Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/xaC9uRzjp0ZCRKc3sXootYbBupk.roa
File: xaC9uRzjp0ZCRKc3sXootYbBupk.roa (raw, json)
Hash identifier: NL7zrPwnxY8i9ghwjhUq5g1z528MvNpofEej3IUpiE0=
Subject key identifier: C5:A0:BD:B9:1C:E3:A7:46:42:44:A7:37:B1:7A:28:B5:86:C1:BA:99
Certificate issuer: /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial: 01856C1C8A5B8BC304D8B979AB72BDF77AB8
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/xaC9uRzjp0ZCRKc3sXootYbBupk.roa
Signing time: Sun 01 Jan 2023 06:54:47 +0000
ROA not before: Sun 01 Jan 2023 06:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207753
IP address blocks: 195.246.254.0/23 maxlen: 23
195.248.244.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:8a:5b:8b:c3:04:d8:b9:79:ab:72:bd:f7:7a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Validity
Not Before: Jan 1 06:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a0bdb91ce3a7464244a737b17a28b586c1ba99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9e:8c:1f:1d:c5:9a:e5:7c:75:ac:5f:cc:36:
0e:8a:7b:a6:20:0e:98:f7:3c:dd:8f:02:a5:35:7d:
1f:8b:89:b0:69:c3:d5:3b:47:48:97:d3:69:72:a4:
b3:3a:7e:60:6f:f2:f1:19:57:d2:c7:92:48:92:2f:
40:b3:d7:f4:4f:c1:ac:0f:cf:6f:53:bc:27:bb:9a:
76:b4:06:e8:40:7b:51:57:70:c2:d8:ec:1d:eb:52:
4d:27:38:74:e7:da:27:34:0d:69:56:dc:de:67:e4:
13:27:f7:75:da:f9:18:f8:98:c7:54:16:06:89:07:
59:04:d8:3b:01:63:98:43:6b:18:9f:d8:51:be:6c:
ed:1e:27:b7:e4:c4:29:bb:52:69:d4:a6:8e:7a:1a:
8a:71:f4:3f:f4:d1:15:93:e4:ea:02:f2:14:d4:03:
c3:97:47:dc:a4:47:0b:6d:d6:2b:d7:23:8d:3d:c0:
22:4f:10:e2:22:63:e6:90:6a:18:cf:43:6f:03:ee:
af:d7:ab:0a:a6:22:1e:70:53:db:1f:60:06:1a:39:
da:62:33:9d:73:8e:88:04:ae:08:a5:a9:09:a4:ea:
54:57:90:59:3d:cc:18:55:a3:19:95:90:40:dc:15:
e8:85:63:6f:70:bc:91:85:34:25:c6:d3:d2:d8:7b:
e0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A0:BD:B9:1C:E3:A7:46:42:44:A7:37:B1:7A:28:B5:86:C1:BA:99
X509v3 Authority Key Identifier:
keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/xaC9uRzjp0ZCRKc3sXootYbBupk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.254.0/23
195.248.244.0/23
Signature Algorithm: sha256WithRSAEncryption
09:02:8b:ce:98:a3:a9:d0:86:a9:ed:02:fd:4b:26:0f:31:dc:
26:7d:73:3d:c9:3a:aa:a7:fa:49:7e:5d:55:bd:fd:8a:93:8c:
e6:d6:6a:84:0f:c8:b2:db:07:bf:6d:fe:96:5d:e0:85:62:d6:
39:e1:aa:5b:7d:6a:0e:12:ee:0a:04:69:a5:30:c5:3c:51:80:
93:7e:fc:a8:45:a4:dd:12:01:b7:62:ce:19:54:cd:a1:72:11:
f1:ca:d6:5d:2b:9d:13:4d:71:50:c2:2b:95:df:e4:ba:53:9d:
b8:11:b3:63:0e:67:05:02:21:9f:87:b6:34:0d:df:7e:08:e6:
fc:8b:c7:a8:f0:c2:2c:9c:02:f5:82:78:2f:83:62:b1:79:5b:
e1:93:09:90:d9:e7:80:d0:9c:59:71:9e:ab:75:0f:ff:da:16:
7b:a2:ab:d7:87:dd:de:06:84:99:4d:a1:8a:65:24:0a:eb:27:
4b:16:47:e4:0c:1b:40:ec:5a:2f:5a:8b:7c:fc:a1:ae:62:ff:
92:de:8f:3c:a3:f0:fe:4b:86:f0:71:25:7c:94:03:5a:26:94:
15:f8:92:dc:8b:07:88:55:d5:b4:c9:7a:39:18:51:3f:79:7a:
53:4d:37:8a:fe:37:2d:9f:fb:af:e6:36:70:53:23:d0:84:a6:
7c:3d:97:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsHIpbi8ME2Ll5q3K993q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjMwMTAxMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWEwYmRiOTFjZTNhNzQ2NDI0NGE3MzdiMTdhMjhiNTg2YzFiYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp6MHx3FmuV8daxfzDYOinumIA6Y
9zzdjwKlNX0fi4mwacPVO0dIl9NpcqSzOn5gb/LxGVfSx5JIki9As9f0T8GsD89v
U7wnu5p2tAboQHtRV3DC2Owd61JNJzh059onNA1pVtzeZ+QTJ/d12vkY+JjHVBYG
iQdZBNg7AWOYQ2sYn9hRvmztHie35MQpu1Jp1KaOehqKcfQ/9NEVk+TqAvIU1APD
l0fcpEcLbdYr1yONPcAiTxDiImPmkGoYz0NvA+6v16sKpiIecFPbH2AGGjnaYjOd
c46IBK4IpakJpOpUV5BZPcwYVaMZlZBA3BXohWNvcLyRhTQlxtPS2HvgZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMWgvbkc46dGQkSnN7F6KLWGwbqZMB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEveGFDOXVSempwMFpDUktjM3NYb290WWJCdXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw/b+AwQB
w/j0MA0GCSqGSIb3DQEBCwUAA4IBAQAJAovOmKOp0Iap7QL9SyYPMdwmfXM9yTqq
p/pJfl1Vvf2Kk4zm1mqED8iy2we/bf6WXeCFYtY54apbfWoOEu4KBGmlMMU8UYCT
fvyoRaTdEgG3Ys4ZVM2hchHxytZdK50TTXFQwiuV3+S6U524EbNjDmcFAiGfh7Y0
Dd9+COb8i8eo8MIsnAL1gngvg2KxeVvhkwmQ2eeA0JxZcZ6rdQ//2hZ7oqvXh93e
BoSZTaGKZSQK6ydLFkfkDBtA7FovWot8/KGuYv+S3o88o/D+S4bwcSV8lANaJpQV
+JLciweIVdW0yXo5GFE/eXpTTTeK/jctn/uv5jZwUyPQhKZ8PZfw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:19 2024 by rpki-client on console-ams.rpki-client.org