Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xq8Kr9BFXqNveIMxCTrVfVjlMoY.roa
File: xq8Kr9BFXqNveIMxCTrVfVjlMoY.roa (raw, json)
Hash identifier: xMMrbXINQYbC3IXpCQ3I+dad0zrWwrXgPOV1Vyjn45E=
Subject key identifier: C6:AF:0A:AF:D0:45:5E:A3:6F:78:83:31:09:3A:D5:7D:58:E5:32:86
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B1EF63D236930AF4E5F029A6281AA4A1C
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xq8Kr9BFXqNveIMxCTrVfVjlMoY.roa
Signing time: Wed 11 Oct 2023 13:38:55 +0000
ROA not before: Wed 11 Oct 2023 13:38:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54252
IP address blocks: 89.46.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 11:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:f6:3d:23:69:30:af:4e:5f:02:9a:62:81:aa:4a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 11 13:38:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6af0aafd0455ea36f788331093ad57d58e53286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:b0:b8:2c:64:ac:fe:ab:f5:81:52:d9:33:
e4:43:86:a2:39:4b:ec:ce:77:70:0a:70:41:cd:cd:
15:97:d9:bc:81:c9:94:90:a7:11:42:f3:ef:50:80:
7d:92:b7:01:b9:ff:4b:15:7e:e6:97:9a:e7:12:80:
23:34:13:ff:71:27:10:7f:f6:02:d3:f4:5f:0a:32:
28:3c:15:70:01:d4:06:b8:6c:43:e0:7a:59:08:c4:
64:16:dc:1b:34:4b:70:34:19:0c:49:67:2e:fe:44:
a6:a6:00:96:12:84:31:73:93:6d:ab:2d:0a:0a:d2:
f5:40:af:f2:4a:ba:8c:5b:2f:32:8c:84:15:50:0b:
32:7c:b2:45:31:0f:b8:b9:06:5c:f6:93:07:62:39:
b9:f6:1a:17:6f:bb:90:51:fc:24:14:5e:7c:b6:35:
f6:b0:38:19:18:f0:cb:38:75:d1:d7:3f:3a:d5:98:
89:56:74:31:03:70:df:76:2a:08:14:2d:f4:c4:59:
d3:2e:f3:c1:51:c9:79:3d:aa:3f:cc:46:9b:34:85:
87:a2:57:06:d1:26:2d:18:97:02:7b:45:49:1b:22:
0f:9b:d4:7c:6f:f8:a0:6a:5d:c2:f7:c6:f9:92:48:
51:78:36:0c:0d:14:bf:97:81:f0:aa:4f:c0:58:dd:
50:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AF:0A:AF:D0:45:5E:A3:6F:78:83:31:09:3A:D5:7D:58:E5:32:86
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xq8Kr9BFXqNveIMxCTrVfVjlMoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
Signature Algorithm: sha256WithRSAEncryption
89:42:08:b0:72:ee:59:de:51:5e:d5:f6:59:c4:29:07:e0:4b:
47:52:64:a1:6c:b0:69:d7:95:b4:68:be:9d:1d:1d:cb:b8:fa:
c5:61:8f:ca:07:92:d9:43:d9:d7:d1:2a:bb:19:54:92:ff:68:
4f:88:2c:44:21:6a:59:7d:24:a0:a1:c9:cd:29:37:04:67:f6:
bc:43:cd:40:0b:0d:f2:a8:20:7e:cd:8f:61:8f:07:0c:4b:53:
be:fb:a2:a5:dc:5f:b4:a5:3a:97:e7:90:21:0e:27:af:83:41:
4e:68:0c:d0:76:b5:e3:3d:63:ba:14:58:4b:f5:b0:79:2b:f3:
ad:80:14:43:55:73:3a:ab:c2:0f:d3:94:28:ae:3e:07:5e:f4:
ef:d5:e1:72:c5:41:d7:2b:44:2e:73:a2:23:d5:78:d3:1d:b6:
2c:af:1b:d1:88:35:fc:c8:8c:e3:3a:1d:50:ed:bf:1a:07:f8:
d2:8f:aa:7c:ed:1f:a9:7c:83:58:aa:eb:ae:b5:45:bc:2c:0e:
a3:31:22:6c:22:ea:e7:5b:75:b6:ba:a6:30:f8:9f:35:d7:84:
75:e1:56:62:fd:7a:2c:cc:42:de:4c:27:12:25:d4:3f:3c:08:
31:cb:86:cf:05:c0:53:38:ae:0c:2e:c4:9c:ea:4b:5c:34:cd:
96:c5:3f:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYse9j0jaTCvTl8CmmKBqkocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDExMTMzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFmMGFhZmQwNDU1ZWEzNmY3ODgzMzEwOTNhZDU3ZDU4ZTUzMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS2wuCxkrP6r9YFS2TPkQ4aiOUvs
zndwCnBBzc0Vl9m8gcmUkKcRQvPvUIB9krcBuf9LFX7ml5rnEoAjNBP/cScQf/YC
0/RfCjIoPBVwAdQGuGxD4HpZCMRkFtwbNEtwNBkMSWcu/kSmpgCWEoQxc5Ntqy0K
CtL1QK/ySrqMWy8yjIQVUAsyfLJFMQ+4uQZc9pMHYjm59hoXb7uQUfwkFF58tjX2
sDgZGPDLOHXR1z861ZiJVnQxA3DfdioIFC30xFnTLvPBUcl5Pao/zEabNIWHolcG
0SYtGJcCe0VJGyIPm9R8b/igal3C98b5kkhReDYMDRS/l4Hwqk/AWN1QbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMavCq/QRV6jb3iDMQk61X1Y5TKGMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEveHE4S3I5QkZYcU52ZUlNeENUclZmVmpsTW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS4KMA0G
CSqGSIb3DQEBCwUAA4IBAQCJQgiwcu5Z3lFe1fZZxCkH4EtHUmShbLBp15W0aL6d
HR3LuPrFYY/KB5LZQ9nX0Sq7GVSS/2hPiCxEIWpZfSSgocnNKTcEZ/a8Q81ACw3y
qCB+zY9hjwcMS1O++6Kl3F+0pTqX55AhDievg0FOaAzQdrXjPWO6FFhL9bB5K/Ot
gBRDVXM6q8IP05Qorj4HXvTv1eFyxUHXK0Quc6Ij1XjTHbYsrxvRiDX8yIzjOh1Q
7b8aB/jSj6p87R+pfINYquuutUW8LA6jMSJsIurnW3W2uqYw+J8114R14VZi/Xos
zELeTCcSJdQ/PAgxy4bPBcBTOK4MLsSc6ktcNM2WxT9C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org