Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c5dc73-9be2-4503-8281-4b350eacc86b/1/XKhhoPPCdCOEZP7GRj8lFEAAqnQ.roa
File: XKhhoPPCdCOEZP7GRj8lFEAAqnQ.roa (raw, json)
Hash identifier: CvkYI/e1P8zaOkI1/8ogNAdK5IkPiuV8zHyFAjgc8rE=
Subject key identifier: 5C:A8:61:A0:F3:C2:74:23:84:64:FE:C6:46:3F:25:14:40:00:AA:74
Certificate issuer: /CN=2fcf619ccecf836f56a72010e82fb7dd240402f9
Certificate serial: 018AA71CFF9128E6DA3AB9695EBBD8E24CF5
Authority key identifier: 2F:CF:61:9C:CE:CF:83:6F:56:A7:20:10:E8:2F:B7:DD:24:04:02:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L89hnM7Pg29WpyAQ6C-33SQEAvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/c5dc73-9be2-4503-8281-4b350eacc86b/1/XKhhoPPCdCOEZP7GRj8lFEAAqnQ.roa
Signing time: Mon 18 Sep 2023 07:06:50 +0000
ROA not before: Mon 18 Sep 2023 07:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209095
IP address blocks: 5.182.136.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:1c:ff:91:28:e6:da:3a:b9:69:5e:bb:d8:e2:4c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fcf619ccecf836f56a72010e82fb7dd240402f9
Validity
Not Before: Sep 18 07:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca861a0f3c274238464fec6463f25144000aa74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3a:ae:b4:9c:e6:6a:1c:eb:b5:1e:f2:da:9b:
4c:c1:07:92:33:6c:f4:e1:e8:73:d8:70:78:01:39:
c6:60:96:82:fd:d9:46:63:6d:32:68:47:8a:03:a8:
a1:3b:16:d3:42:ff:33:b1:e3:1f:a1:2e:34:4e:f7:
20:dc:e8:a0:9f:4f:2b:75:d4:f9:94:61:89:55:4b:
17:93:19:a0:27:66:c6:4d:f2:df:99:3d:ce:34:28:
ff:91:45:14:3d:e6:22:5c:27:7d:3c:1d:80:80:77:
d0:f4:62:26:95:9b:79:b9:39:89:95:b8:20:d2:6a:
86:5c:95:3c:5c:eb:95:12:f0:15:6f:43:f2:5b:f8:
b9:cb:3f:63:c9:95:16:13:43:e4:29:80:68:90:ae:
77:dd:06:d9:49:62:73:dc:a7:95:34:0a:e4:f9:99:
0c:8d:d3:5f:d2:0f:e6:8a:c3:1b:3e:31:67:08:c4:
33:5b:8d:1d:f2:f0:1c:3a:a8:fc:87:05:a4:28:51:
c6:46:3d:2b:89:49:55:b5:0c:c7:5a:c6:e5:4f:e4:
02:ce:40:38:4c:92:f0:ff:d2:53:41:d5:ed:bc:e2:
1e:3f:58:e6:92:ab:b7:08:20:a0:24:ea:30:ed:15:
04:09:16:3e:08:6a:2b:54:93:eb:31:2b:b6:66:9d:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A8:61:A0:F3:C2:74:23:84:64:FE:C6:46:3F:25:14:40:00:AA:74
X509v3 Authority Key Identifier:
keyid:2F:CF:61:9C:CE:CF:83:6F:56:A7:20:10:E8:2F:B7:DD:24:04:02:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L89hnM7Pg29WpyAQ6C-33SQEAvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c5dc73-9be2-4503-8281-4b350eacc86b/1/XKhhoPPCdCOEZP7GRj8lFEAAqnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c5dc73-9be2-4503-8281-4b350eacc86b/1/L89hnM7Pg29WpyAQ6C-33SQEAvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.136.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:e7:28:d1:96:d4:fc:66:a6:94:35:a7:dd:eb:97:10:52:36:
