Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f1dfe3-2609-46b8-b03f-da96019d4c20/1/Cxw40NzR34tpacZA87cQWFafZqQ.roa
File: Cxw40NzR34tpacZA87cQWFafZqQ.roa (raw, json)
Hash identifier: HoTOg2hQaL7kIh55VJ86Q4sbB9h7D21XWFvFgJbblp4=
Subject key identifier: 0B:1C:38:D0:DC:D1:DF:8B:69:69:C6:40:F3:B7:10:58:56:9F:66:A4
Certificate issuer: /CN=58a127453dfba17e10c347fa34bbebab14905a57
Certificate serial: 018AAF04518BBD976FBBE02677B77320B309
Authority key identifier: 58:A1:27:45:3D:FB:A1:7E:10:C3:47:FA:34:BB:EB:AB:14:90:5A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKEnRT37oX4Qw0f6NLvrqxSQWlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/f1dfe3-2609-46b8-b03f-da96019d4c20/1/Cxw40NzR34tpacZA87cQWFafZqQ.roa
Signing time: Tue 19 Sep 2023 19:56:50 +0000
ROA not before: Tue 19 Sep 2023 19:56:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204723
IP address blocks: 2001:678:5d0::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:04:51:8b:bd:97:6f:bb:e0:26:77:b7:73:20:b3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58a127453dfba17e10c347fa34bbebab14905a57
Validity
Not Before: Sep 19 19:56:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b1c38d0dcd1df8b6969c640f3b71058569f66a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0a:62:cd:7a:10:f8:ca:80:89:40:55:1b:90:
43:2b:85:c4:6a:5f:61:d6:59:0c:9f:00:a9:33:e8:
db:f2:f9:14:72:66:f3:0f:2d:93:01:44:4f:c9:92:
89:fb:50:1a:96:8a:6c:63:77:bd:47:1f:b9:7b:5c:
ef:f6:8f:28:61:00:e6:63:84:c2:0b:db:e6:5d:e6:
d3:e8:be:2c:fd:48:5c:ef:51:2e:92:bc:b4:d5:d9:
54:fa:6f:c4:ab:fb:aa:9c:61:3d:bd:e3:2d:a2:55:
54:2a:61:3a:0a:b8:a1:cf:c0:5f:bb:d3:5c:37:19:
bf:6f:d7:dc:7e:2e:88:51:e4:3d:90:e4:ec:50:a3:
7e:eb:f2:59:83:21:7c:f3:07:0e:eb:61:75:89:52:
18:1d:f6:d4:bb:6c:de:77:bb:21:1f:5e:f0:f3:b9:
cc:5a:1f:78:ef:08:04:bb:db:aa:a8:2d:8b:c1:0a:
b1:89:0c:13:66:68:44:4a:df:16:b5:68:57:f4:88:
73:78:b5:6e:03:36:b6:38:83:f0:4d:02:66:0c:df:
45:bf:14:66:8c:bb:de:3d:75:b9:50:32:3b:5b:a4:
16:a9:77:13:09:46:15:8a:2d:52:40:da:8a:d8:dc:
9a:a0:26:eb:30:d0:8b:9a:e2:1d:38:c2:00:09:e2:
f0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1C:38:D0:DC:D1:DF:8B:69:69:C6:40:F3:B7:10:58:56:9F:66:A4
X509v3 Authority Key Identifier:
keyid:58:A1:27:45:3D:FB:A1:7E:10:C3:47:FA:34:BB:EB:AB:14:90:5A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKEnRT37oX4Qw0f6NLvrqxSQWlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f1dfe3-2609-46b8-b03f-da96019d4c20/1/Cxw40NzR34tpacZA87cQWFafZqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f1dfe3-2609-46b8-b03f-da96019d4c20/1/WKEnRT37oX4Qw0f6NLvrqxSQWlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5d0::/48
