:5a:82:ba:1e:77:c7:19:3b:50:17:38:2c:08:47:53:f6:90:
e9:64:f3:db:5a:c5:26:66:92:c8:23:1c:e1:e8:24:db:d3:9c:
7a:b7:fc:ec:bd:7a:a2:ae:d1:65:c2:77:89:35:f5:00:a8:82:
cc:fc:32:e6:84:ff:4c:3e:67:3c:0c:84:15:e4:5b:df:26:ab:
84:cd:96:36:8a:ce:91:77:03:e9:0e:bd:12:6a:d9:c0:87:cc:
89:b8:ad:74:36:c9:cf:a8:66:d9:ce:a4:c8:36:43:28:b5:51:
25:53:88:f7:7a:79:80:e6:0a:44:d0:a6:29:62:57:e8:3a:3e:
54:3d:78:db:cb:bd:18:e7:94:dd:14:a0:cc:ed:72:26:00:01:
26:84:bd:b9:1f:18:d7:dd:25:8f:ea:0f:00:d2:f1:30:56:5a:
9c:59:3b:90:01:24:cd:ca:35:ff:ac:4a:e7:bf:ae:ef:54:3b:
01:4d:65:b7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVuQditwB0j/UpTKZX5NT87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNGI1MWIwYmFjNDVmYTIyNmJkMmRjZmYxMTczMGVkNDBl
YzIxNDkwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhhNDk5ZmU5NTI0MDMxNjg5MmM2MWIwMTRiNmJkYmNhNzNhMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1+ry6HUIKH3Uq50akvy0y9cLAI
l51U9vMSZ8zgduzZHtoTS3DEwj9KrVuyiQPZXNt3yfqBNnaO1O9nFCLY4uXAfHu9
Of4UpZ5TMZRJ6nVFX0Kh+BGVvgbAN6aQDdRy2H9QQirevhZrbkGexUKKAnTu5bCu
eIpsmqbRwbwaBnbF5iQl4coXUEFSdBGAJNM7o3qKSwQtI1BVRK5IlyNWtbw+9k8h
j7d9bXF8Uo6Mm2kHqoxvnodjaEOA07lGngaf+kuiHg1FHN/fKiObmBs0JNmoLvYT
GEqc7Ln4Qq2yb4Wod/t+2VCm7IEfJPvgzgL7elZ0edN+iuGaB0OGxhCekQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFFyKSZ/pUkAxaJLGGwFLa9vKc6MzMB8GA1UdIwQY
MBaAFL9LUbC6xF+iJr0tz/EXMO1A7CFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjB0UnNMckVYNkltdlMzUDhSY3c3VURzSVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZWIwNjQtYTkyMi00NmE2LTg2Y2Et
ZTQzNTIzOTgzNzkzLzEvWElwSm4tbFNRREZva3NZYkFVdHIyOHB6b3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kZWIwNjQtYTkyMi00NmE2LTg2Y2EtZTQzNTIzOTgzNzkz
LzEvdjB0UnNMckVYNkltdlMzUDhSY3c3VURzSVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjUowDQYJ
KoZIhvcNAQELBQADggEBACEXpM2+c+iswfoO/R0M/9+eNQtUG2oqLNytAA4/d6GK
gM00H/MEJmfDRVdJrRExw0dQ9n5seppvdKfv36Gmv59mVrdD6tMR6+Zagroed8cZ
O1AXOCwIR1P2kOlk89taxSZmksgjHOHoJNvTnHq3/Oy9eqKu0WXCd4k19QCogsz8
MuaE/0w+ZzwMhBXkW98mq4TNljaKzpF3A+kOvRJq2cCHzIm4rXQ2yc+oZtnOpMg2
Qyi1USVTiPd6eYDmCkTQpiliV+g6PlQ9eNvLvRjnlN0UoMztciYAASaEvbkfGNfd
JY/qDwDS8TBWWpxZO5ABJM3KNf+sSue/ru9UOwFNZbc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:13 2024 by rpki-client on console-fra.rpki-client.org