25:2e:b9:64:40:19:6a:b9:26:66:e2:e1:ed:68:64:c2:9a:9d:
ea:6c:fb:c1:fb:bf:38:2e:88:a9:64:91:75:13:b0:2d:f3:8e:
aa:78:f2:79:8c:2c:72:10:38:25:30:93:61:58:18:d5:60:8a:
f8:9f:da:cc:e2:fe:0d:5f:dc:2e:80:3f:21:f1:01:8d:fa:54:
4c:58:79:d9:8a:01:c3:cb:c4:48:af:4c:77:92:30:8d:c6:15:
2d:97:d2:5d:3c:00:41:2c:b2:a4:39:11:d2:6c:11:5b:07:6d:
39:f3:30:82:c2:6d:36:10:71:bd:7a:0b:d8:d6:43:b9:90:9a:
93:fd:db:a2:06:27:90:7d:f6:4c:a3:47:ae:c2:2f:51:d1:3d:
af:aa:7d:65:87:7a:10:81:65:36:1b:36:04:c7:6b:80:62:2c:
54:cf:3c:96:0d:88:7a:e3:f9:03:9e:a5:34:6e:97:a0:e4:ed:
0c:d2:17:a8:6f:3c:44:fd:c1:d6:a6:f7:df:1e:c9:95:5a:c2:
ad:e9:37:fa:e5:24:af:d5:5e:00:aa:62:34:3b:f5:a1:dc:69:
6a:c9:ba:d4:60:aa:e8:ef:3a:cb:3e:6c:6a:ec:95:83:39:41:
d4:27:6f:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqnHP+RKObaOrlpXrvY4kz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2Y2MTljY2VjZjgzNmY1NmE3MjAxMGU4MmZiN2RkMjQw
NDAyZjkwHhcNMjMwOTE4MDcwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E4NjFhMGYzYzI3NDIzODQ2NGZlYzY0NjNmMjUxNDQwMDBhYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDqutJzmahzrtR7y2ptMwQeSM2z0
4ehz2HB4ATnGYJaC/dlGY20yaEeKA6ihOxbTQv8zseMfoS40Tvcg3Oign08rddT5
lGGJVUsXkxmgJ2bGTfLfmT3ONCj/kUUUPeYiXCd9PB2AgHfQ9GImlZt5uTmJlbgg
0mqGXJU8XOuVEvAVb0PyW/i5yz9jyZUWE0PkKYBokK533QbZSWJz3KeVNArk+ZkM
jdNf0g/misMbPjFnCMQzW40d8vAcOqj8hwWkKFHGRj0riUlVtQzHWsblT+QCzkA4
TJLw/9JTQdXtvOIeP1jmkqu3CCCgJOow7RUECRY+CGorVJPrMSu2Zp2LBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyoYaDzwnQjhGT+xkY/JRRAAKp0MB8GA1UdIwQY
MBaAFC/PYZzOz4NvVqcgEOgvt90kBAL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDg5aG5NN1BnMjlXcHlBUTZDLTMzU1FFQXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jNWRjNzMtOWJlMi00NTAzLTgyODEt
NGIzNTBlYWNjODZiLzEvWEtoaG9QUENkQ09FWlA3R1JqOGxGRUFBcW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9jNWRjNzMtOWJlMi00NTAzLTgyODEtNGIzNTBlYWNjODZi
LzEvTDg5aG5NN1BnMjlXcHlBUTZDLTMzU1FFQXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbaIMA0G
CSqGSIb3DQEBCwUAA4IBAQCb5yjRltT8ZqaUNafd65cQUjYlLrlkQBlquSZm4uHt
aGTCmp3qbPvB+784LoipZJF1E7At846qePJ5jCxyEDglMJNhWBjVYIr4n9rM4v4N
X9wugD8h8QGN+lRMWHnZigHDy8RIr0x3kjCNxhUtl9JdPABBLLKkORHSbBFbB205
8zCCwm02EHG9egvY1kO5kJqT/duiBieQffZMo0euwi9R0T2vqn1lh3oQgWU2GzYE
x2uAYixUzzyWDYh64/kDnqU0bpeg5O0M0heobzxE/cHWpvffHsmVWsKt6Tf65SSv
1V4AqmI0O/Wh3GlqybrUYKro7zrLPmxq7JWDOUHUJ2/h
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:07 2024 by rpki-client on console-ams.rpki-client.org