Signature Algorithm: sha256WithRSAEncryption
68:f9:59:fc:df:f2:69:84:31:ca:9b:7a:0d:9b:6b:98:82:3d:
9a:61:ae:d6:55:10:23:00:7f:4c:72:ec:8b:90:95:90:38:71:
bc:a4:08:5c:78:74:65:18:5d:82:5e:e2:bd:00:e0:b1:b1:d7:
76:42:5f:18:06:da:86:91:20:a4:49:b9:c6:e2:b5:43:f0:96:
d5:a9:41:00:6e:e1:80:9f:b1:76:f0:fd:65:b4:a5:6f:49:3a:
44:9f:c3:ee:74:98:9f:ef:20:f2:48:b5:5d:76:bb:09:a1:8f:
18:ee:91:23:1d:df:f8:62:16:6c:c9:55:b3:e3:cd:ee:c2:48:
85:fe:2a:eb:b4:b3:6f:2f:e0:13:52:80:6b:b6:68:bc:ce:b2:
e8:79:1c:44:98:af:17:d0:61:58:15:fa:70:1b:2a:13:4c:f1:
ee:25:ab:6b:76:cc:30:88:8a:e5:e7:bc:2a:dd:7c:09:bd:f5:
31:80:19:c8:b1:f6:c2:7a:19:c2:ce:f0:4a:f6:56:c6:a4:44:
86:0b:20:04:98:93:e4:5c:25:4f:c8:cd:8b:bd:25:d1:ad:a1:
dc:2c:4f:4c:40:d1:62:2f:d6:5f:83:d2:a5:6e:8e:13:66:62:
04:b0:1a:02:a1:db:c8:7a:1f:aa:ed:43:e0:5a:2b:01:65:44:
b9:8d:56:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqvBFGLvZdvu+Amd7dzILMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTEyNzQ1M2RmYmExN2UxMGMzNDdmYTM0YmJlYmFiMTQ5
MDVhNTcwHhcNMjMwOTE5MTk1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjFjMzhkMGRjZDFkZjhiNjk2OWM2NDBmM2I3MTA1ODU2OWY2NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwApizXoQ+MqAiUBVG5BDK4XEal9h
1lkMnwCpM+jb8vkUcmbzDy2TAURPyZKJ+1AalopsY3e9Rx+5e1zv9o8oYQDmY4TC
C9vmXebT6L4s/Uhc71Eukry01dlU+m/Eq/uqnGE9veMtolVUKmE6Crihz8Bfu9Nc
Nxm/b9fcfi6IUeQ9kOTsUKN+6/JZgyF88wcO62F1iVIYHfbUu2zed7shH17w87nM
Wh947wgEu9uqqC2LwQqxiQwTZmhESt8WtWhX9IhzeLVuAza2OIPwTQJmDN9FvxRm
jLvePXW5UDI7W6QWqXcTCUYVii1SQNqK2NyaoCbrMNCLmuIdOMIACeLw/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAscONDc0d+LaWnGQPO3EFhWn2akMB8GA1UdIwQY
MBaAFFihJ0U9+6F+EMNH+jS766sUkFpXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tFblJUMzdvWDRRdzBmNk5MdnJxeFNRV2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mMWRmZTMtMjYwOS00NmI4LWIwM2Yt
ZGE5NjAxOWQ0YzIwLzEvQ3h3NDBOelIzNHRwYWNaQTg3Y1FXRmFmWnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9mMWRmZTMtMjYwOS00NmI4LWIwM2YtZGE5NjAxOWQ0YzIw
LzEvV0tFblJUMzdvWDRRdzBmNk5MdnJxeFNRV2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAXQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBo+Vn83/JphDHKm3oNm2uYgj2aYa7WVRAjAH9M
cuyLkJWQOHG8pAhceHRlGF2CXuK9AOCxsdd2Ql8YBtqGkSCkSbnG4rVD8JbVqUEA
buGAn7F28P1ltKVvSTpEn8PudJif7yDySLVddrsJoY8Y7pEjHd/4YhZsyVWz483u
wkiF/irrtLNvL+ATUoBrtmi8zrLoeRxEmK8X0GFYFfpwGyoTTPHuJatrdswwiIrl
57wq3XwJvfUxgBnIsfbCehnCzvBK9lbGpESGCyAEmJPkXCVPyM2LvSXRraHcLE9M
QNFiL9Zfg9Klbo4TZmIEsBoCodvIeh+q7UPgWisBZUS5jVZM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:39 2024 by rpki-client on console-ams.rpki-client.org