Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XcsZ7I-kz3jfN89vEn4HLDeN0Jc.roa
File: XcsZ7I-kz3jfN89vEn4HLDeN0Jc.roa (raw, json)
Hash identifier: w/OfbLPzdKAfJMbH9bkJAwV2Dqh8Oie5lyiosIQWbQg=
Subject key identifier: 5D:CB:19:EC:8F:A4:CF:78:DF:37:CF:6F:12:7E:07:2C:37:8D:D0:97
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CB970E36EAD61D9A1D4D07E58A467
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XcsZ7I-kz3jfN89vEn4HLDeN0Jc.roa
Signing time: Mon 02 Jan 2023 16:24:46 +0000
ROA not before: Mon 02 Jan 2023 16:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205661
IP address blocks: 62.96.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:b9:70:e3:6e:ad:61:d9:a1:d4:d0:7e:58:a4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dcb19ec8fa4cf78df37cf6f127e072c378dd097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:29:3b:60:5c:5f:b0:9b:c4:ff:4e:29:74:59:
75:ae:18:90:25:f8:ac:26:52:17:52:4d:04:ea:7a:
b5:75:00:9e:9e:30:43:f2:95:d3:6e:34:7b:42:96:
88:89:8a:08:f0:fc:b9:4a:74:80:cc:a1:27:55:20:
fd:3e:7c:62:8f:d6:92:da:ac:d7:23:38:66:fe:0b:
53:ec:39:a6:52:b9:95:78:d8:fb:08:8e:c6:5f:5e:
bb:0c:a7:bc:a9:ea:78:b8:b9:16:e2:01:6a:da:97:
52:64:e2:68:74:17:a9:3f:c1:d8:34:c5:0c:76:3c:
18:d3:50:fc:1d:66:da:76:84:2b:1f:69:d0:10:86:
04:c6:8b:bb:23:b9:f7:32:f6:19:00:3a:f9:32:41:
35:89:30:bf:a4:77:52:e5:08:e8:9e:3a:e6:6e:1e:
83:4a:1c:df:35:77:c3:a8:e4:fc:5c:21:39:2c:37:
68:a7:bf:75:71:52:58:6e:89:2c:44:1f:27:bc:0f:
81:27:ca:0a:93:5b:23:48:5e:ed:cb:de:ca:d7:a3:
c3:c2:c2:75:3a:4e:3f:24:c8:c7:8f:7a:45:88:25:
0c:a1:93:f6:5a:00:d8:98:31:ea:f5:7f:c1:5d:89:
09:23:48:10:d2:2c:f8:47:9a:62:a7:bb:89:74:12:
d2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:19:EC:8F:A4:CF:78:DF:37:CF:6F:12:7E:07:2C:37:8D:D0:97
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XcsZ7I-kz3jfN89vEn4HLDeN0Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.96.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:7b:d9:7a:03:89:13:23:7d:a5:c4:d2:49:d5:c9:57:eb:58:
07:65:bf:ce:92:33:b7:70:62:71:bd:0b:ce:a8:d2:73:2e:eb:
d0:00:23:6a:dc:c8:56:ef:77:ef:c1:d7:65:96:ac:0a:dc:49:
c9:b6:1f:02:52:5d:c9:60:ef:38:d8:ca:7f:57:c8:05:28:7e:
bb:bf:14:76:c9:24:e3:6f:e0:b2:a2:aa:5d:bf:a9:7e:58:30:
56:eb:84:d8:18:44:98:3f:be:8f:f1:35:c7:ff:15:03:b6:eb:
7e:dd:3a:1e:c6:e6:7b:22:76:71:66:d8:09:6f:e4:b1:28:ea:
39:b1:5e:ad:a0:37:8a:a6:33:80:ac:53:6d:19:57:a9:48:d1:
2d:68:9b:ae:10:ba:fe:1a:18:ab:b0:1e:cf:03:06:9f:d2:aa:
69:6a:3e:fa:58:f4:5a:f9:87:ce:15:b6:4e:71:eb:e9:e5:fc:
32:09:c8:bf:b4:0e:89:e4:95:0c:9c:f4:27:9d:29:1d:dd:c1:
9c:87:1e:69:ed:6b:21:3e:cf:4b:ab:ca:7d:37:d2:7d:04:bd:
75:c8:c6:02:6d:63:24:d1:99:d6:c9:2d:b8:83:a2:2a:da:f3:
e9:4f:36:dd:2f:30:e0:1e:d0:70:a4:71:4d:6a:8a:b1:bf:7e:
53:59:7c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTLlw426tYdmh1NB+WKRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNiMTllYzhmYTRjZjc4ZGYzN2NmNmYxMjdlMDcyYzM3OGRkMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhik7YFxfsJvE/04pdFl1rhiQJfis
JlIXUk0E6nq1dQCenjBD8pXTbjR7QpaIiYoI8Py5SnSAzKEnVSD9Pnxij9aS2qzX
Izhm/gtT7DmmUrmVeNj7CI7GX167DKe8qep4uLkW4gFq2pdSZOJodBepP8HYNMUM
djwY01D8HWbadoQrH2nQEIYExou7I7n3MvYZADr5MkE1iTC/pHdS5Qjonjrmbh6D
ShzfNXfDqOT8XCE5LDdop791cVJYboksRB8nvA+BJ8oKk1sjSF7ty97K16PDwsJ1
Ok4/JMjHj3pFiCUMoZP2WgDYmDHq9X/BXYkJI0gQ0iz4R5pip7uJdBLSFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3LGeyPpM943zfPbxJ+Byw3jdCXMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvWGNzWjdJLWt6M2pmTjg5dkVuNEhMRGVOMEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmAXMA0G
CSqGSIb3DQEBCwUAA4IBAQCMe9l6A4kTI32lxNJJ1clX61gHZb/OkjO3cGJxvQvO
qNJzLuvQACNq3MhW73fvwddllqwK3EnJth8CUl3JYO842Mp/V8gFKH67vxR2ySTj
b+Cyoqpdv6l+WDBW64TYGESYP76P8TXH/xUDtut+3ToexuZ7InZxZtgJb+SxKOo5
sV6toDeKpjOArFNtGVepSNEtaJuuELr+GhirsB7PAwaf0qppaj76WPRa+YfOFbZO
cevp5fwyCci/tA6J5JUMnPQnnSkd3cGchx5p7WshPs9Lq8p9N9J9BL11yMYCbWMk
0ZnWyS24g6Iq2vPpTzbdLzDgHtBwpHFNaoqxv35TWXxY
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:09 2024 by rpki-client on console-ams.rpki-client.org