Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3ef386-0571-460e-8991-996a623b633e/1/XRVlzfDYsUighUYQlqJKrTd-UFo.roa
File: XRVlzfDYsUighUYQlqJKrTd-UFo.roa (raw, json)
Hash identifier: IVzfoEe2O+LftBv8Q9O2Go2jDZJ5APqAsLVbXtYt6fc=
Subject key identifier: 5D:15:65:CD:F0:D8:B1:48:A0:85:46:10:96:A2:4A:AD:37:7E:50:5A
Certificate issuer: /CN=1d4c6078a5941c5cb157d5f2957cb314d7ed1bed
Certificate serial: 01857C2543B42894899A02FBD8DA5ACF8E72
Authority key identifier: 1D:4C:60:78:A5:94:1C:5C:B1:57:D5:F2:95:7C:B3:14:D7:ED:1B:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUxgeKWUHFyxV9XylXyzFNftG-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/3ef386-0571-460e-8991-996a623b633e/1/XRVlzfDYsUighUYQlqJKrTd-UFo.roa
Signing time: Wed 04 Jan 2023 09:38:14 +0000
ROA not before: Wed 04 Jan 2023 09:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210425
IP address blocks: 194.60.144.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:25:43:b4:28:94:89:9a:02:fb:d8:da:5a:cf:8e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d4c6078a5941c5cb157d5f2957cb314d7ed1bed
Validity
Not Before: Jan 4 09:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d1565cdf0d8b148a085461096a24aad377e505a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6d:7b:61:1b:74:89:d9:f7:cb:31:3a:30:5c:
f5:e7:43:dc:70:78:1a:ec:82:cf:2b:c8:60:ae:1a:
b2:2e:9d:cc:38:92:e6:84:c0:d6:51:c8:fe:84:ca:
fa:3c:67:3b:7c:3d:66:15:7b:8b:25:64:9b:6a:0c:
e8:0e:77:4f:6a:0a:bb:de:95:f7:a9:9b:d8:9b:ce:
dc:cc:b5:09:37:e1:ed:60:fb:a5:08:4e:7c:9d:3b:
de:63:36:2a:71:80:64:54:94:6f:92:55:b0:c1:45:
9f:12:92:88:85:1a:cf:16:a0:a0:be:23:09:bd:70:
f2:60:de:56:a6:18:61:71:ee:c0:b8:32:ac:24:1b:
07:3c:c7:15:63:6f:ac:82:f0:e5:4c:72:a9:0c:18:
49:49:32:34:da:fa:61:50:68:e0:65:73:65:2c:0c:
9f:ea:1c:7b:01:45:6d:89:86:9c:83:7a:b5:d9:44:
18:b1:0c:89:43:f3:0a:68:5c:3d:82:2a:e2:03:49:
e3:eb:c2:1c:fa:a3:bb:6a:a5:9f:0d:30:5d:03:5f:
22:31:14:48:3b:89:03:69:d3:ce:17:48:3c:10:52:
bd:ad:e3:36:99:e2:d1:2c:53:31:2b:c8:c3:41:a3:
60:fb:b7:ed:39:c3:e2:09:be:80:7a:e7:d8:7a:11:
86:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:15:65:CD:F0:D8:B1:48:A0:85:46:10:96:A2:4A:AD:37:7E:50:5A
X509v3 Authority Key Identifier:
keyid:1D:4C:60:78:A5:94:1C:5C:B1:57:D5:F2:95:7C:B3:14:D7:ED:1B:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUxgeKWUHFyxV9XylXyzFNftG-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3ef386-0571-460e-8991-996a623b633e/1/XRVlzfDYsUighUYQlqJKrTd-UFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3ef386-0571-460e-8991-996a623b633e/1/HUxgeKWUHFyxV9XylXyzFNftG-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.144.0/20
