Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/xeNuoX1-rgC3AMmwPdQBcyyg4tE.roa
File: xeNuoX1-rgC3AMmwPdQBcyyg4tE.roa (raw, json)
Hash identifier: P6ADyHKPM4e1/BFikNBsurPkjxw0aisg4EGEFcOj/fg=
Subject key identifier: C5:E3:6E:A1:7D:7E:AE:00:B7:00:C9:B0:3D:D4:01:73:2C:A0:E2:D1
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 01856BB7D297336F813B2180B81A983226C4
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/xeNuoX1-rgC3AMmwPdQBcyyg4tE.roa
Signing time: Sun 01 Jan 2023 05:04:47 +0000
ROA not before: Sun 01 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/21 maxlen: 24
2a12:6900::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 11 Apr 2023 09:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:d2:97:33:6f:81:3b:21:80:b8:1a:98:32:26:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Jan 1 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5e36ea17d7eae00b700c9b03dd401732ca0e2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c1:0d:13:d7:e0:db:8c:1d:7e:26:6f:c6:38:
8a:8d:fb:ca:b3:7f:38:59:ab:c7:a4:a8:9f:fa:1c:
fc:4d:63:67:ec:d3:29:2a:e0:ec:37:b1:07:5d:86:
30:e9:b1:bf:69:11:5f:6f:24:22:4c:e9:d8:aa:23:
9a:13:f9:4a:ea:7e:a8:b9:8f:f3:ad:5f:73:a1:17:
dc:10:56:b6:4e:1b:a1:4d:4a:52:8b:05:1d:42:85:
a0:b6:44:1d:02:1d:71:33:a4:10:d3:c8:c7:85:6b:
fa:57:30:7d:0f:ea:f7:ad:3d:44:c4:49:d7:84:ff:
80:14:17:5f:15:cb:61:f9:04:81:d4:c9:a8:e1:84:
2a:85:9b:3e:cd:d4:34:ed:9f:9f:b5:5a:7c:48:ce:
ba:38:74:5f:58:d1:eb:12:84:d9:29:1a:ea:4e:98:
2d:52:e3:e3:fe:2c:76:0f:87:24:6d:1f:c8:58:cc:
e2:d7:91:5c:57:ad:d1:74:be:86:00:b4:fb:b9:03:
b5:c4:5a:88:a5:cb:bf:64:cf:d8:26:a8:7b:05:7a:
33:45:b0:d6:5f:36:92:b1:65:25:83:93:cb:c3:84:
78:8a:fb:f8:92:6e:8f:82:e5:e0:9d:90:13:37:cb:
0b:7b:4a:c8:75:fe:22:ca:f3:04:aa:c1:0d:67:50:
87:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E3:6E:A1:7D:7E:AE:00:B7:00:C9:B0:3D:D4:01:73:2C:A0:E2:D1
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/xeNuoX1-rgC3AMmwPdQBcyyg4tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/21
IPv6:
2a12:6900::/32
Signature Algorithm: sha256WithRSAEncryption
96:72:df:28:25:9d:bb:50:e4:59:d4:dd:13:0f:2f:ac:e6:9b:
af:44:6e:d3:04:cd:7d:27:71:56:e3:83:92:0f:66:f8:ae:17:
a1:a5:dd:87:26:aa:7c:7d:78:08:f4:ab:6b:56:8b:df:2b:ca:
ab:69:78:e8:ce:14:15:bc:a3:f2:34:4b:79:56:7d:e5:33:bd:
dd:34:f8:75:28:fb:41:fe:ea:99:a3:db:88:61:d2:0e:6b:32:
4a:da:34:96:17:5a:54:08:be:98:92:cb:b3:63:9d:0f:65:4e:
6c:af:94:a2:52:b9:3a:79:fb:b6:e0:cb:8e:b4:9d:f2:d3:5a:
f3:ef:0d:6e:01:70:b4:b8:42:3c:2d:d2:d1:0f:68:e1:72:6b:
f2:1f:e1:55:8a:9a:b9:bd:14:74:13:5f:16:62:d9:5b:38:3f:
72:a5:0e:6a:09:ac:51:f1:92:ee:d4:8b:26:32:7b:24:8d:aa:
13:ef:42:b4:56:8d:8e:cf:8f:75:b0:a4:94:80:1e:f6:9d:d2:
c9:d6:19:e2:18:3b:46:cf:fc:89:c5:26:0f:3e:2e:fa:5d:5a:
c3:ef:de:b0:89:73:df:19:d8:31:ee:8f:db:16:3c:21:9d:83:
ce:10:6e:98:2d:78:91:de:18:bc:fe:cd:58:87:50:21:af:4a:
64:2c:6f:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrt9KXM2+BOyGAuBqYMibEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjMwMTAxMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUzNmVhMTdkN2VhZTAwYjcwMGM5YjAzZGQ0MDE3MzJjYTBlMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMENE9fg24wdfiZvxjiKjfvKs384
WavHpKif+hz8TWNn7NMpKuDsN7EHXYYw6bG/aRFfbyQiTOnYqiOaE/lK6n6ouY/z
rV9zoRfcEFa2ThuhTUpSiwUdQoWgtkQdAh1xM6QQ08jHhWv6VzB9D+r3rT1ExEnX
hP+AFBdfFcth+QSB1Mmo4YQqhZs+zdQ07Z+ftVp8SM66OHRfWNHrEoTZKRrqTpgt
UuPj/ix2D4ckbR/IWMzi15FcV63RdL6GALT7uQO1xFqIpcu/ZM/YJqh7BXozRbDW
XzaSsWUlg5PLw4R4ivv4km6PguXgnZATN8sLe0rIdf4iyvMEqsENZ1CHAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMXjbqF9fq4AtwDJsD3UAXMsoOLRMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEveGVOdW9YMS1yZ0MzQU1td1BkUUJjeXlnNHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwHz8AwQD
wRxAMA0EAgACMAcDBQAqEmkAMA0GCSqGSIb3DQEBCwUAA4IBAQCWct8oJZ27UORZ
1N0TDy+s5puvRG7TBM19J3FW44OSD2b4rhehpd2HJqp8fXgI9KtrVovfK8qraXjo
zhQVvKPyNEt5Vn3lM73dNPh1KPtB/uqZo9uIYdIOazJK2jSWF1pUCL6YksuzY50P
ZU5sr5SiUrk6efu24MuOtJ3y01rz7w1uAXC0uEI8LdLRD2jhcmvyH+FVipq5vRR0
E18WYtlbOD9ypQ5qCaxR8ZLu1IsmMnskjaoT70K0Vo2Oz491sKSUgB72ndLJ1hni
GDtGz/yJxSYPPi76XVrD796wiXPfGdgx7o/bFjwhnYPOEG6YLXiR3hi8/s1Yh1Ah
r0pkLG/V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:08 2024 by rpki-client on console-fra.rpki-client.org