Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xT5XIPzW4rrevD5eXrLciqg6M1o.roa
File: xT5XIPzW4rrevD5eXrLciqg6M1o.roa (raw, json)
Hash identifier: y3zwVK+CDJVHJQCVbgCOcYyQDhyUmPdw3pDPavOTh6g=
Subject key identifier: C5:3E:57:20:FC:D6:E2:BA:DE:BC:3E:5E:5E:B2:DC:8A:A8:3A:33:5A
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 01866E1ECD17E1CB39B811320347D0472A60
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xT5XIPzW4rrevD5eXrLciqg6M1o.roa
Signing time: Mon 20 Feb 2023 09:19:17 +0000
ROA not before: Mon 20 Feb 2023 09:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213087
IP address blocks: 134.97.3.0/24 maxlen: 24
134.97.2.0/24 maxlen: 24
2001:650:cc05::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:1e:cd:17:e1:cb:39:b8:11:32:03:47:d0:47:2a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Feb 20 09:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53e5720fcd6e2badebc3e5e5eb2dc8aa83a335a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:37:5a:62:c9:2a:71:eb:89:97:75:22:f0:2d:
de:f4:35:d4:09:82:f7:1b:65:3b:ad:b6:d9:a8:81:
7a:0f:db:04:45:bc:9e:2c:d8:c9:a1:d7:cf:af:65:
f4:c4:7a:61:4a:27:ab:14:dd:d6:a4:ec:4f:ee:f1:
c0:d1:ee:1d:42:43:19:e3:cd:47:10:c2:2e:27:cf:
44:eb:ca:bb:0e:25:97:86:d5:98:4a:eb:7c:a3:ed:
76:ff:1e:1c:c6:14:9a:c8:9c:14:dd:96:02:91:48:
dd:82:c3:b7:6d:dc:c2:06:7d:81:b8:fa:19:12:a0:
ad:84:7c:67:60:16:e0:f2:ff:27:22:c3:90:2f:44:
c1:d7:89:e8:8f:a3:88:52:b2:e8:6b:28:1a:74:d1:
fb:7b:16:bf:2b:98:de:00:1d:56:ab:4b:1f:68:31:
8a:7e:75:0c:f3:40:26:ce:16:3a:b0:35:ff:8a:cb:
40:97:7c:13:c6:b7:b7:6f:ff:00:be:87:e6:4c:92:
e1:45:60:1e:d4:fe:39:40:05:73:75:98:3a:9d:0e:
08:10:92:96:a5:a3:2e:2c:34:dd:1d:dd:e2:ef:e5:
46:40:1c:61:d9:02:04:5b:e6:c6:71:bb:ff:77:2f:
f4:84:55:73:36:06:97:75:2a:16:25:3a:5f:23:ad:
bc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3E:57:20:FC:D6:E2:BA:DE:BC:3E:5E:5E:B2:DC:8A:A8:3A:33:5A
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xT5XIPzW4rrevD5eXrLciqg6M1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.2.0/23
IPv6:
2001:650:cc05::/48
Signature Algorithm: sha256WithRSAEncryption
41:a8:39:34:3d:c7:db:e4:dc:b0:ff:95:23:d7:f8:3c:4e:da:
78:74:0d:f1:93:22:66:f0:89:d6:57:e2:a1:85:cc:e6:40:bb:
a0:2b:df:e7:50:50:59:eb:e9:d2:ce:c0:55:0d:7e:64:2b:8d:
f4:fd:bd:30:4c:c7:f7:f4:9e:19:8e:b7:2d:ab:c9:2c:9a:e3:
a7:aa:74:76:53:6f:51:b8:fb:c4:46:28:33:3d:1d:7f:41:65:
23:7a:a2:dc:85:b5:5d:c6:eb:5c:0e:61:db:5e:2c:a5:08:be:
13:18:7f:2c:51:d6:f5:ff:a9:a3:47:67:28:05:24:9a:85:2f:
2a:82:31:80:b2:92:b7:91:c4:2c:4b:11:78:af:63:ad:c9:9d:
05:6b:6d:96:0a:db:4b:b3:2b:ec:22:49:30:40:6f:1a:b0:b4:
c1:c4:6e:7e:40:d0:03:cd:d2:fa:7b:31:b9:7f:1b:a4:b8:6e:
10:7e:52:8c:07:27:0d:39:c1:ea:53:79:ac:6e:21:2b:81:52:
f4:52:5a:38:ab:61:f9:87:7c:ba:c9:7a:ac:bd:2a:0e:14:34:
02:da:50:c8:15:ae:a4:6c:97:00:d6:13:98:eb:aa:70:6b:31:
09:c0:d5:73:b5:75:ef:31:7c:a2:4f:42:2d:ad:00:11:72:c8:
07:52:20:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZuHs0X4cs5uBEyA0fQRypgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjMwMjIwMDkxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNlNTcyMGZjZDZlMmJhZGViYzNlNWU1ZWIyZGM4YWE4M2EzMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzdaYskqceuJl3Ui8C3e9DXUCYL3
G2U7rbbZqIF6D9sERbyeLNjJodfPr2X0xHphSierFN3WpOxP7vHA0e4dQkMZ481H
EMIuJ89E68q7DiWXhtWYSut8o+12/x4cxhSayJwU3ZYCkUjdgsO3bdzCBn2BuPoZ
EqCthHxnYBbg8v8nIsOQL0TB14noj6OIUrLoaygadNH7exa/K5jeAB1Wq0sfaDGK
fnUM80AmzhY6sDX/istAl3wTxre3b/8AvofmTJLhRWAe1P45QAVzdZg6nQ4IEJKW
paMuLDTdHd3i7+VGQBxh2QIEW+bGcbv/dy/0hFVzNgaXdSoWJTpfI6280QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMU+VyD81uK63rw+Xl6y3IqoOjNaMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEveFQ1WElQelc0cnJldkQ1ZVhyTGNpcWc2TTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBhmECMA8E
AgACMAkDBwAgAQZQzAUwDQYJKoZIhvcNAQELBQADggEBAEGoOTQ9x9vk3LD/lSPX
+DxO2nh0DfGTImbwidZX4qGFzOZAu6Ar3+dQUFnr6dLOwFUNfmQrjfT9vTBMx/f0
nhmOty2rySya46eqdHZTb1G4+8RGKDM9HX9BZSN6otyFtV3G61wOYdteLKUIvhMY
fyxR1vX/qaNHZygFJJqFLyqCMYCykreRxCxLEXivY63JnQVrbZYK20uzK+wiSTBA
bxqwtMHEbn5A0APN0vp7Mbl/G6S4bhB+UowHJw05wepTeaxuISuBUvRSWjirYfmH
fLrJeqy9Kg4UNALaUMgVrqRslwDWE5jrqnBrMQnA1XO1de8xfKJPQi2tABFyyAdS
ILg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org