Signature Algorithm: sha256WithRSAEncryption
94:6e:b2:a9:83:6c:35:21:e4:e8:4e:12:94:e2:82:9a:c8:57:
e0:53:29:41:dc:ad:72:01:c8:6a:e2:05:18:40:15:c7:c3:7c:
27:81:b5:cc:16:76:8f:7c:84:30:ed:f6:6e:4d:cd:69:6c:6f:
62:d5:72:a1:62:ba:eb:be:cc:81:85:9b:61:57:98:fd:ae:1f:
e6:91:06:3f:56:20:7b:4a:56:be:77:1f:f6:a3:60:08:1b:c3:
3a:dd:bd:aa:de:e2:87:79:60:37:cd:ca:3d:42:12:4c:cf:33:
2a:c3:b7:d5:e9:d1:58:63:02:d9:a3:71:75:af:ab:96:e2:03:
0e:f1:b2:89:f4:a1:2c:3b:29:74:d2:75:25:3c:7a:d2:08:d6:
9f:d2:46:85:67:01:b0:f3:74:46:92:cb:ba:aa:4d:ef:24:3a:
37:55:b5:68:c2:df:7f:25:75:9d:ac:ef:a2:15:63:81:e1:f0:
a0:63:f6:c9:dd:e3:74:ce:81:7f:de:3a:11:f2:ec:01:df:1c:
05:af:bf:07:59:ae:f9:a2:eb:8a:10:9e:22:94:f7:fe:c1:71:
b4:9a:58:20:73:40:98:6a:ec:b6:c4:2d:e4:38:9e:a3:e7:75:
23:5f:66:0a:fc:4e:28:86:ca:15:b6:8f:28:ab:2f:15:b3:c3:
8a:0b:37:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV8JUO0KJSJmgL72Npaz45yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNGM2MDc4YTU5NDFjNWNiMTU3ZDVmMjk1N2NiMzE0ZDdl
ZDFiZWQwHhcNMjMwMTA0MDkzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE1NjVjZGYwZDhiMTQ4YTA4NTQ2MTA5NmEyNGFhZDM3N2U1MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm17YRt0idn3yzE6MFz150PccHga
7ILPK8hgrhqyLp3MOJLmhMDWUcj+hMr6PGc7fD1mFXuLJWSbagzoDndPagq73pX3
qZvYm87czLUJN+HtYPulCE58nTveYzYqcYBkVJRvklWwwUWfEpKIhRrPFqCgviMJ
vXDyYN5Wphhhce7AuDKsJBsHPMcVY2+sgvDlTHKpDBhJSTI02vphUGjgZXNlLAyf
6hx7AUVtiYacg3q12UQYsQyJQ/MKaFw9giriA0nj68Ic+qO7aqWfDTBdA18iMRRI
O4kDadPOF0g8EFK9reM2meLRLFMxK8jDQaNg+7ftOcPiCb6AeufYehGGXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0VZc3w2LFIoIVGEJaiSq03flBaMB8GA1UdIwQY
MBaAFB1MYHillBxcsVfV8pV8sxTX7RvtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFV4Z2VLV1VIRnl4VjlYeWxYeXpGTmZ0Ry0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zZWYzODYtMDU3MS00NjBlLTg5OTEt
OTk2YTYyM2I2MzNlLzEvWFJWbHpmRFlzVWlnaFVZUWxxSktyVGQtVUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zZWYzODYtMDU3MS00NjBlLTg5OTEtOTk2YTYyM2I2MzNl
LzEvSFV4Z2VLV1VIRnl4VjlYeWxYeXpGTmZ0Ry0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwjyQMA0G
CSqGSIb3DQEBCwUAA4IBAQCUbrKpg2w1IeToThKU4oKayFfgUylB3K1yAchq4gUY
QBXHw3wngbXMFnaPfIQw7fZuTc1pbG9i1XKhYrrrvsyBhZthV5j9rh/mkQY/ViB7
Sla+dx/2o2AIG8M63b2q3uKHeWA3zco9QhJMzzMqw7fV6dFYYwLZo3F1r6uW4gMO
8bKJ9KEsOyl00nUlPHrSCNaf0kaFZwGw83RGksu6qk3vJDo3VbVowt9/JXWdrO+i
FWOB4fCgY/bJ3eN0zoF/3joR8uwB3xwFr78HWa75ouuKEJ4ilPf+wXG0mlggc0CY
auy2xC3kOJ6j53UjX2YK/E4ohsoVto8oqy8Vs8OKCzeM
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:37 2024 by rpki-client on console-ams.rpki-client.org