Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XPZVE8-kofG3C_pvYVwD8LyXBho.roa
File: XPZVE8-kofG3C_pvYVwD8LyXBho.roa (raw, json)
Hash identifier: juB1XhNpuT73SNYYsCqjvkrYmEuJVQXTHsqE+WM8eVs=
Subject key identifier: 5C:F6:55:13:CF:A4:A1:F1:B7:0B:FA:6F:61:5C:03:F0:BC:97:06:1A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709533039658DB09F123009AA47E8ABA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XPZVE8-kofG3C_pvYVwD8LyXBho.roa
Signing time: Mon 02 Jan 2023 03:45:04 +0000
ROA not before: Mon 02 Jan 2023 03:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47231
IP address blocks: 146.120.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:33:03:96:58:db:09:f1:23:00:9a:a4:7e:8a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf65513cfa4a1f1b70bfa6f615c03f0bc97061a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:2a:6f:b1:e1:b3:01:6b:3a:9d:71:54:2a:
21:7a:7e:50:5c:19:25:b4:9b:7c:f0:fe:b7:45:c6:
bf:21:56:55:3e:a3:6c:8c:94:a7:dd:d8:7f:1a:ce:
04:d4:a5:08:c0:68:ee:28:8b:94:be:34:93:2a:33:
61:9b:4a:66:7a:d4:34:61:f4:1b:64:39:c7:0c:19:
48:c4:36:a7:7d:a8:e2:0b:34:2f:99:58:d0:7d:e9:
46:9c:7e:29:60:e8:40:a5:c1:e5:37:51:e7:2a:13:
28:61:8f:e3:30:69:6e:6e:0e:ba:30:c2:3d:cd:6f:
ce:18:dd:6a:a1:91:df:6e:b1:66:0b:e0:67:19:ae:
89:e2:b9:ad:a1:c2:d8:86:38:a6:53:e0:61:1e:cd:
26:c2:e6:ae:b6:e1:fb:60:db:de:dd:fa:4c:9d:d2:
21:fd:ec:05:58:90:82:c8:44:3e:8a:25:63:ee:7e:
1b:ba:e6:80:82:d1:e8:01:f6:73:1c:ef:d0:df:44:
44:2d:bb:07:01:9f:5f:7b:69:58:96:86:c0:40:90:
b6:16:8d:23:42:7f:bb:85:6c:fe:2e:78:26:7a:45:
84:4c:27:fb:d1:b7:90:f3:f0:80:55:df:d6:7d:5e:
5e:9a:f3:12:17:07:38:61:70:fd:89:fb:b0:6d:03:
3e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F6:55:13:CF:A4:A1:F1:B7:0B:FA:6F:61:5C:03:F0:BC:97:06:1A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XPZVE8-kofG3C_pvYVwD8LyXBho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.221.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c3:f1:fe:17:57:56:0a:f9:2e:06:d2:0a:b2:dc:f6:ff:0b:
8c:ef:63:83:12:b7:3c:ff:1e:1d:55:27:5f:81:ea:f5:ba:7a:
63:39:47:c4:a2:f1:96:d8:6a:44:e9:e8:a0:b2:8b:55:74:22:
c9:ce:31:c1:84:cf:53:21:06:be:79:c0:e3:a4:70:23:c7:18:
08:06:82:e5:f9:95:14:65:f8:0c:f6:20:54:d0:38:d5:51:e5:
c5:a2:a9:14:9e:c5:59:8f:c1:a9:fd:38:41:1d:1e:57:b1:3e:
1b:3b:8c:f3:bb:5b:6c:fc:c1:59:3a:a4:78:08:7f:b8:02:86:
ac:11:89:2f:45:2f:62:fc:7f:1d:58:ae:7a:08:40:c7:0c:03:
4b:75:5e:f0:86:1b:ac:5d:ff:72:9a:8f:2f:bd:a6:69:98:0b:
06:e5:ac:12:99:cd:63:a0:28:94:dd:68:7b:40:89:20:06:d9:
86:ae:da:27:59:e8:59:85:d3:97:b7:26:78:cd:84:69:66:84:
2a:e8:5a:b7:e0:ee:df:f7:9e:8a:8a:d1:28:7f:c4:30:4e:39:
43:2c:e9:7c:09:a5:b5:20:03:46:5d:8c:f1:ca:b2:2c:78:f7:
5f:51:82:f0:90:87:10:5a:9d:a6:14:b0:0f:99:44:54:a3:6c:
96:21:82:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTMDlljbCfEjAJqkfoq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y2NTUxM2NmYTRhMWYxYjcwYmZhNmY2MTVjMDNmMGJjOTcwNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnYqb7HhswFrOp1xVCohen5QXBkl
tJt88P63Rca/IVZVPqNsjJSn3dh/Gs4E1KUIwGjuKIuUvjSTKjNhm0pmetQ0YfQb
ZDnHDBlIxDanfajiCzQvmVjQfelGnH4pYOhApcHlN1HnKhMoYY/jMGlubg66MMI9
zW/OGN1qoZHfbrFmC+BnGa6J4rmtocLYhjimU+BhHs0mwuautuH7YNve3fpMndIh
/ewFWJCCyEQ+iiVj7n4buuaAgtHoAfZzHO/Q30RELbsHAZ9fe2lYlobAQJC2Fo0j
Qn+7hWz+LngmekWETCf70beQ8/CAVd/WfV5emvMSFwc4YXD9ifuwbQM+kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFz2VRPPpKHxtwv6b2FcA/C8lwYaMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWFBaVkU4LWtvZkczQ19wdllWd0Q4THlYQmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjdMA0G
CSqGSIb3DQEBCwUAA4IBAQAbw/H+F1dWCvkuBtIKstz2/wuM72ODErc8/x4dVSdf
ger1unpjOUfEovGW2GpE6eigsotVdCLJzjHBhM9TIQa+ecDjpHAjxxgIBoLl+ZUU
ZfgM9iBU0DjVUeXFoqkUnsVZj8Gp/ThBHR5XsT4bO4zzu1ts/MFZOqR4CH+4Aoas
EYkvRS9i/H8dWK56CEDHDANLdV7whhusXf9ymo8vvaZpmAsG5awSmc1joCiU3Wh7
QIkgBtmGrtonWehZhdOXtyZ4zYRpZoQq6Fq34O7f956KitEof8QwTjlDLOl8CaW1
IANGXYzxyrIsePdfUYLwkIcQWp2mFLAPmURUo2yWIYKy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:37 2024 by rpki-client on console-fra.rpki-client.org