Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XoZTENosNftrJyKEi34NDiSGkpc.roa
File: XoZTENosNftrJyKEi34NDiSGkpc.roa (raw, json)
Hash identifier: yjpEW1uJr92VBA92YdHcD9h8gaOraek8VB4ImTbiD/4=
Subject key identifier: 5E:86:53:10:DA:2C:35:FB:6B:27:22:84:8B:7E:0D:0E:24:86:92:97
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018BEECE9335293DF65321B684629F9D7BE5
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XoZTENosNftrJyKEi34NDiSGkpc.roa
Signing time: Mon 20 Nov 2023 22:16:37 +0000
ROA not before: Mon 20 Nov 2023 22:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16589
IP address blocks: 188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:ce:93:35:29:3d:f6:53:21:b6:84:62:9f:9d:7b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Nov 20 22:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e865310da2c35fb6b2722848b7e0d0e24869297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:23:35:d0:cd:50:b1:ea:f7:4e:ec:27:b8:
a8:82:52:3b:73:1e:1f:5e:c3:66:4a:e2:46:c0:30:
d5:2e:3f:af:68:78:13:f7:af:c3:eb:dc:02:49:2e:
ea:cd:8b:8f:e5:72:77:e6:32:29:d3:e2:2b:75:9f:
2e:4b:63:23:0b:cf:b5:08:32:f9:8a:fc:a7:d1:c0:
4e:41:91:8d:46:2e:22:c7:c0:b9:d4:f7:34:89:8f:
f2:0a:b3:d1:cf:d6:6e:3a:ca:d3:ca:cc:7b:c1:09:
6c:6a:e9:23:f4:a4:0d:f5:af:65:99:be:9e:ff:ae:
99:79:5a:60:41:f2:9c:f8:e7:49:a8:5d:1b:c2:0f:
cf:aa:c8:7a:d4:1c:44:71:10:b8:f2:38:bc:8d:1b:
ef:3c:1d:77:81:67:57:43:81:5e:b0:d1:fe:f0:42:
75:51:a9:f5:59:53:38:f8:7e:54:8d:01:da:a5:6a:
02:60:65:cb:99:fb:80:13:04:5d:d2:9a:b5:18:2b:
13:d3:a7:5c:7a:02:ff:1c:59:65:c0:97:45:1f:14:
5f:0a:8c:66:5b:16:a1:02:df:65:f9:5c:b3:5e:fb:
7e:25:fd:f2:46:ae:39:2a:b6:e4:f0:4e:10:3b:7e:
60:ac:89:b8:34:26:28:ea:7d:47:bb:0e:cc:5d:9d:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:86:53:10:DA:2C:35:FB:6B:27:22:84:8B:7E:0D:0E:24:86:92:97
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XoZTENosNftrJyKEi34NDiSGkpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
Signature Algorithm: sha256WithRSAEncryption
06:53:51:f3:a8:a2:6b:bd:fb:49:92:b0:1e:18:95:a4:11:c3:
e8:a6:1f:38:5b:c0:c3:04:0b:0b:e7:62:d5:fd:38:e2:f2:41:
5c:3a:4a:ff:20:a3:c4:f5:84:11:54:5d:d7:4a:d3:f4:84:9c:
88:b0:2d:93:fd:5e:31:c1:7a:28:8b:09:51:42:10:91:db:dc:
9f:b9:c8:87:c8:0d:60:42:87:f6:b6:bc:02:06:ee:9d:2e:a9:
e3:a2:4f:1a:da:80:c5:76:65:57:c4:e7:8c:e2:b1:2d:ba:b5:
63:95:3b:2b:bb:54:12:6c:f7:c9:4d:5e:a4:51:7d:1c:39:1f:
1e:5e:6a:cf:62:ce:c7:d7:aa:3e:20:d6:46:68:93:a6:a4:ea:
af:30:4c:e9:b7:b0:15:4d:eb:09:44:e5:92:d2:57:06:33:bb:
a5:9d:be:6d:06:65:2c:63:87:65:6b:23:92:4d:da:78:f4:ce:
c1:d6:9e:49:d1:49:01:6e:47:7d:5f:8a:96:7a:93:08:8d:48:
81:56:7c:04:9b:99:9c:25:b4:58:e0:54:77:13:2f:9d:18:21:
bd:fc:ec:e8:e3:b4:19:db:e9:14:62:5e:1b:83:40:68:7e:b1:
d2:63:27:87:82:f2:60:73:2a:42:8c:55:30:f0:75:52:a5:f4:
9f:f0:f4:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvuzpM1KT32UyG2hGKfnXvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMxMTIwMjIxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg2NTMxMGRhMmMzNWZiNmIyNzIyODQ4YjdlMGQwZTI0ODY5Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB0jNdDNULHq907sJ7ioglI7cx4f
XsNmSuJGwDDVLj+vaHgT96/D69wCSS7qzYuP5XJ35jIp0+IrdZ8uS2MjC8+1CDL5
ivyn0cBOQZGNRi4ix8C51Pc0iY/yCrPRz9ZuOsrTysx7wQlsaukj9KQN9a9lmb6e
/66ZeVpgQfKc+OdJqF0bwg/Pqsh61BxEcRC48ji8jRvvPB13gWdXQ4FesNH+8EJ1
Uan1WVM4+H5UjQHapWoCYGXLmfuAEwRd0pq1GCsT06dcegL/HFllwJdFHxRfCoxm
WxahAt9l+VyzXvt+Jf3yRq45Krbk8E4QO35grIm4NCYo6n1Huw7MXZ1b4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6GUxDaLDX7aycihIt+DQ4khpKXMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWG9aVEVOb3NOZnRySnlLRWkzNE5EaVNHa3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGEMA0G
CSqGSIb3DQEBCwUAA4IBAQAGU1HzqKJrvftJkrAeGJWkEcPoph84W8DDBAsL52LV
/Tji8kFcOkr/IKPE9YQRVF3XStP0hJyIsC2T/V4xwXooiwlRQhCR29yfuciHyA1g
Qof2trwCBu6dLqnjok8a2oDFdmVXxOeM4rEturVjlTsru1QSbPfJTV6kUX0cOR8e
XmrPYs7H16o+INZGaJOmpOqvMEzpt7AVTesJROWS0lcGM7ulnb5tBmUsY4dlayOS
Tdp49M7B1p5J0UkBbkd9X4qWepMIjUiBVnwEm5mcJbRY4FR3Ey+dGCG9/Ozo47QZ
2+kUYl4bg0BofrHSYyeHgvJgcypCjFUw8HVSpfSf8PQq
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:08 2024 by rpki-client on console-ams.rpki-client.org