Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/XJuji1fN7ehrysZYAYEAPEJoz64.roa
File: XJuji1fN7ehrysZYAYEAPEJoz64.roa (raw, json)
Hash identifier: HRBF/qCUJuoh/rZV8stqFOn384b+6c/enZCQul+nhuA=
Subject key identifier: 5C:9B:A3:8B:57:CD:ED:E8:6B:CA:C6:58:01:81:00:3C:42:68:CF:AE
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01895D985836CC1402147C6FEEDA2135CE07
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/XJuji1fN7ehrysZYAYEAPEJoz64.roa
Signing time: Sun 16 Jul 2023 07:26:52 +0000
ROA not before: Sun 16 Jul 2023 07:26:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
2a06:d1c1:e::/48 maxlen: 48
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c1:a::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0:f761::/48 maxlen: 48
2a06:d1c0:a761::/48 maxlen: 48
2a06:d1c0:deac::/48 maxlen: 48
2a06:d1c0::/29 maxlen: 29
2a06:d1c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Nov 2023 16:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5d:98:58:36:cc:14:02:14:7c:6f:ee:da:21:35:ce:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jul 16 07:26:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9ba38b57cdede86bcac6580181003c4268cfae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:6e:c2:9f:9f:cf:e8:04:0c:68:99:16:44:
12:82:d7:d7:28:a6:ad:3f:56:f0:e8:d9:e3:81:28:
8d:9d:3c:e4:e3:e1:af:fd:02:52:34:8e:86:d1:8b:
0d:6c:66:0c:be:75:de:1e:1b:cd:15:f8:88:69:6f:
30:7a:29:d2:95:8c:48:28:be:f2:02:8c:52:f0:f4:
cc:59:20:e4:99:30:53:d6:6a:7a:b3:91:ee:67:cd:
1a:36:44:f5:ae:20:e7:e7:44:b4:09:e1:2d:dd:6f:
5b:7a:28:ab:84:11:73:9d:1a:44:6b:d5:c0:d6:b0:
8b:c2:3a:bc:24:94:1d:62:54:06:9a:5a:35:ad:8b:
85:52:7a:f7:2a:7d:b3:bd:b8:54:4a:d5:8d:7f:33:
a4:b6:85:8e:0d:42:ad:fa:a6:08:b7:a1:87:c1:a1:
ab:fe:a1:71:05:b3:08:fd:cb:0d:4c:d0:a2:06:12:
cb:ba:44:29:2f:6d:e3:d4:9f:92:24:b8:3d:d5:af:
85:46:09:d5:86:b7:58:95:58:0f:72:21:62:12:e6:
53:23:81:3b:e3:d1:ba:1e:04:1a:e9:ed:48:ae:e1:
af:ad:73:3e:14:e8:7b:d2:4b:1c:af:94:84:cb:01:
f3:78:d4:1e:d5:ad:e5:3b:6f:5f:8f:45:4d:84:c6:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9B:A3:8B:57:CD:ED:E8:6B:CA:C6:58:01:81:00:3C:42:68:CF:AE
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/XJuji1fN7ehrysZYAYEAPEJoz64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:06:a3:61:00:f7:10:69:e5:01:f7:71:1c:8e:0d:1e:09:90:
51:a5:77:28:f8:2d:c5:aa:16:48:0f:63:f7:05:fa:55:de:f1:
d5:fc:0f:d2:b8:f6:d2:6f:c4:7c:0a:de:9d:7f:af:cd:7d:15:
da:2d:53:e5:45:1f:c4:08:df:54:66:f9:95:cc:bc:3c:b0:97:
d9:94:45:5c:49:66:82:9b:65:8b:30:eb:61:e7:8d:ae:02:69:
9a:90:ba:9e:64:a6:61:fe:fd:96:69:21:2c:fe:11:6d:2f:d6:
80:b4:d2:46:5f:54:9f:49:cb:21:20:48:06:bd:8e:c0:45:d1:
34:43:84:93:0d:90:41:33:57:2f:eb:97:03:8c:b4:09:90:51:
d4:90:a2:04:58:5a:d6:9f:06:4c:8f:62:51:21:1f:09:05:0b:
5c:ff:69:ba:65:45:b9:8f:19:83:94:d3:15:b0:26:ab:02:1d:
32:f9:b1:01:bd:7a:d5:61:e4:85:93:80:41:78:10:ca:94:fb:
2e:61:de:08:d6:c9:3c:11:01:a4:d5:a1:3e:d2:66:29:fe:1d:
4f:76:84:e1:b9:71:fc:38:9e:37:8b:f5:f6:57:e7:f4:bb:1d:
0f:e5:6d:71:31:ef:35:b9:22:3e:27:88:41:2a:fa:ad:f1:f9:
53:6a:4d:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYldmFg2zBQCFHxv7tohNc4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjMwNzE2MDcyNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzliYTM4YjU3Y2RlZGU4NmJjYWM2NTgwMTgxMDAzYzQyNjhjZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL1uwp+fz+gEDGiZFkQSgtfXKKat
P1bw6NnjgSiNnTzk4+Gv/QJSNI6G0YsNbGYMvnXeHhvNFfiIaW8weinSlYxIKL7y
AoxS8PTMWSDkmTBT1mp6s5HuZ80aNkT1riDn50S0CeEt3W9beiirhBFznRpEa9XA
1rCLwjq8JJQdYlQGmlo1rYuFUnr3Kn2zvbhUStWNfzOktoWODUKt+qYIt6GHwaGr
/qFxBbMI/csNTNCiBhLLukQpL23j1J+SJLg91a+FRgnVhrdYlVgPciFiEuZTI4E7
49G6HgQa6e1IruGvrXM+FOh70kscr5SEywHzeNQe1a3lO29fj0VNhMZftwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFybo4tXze3oa8rGWAGBADxCaM+uMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvWEp1amkxZk43ZWhyeXNaWUFZRUFQRUpvejY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQBMBqNhAPcQaeUB
93Ecjg0eCZBRpXco+C3FqhZID2P3BfpV3vHV/A/SuPbSb8R8Ct6df6/NfRXaLVPl
RR/ECN9UZvmVzLw8sJfZlEVcSWaCm2WLMOth542uAmmakLqeZKZh/v2WaSEs/hFt
L9aAtNJGX1SfScshIEgGvY7ARdE0Q4STDZBBM1cv65cDjLQJkFHUkKIEWFrWnwZM
j2JRIR8JBQtc/2m6ZUW5jxmDlNMVsCarAh0y+bEBvXrVYeSFk4BBeBDKlPsuYd4I
1sk8EQGk1aE+0mYp/h1PdoThuXH8OJ43i/X2V+f0ux0P5W1xMe81uSI+J4hBKvqt
8flTak07
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:36 2024 by rpki-client on console-fra.rpki-client.org