Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/XcGNgsJTojbk5qBcKBFPACby8uo.roa
File: XcGNgsJTojbk5qBcKBFPACby8uo.roa (raw, json)
Hash identifier: EjNyBri+NYMv/AlhoKB4H3LJ3McM4RHCWCF1cI+i+yY=
Subject key identifier: 5D:C1:8D:82:C2:53:A2:36:E4:E6:A0:5C:28:11:4F:00:26:F2:F2:EA
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 01856F42A787CFA5A22864671E7500C8A6DD
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/XcGNgsJTojbk5qBcKBFPACby8uo.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206241
IP address blocks: 212.87.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a7:87:cf:a5:a2:28:64:67:1e:75:00:c8:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dc18d82c253a236e4e6a05c28114f0026f2f2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:f3:15:59:fa:1a:36:14:d1:3a:24:ad:0b:
e0:2e:30:07:4e:59:18:46:cc:db:53:d3:9a:65:9d:
12:20:41:4b:b6:04:6d:cc:32:56:14:6c:b5:94:ae:
bd:07:12:bf:ee:b5:34:77:4e:6e:77:fb:f2:1d:77:
38:37:23:b6:b7:1b:63:c6:dc:fd:77:f7:5b:24:c8:
a9:3f:be:18:65:86:84:a0:78:46:58:50:5b:29:29:
29:76:98:91:71:45:58:ca:08:b0:6c:e4:e9:13:3a:
be:0e:58:17:44:ab:99:7c:9f:ba:82:e3:83:65:74:
d5:b2:ea:82:6d:2c:b7:7f:61:42:83:ab:d2:f7:40:
5f:fc:c4:bc:5f:7d:cf:dc:65:7f:45:7f:ed:3d:57:
2b:4c:88:6f:9c:6b:ac:01:7d:3e:f2:03:1c:dd:4f:
92:2a:d0:a8:84:a2:81:d4:a8:94:86:c8:8c:41:f8:
f3:39:56:c9:75:fb:7e:2e:06:c6:1e:f3:f6:9e:97:
a4:6e:1f:f0:d4:a8:40:76:24:cb:f3:58:58:b3:32:
92:e1:64:98:2f:7b:62:49:66:55:7d:3b:9a:2f:50:
9e:62:b5:ec:b4:04:c4:62:d4:ed:5d:e0:a5:53:8d:
63:ed:49:cc:46:54:37:d3:88:f6:10:b6:0a:b4:19:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C1:8D:82:C2:53:A2:36:E4:E6:A0:5C:28:11:4F:00:26:F2:F2:EA
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/XcGNgsJTojbk5qBcKBFPACby8uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.254.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:d7:19:3a:74:bb:21:e9:06:46:aa:c7:4a:b7:c6:ca:82:39:
c3:33:05:27:5e:9f:27:8b:5f:a9:20:c9:7d:4e:25:4a:23:6b:
28:70:c7:b2:c9:1e:77:88:52:4d:cf:87:94:d4:b9:39:65:c1:
f3:55:c9:5f:2a:a2:03:a8:23:f4:29:fb:56:c5:8e:e6:68:f4:
62:2b:a0:0d:36:82:82:f3:1b:d9:c6:d8:4a:cc:fd:05:c2:16:
52:5b:dc:70:77:95:32:b4:1a:dd:68:9b:17:e7:d3:58:14:11:
c9:cf:1f:80:cf:6a:4a:1c:e1:5a:7a:b5:11:0a:09:bb:10:e9:
08:fb:26:f9:10:58:f7:e1:f6:b5:ef:11:ca:3f:68:c8:ee:0e:
fd:8b:4b:7b:85:bb:88:8b:44:e8:a9:f4:8c:26:57:7b:9f:05:
d5:a1:ef:4f:27:8d:fb:97:2c:bf:2f:ff:cc:35:88:5e:11:27:
70:38:84:3c:3e:6b:8f:63:1e:17:2c:f9:cc:7b:ed:73:3f:ce:
b7:a8:7d:ab:b3:d5:46:52:e2:09:fc:66:a3:81:3c:8e:d2:5e:
53:4d:71:6e:d9:82:6c:a7:79:16:30:3f:92:31:71:30:b3:a7:
b0:d6:cf:98:49:83:1c:7a:90:97:be:97:1b:33:b4:57:16:84:
16:81:2c:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqeHz6WiKGRnHnUAyKbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGMxOGQ4MmMyNTNhMjM2ZTRlNmEwNWMyODExNGYwMDI2ZjJmMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmLzFVn6GjYU0TokrQvgLjAHTlkY
RszbU9OaZZ0SIEFLtgRtzDJWFGy1lK69BxK/7rU0d05ud/vyHXc4NyO2txtjxtz9
d/dbJMipP74YZYaEoHhGWFBbKSkpdpiRcUVYygiwbOTpEzq+DlgXRKuZfJ+6guOD
ZXTVsuqCbSy3f2FCg6vS90Bf/MS8X33P3GV/RX/tPVcrTIhvnGusAX0+8gMc3U+S
KtCohKKB1KiUhsiMQfjzOVbJdft+LgbGHvP2npekbh/w1KhAdiTL81hYszKS4WSY
L3tiSWZVfTuaL1CeYrXstATEYtTtXeClU41j7UnMRlQ304j2ELYKtBmGAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3BjYLCU6I25OagXCgRTwAm8vLqMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvWGNHTmdzSlRvamJrNXFCY0tCRlBBQ2J5OHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Ff+MA0G
CSqGSIb3DQEBCwUAA4IBAQAP1xk6dLsh6QZGqsdKt8bKgjnDMwUnXp8ni1+pIMl9
TiVKI2socMeyyR53iFJNz4eU1Lk5ZcHzVclfKqIDqCP0KftWxY7maPRiK6ANNoKC
8xvZxthKzP0FwhZSW9xwd5UytBrdaJsX59NYFBHJzx+Az2pKHOFaerURCgm7EOkI
+yb5EFj34fa17xHKP2jI7g79i0t7hbuIi0ToqfSMJld7nwXVoe9PJ437lyy/L//M
NYheESdwOIQ8PmuPYx4XLPnMe+1zP863qH2rs9VGUuIJ/GajgTyO0l5TTXFu2YJs
p3kWMD+SMXEws6ew1s+YSYMcepCXvpcbM7RXFoQWgSzm
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:09 2024 by rpki-client on console-ams.rpki-client.org