Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/XsJ7zZl6_pdVnaU_g_P2XtGKkTM.roa
File: XsJ7zZl6_pdVnaU_g_P2XtGKkTM.roa (raw, json)
Hash identifier: E5+hCCeeA6UCC+sw93YEyD8jP0Lp9lmyYz9eDkxjv0U=
Subject key identifier: 5E:C2:7B:CD:99:7A:FE:97:55:9D:A5:3F:83:F3:F6:5E:D1:8A:91:33
Certificate issuer: /CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Certificate serial: 018CC94D9302450C50C4BEDA0EC6B224ED8E
Authority key identifier: 12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/XsJ7zZl6_pdVnaU_g_P2XtGKkTM.roa
Signing time: Tue 02 Jan 2024 08:32:33 +0000
ROA not before: Tue 02 Jan 2024 08:32:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47254
IP address blocks: 2a02:d1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Jun 2024 06:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:93:02:45:0c:50:c4:be:da:0e:c6:b2:24:ed:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Validity
Not Before: Jan 2 08:32:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ec27bcd997afe97559da53f83f3f65ed18a9133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:51:2b:5b:fd:4f:43:ca:e4:b7:a3:13:26:02:
cc:97:5e:5e:ff:2c:b2:fb:40:ba:07:46:bb:bd:d9:
46:5c:9c:90:04:02:53:3c:6a:e9:af:a1:b2:d5:cc:
18:47:1f:29:39:f7:d0:da:56:b4:56:ba:b3:4a:8d:
cc:20:82:c9:4d:82:e4:7e:46:d5:dc:04:7e:70:18:
41:f6:29:4d:86:d5:da:ba:08:67:43:e7:7c:68:75:
7d:5a:f9:28:be:a5:85:48:bf:13:97:5c:f1:c5:c5:
2e:f0:15:a4:40:40:d1:26:b5:56:bb:dd:6b:0b:64:
70:df:87:35:af:12:50:14:05:78:bd:20:a8:cc:31:
f4:eb:54:93:ae:b2:90:02:85:53:5b:7f:eb:09:73:
18:c6:93:8b:60:7a:a3:e6:b6:48:78:90:7e:cd:b8:
96:60:48:95:e0:1c:53:c7:29:a3:9d:42:78:39:b2:
6b:c1:28:23:03:fa:45:f9:ff:f5:cd:e7:24:0e:ed:
c5:47:aa:3a:77:79:c4:75:d4:32:b8:e1:31:58:66:
88:ca:58:cc:48:82:38:4e:31:1a:54:ae:f4:3e:0f:
6f:25:2e:ba:ad:e5:02:6b:ad:e6:ec:8c:42:95:c7:
2a:0b:db:46:ea:a3:fe:23:3a:8e:97:58:b2:ae:02:
79:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C2:7B:CD:99:7A:FE:97:55:9D:A5:3F:83:F3:F6:5E:D1:8A:91:33
X509v3 Authority Key Identifier:
keyid:12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/XsJ7zZl6_pdVnaU_g_P2XtGKkTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
64:15:67:70:35:f2:2f:07:22:18:f8:03:14:11:14:b0:9d:e6:
6f:f4:3c:96:e8:e3:78:eb:d5:86:bf:f3:c6:bc:36:4f:a4:e6:
2b:79:66:b9:46:3a:dc:35:af:47:c7:1f:a7:fc:4c:7f:d3:19:
0e:1f:2e:c0:82:40:f7:e8:b9:38:56:05:13:61:bf:4b:fd:98:
b8:80:fa:6c:cc:dd:7d:49:63:af:27:40:fd:c3:30:be:2c:29:
37:a7:8b:d5:1c:c9:1b:ec:dd:0f:b3:8c:76:32:11:ba:1c:25:
6f:59:af:8e:53:92:02:55:16:3f:59:df:2c:f1:66:05:bf:1e:
82:c1:46:dc:be:f7:dd:93:0e:7f:a5:d8:bf:f8:21:a0:33:22:
ca:09:02:e6:71:fb:e3:34:84:a2:2a:f6:c3:1d:b7:8c:16:c2:
87:2b:b9:cf:9d:65:08:c9:95:10:a2:9d:7f:06:8d:03:9e:cb:
a7:fa:25:9c:88:3c:f9:66:cb:a8:a6:75:c2:c9:5e:0c:17:a7:
f5:bf:be:3d:18:2b:d2:38:f4:67:48:2f:5d:01:9c:b4:ec:cd:
60:6a:5c:71:35:6b:38:ef:64:72:d5:f8:b1:9b:37:57:71:7d:
98:67:87:2b:e3:a3:58:3e:ce:06:6b:b9:aa:f6:95:d6:36:24:
c5:5d:5a:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTZMCRQxQxL7aDsayJO2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTMzYTY1MjNlMmVkMGEwYzlhMzZlYThhN2M2ZjBlNzJh
NWRkNjQwHhcNMjQwMTAyMDgzMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMyN2JjZDk5N2FmZTk3NTU5ZGE1M2Y4M2YzZjY1ZWQxOGE5MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ErW/1PQ8rkt6MTJgLMl15e/yyy
+0C6B0a7vdlGXJyQBAJTPGrpr6Gy1cwYRx8pOffQ2la0VrqzSo3MIILJTYLkfkbV
3AR+cBhB9ilNhtXaughnQ+d8aHV9WvkovqWFSL8Tl1zxxcUu8BWkQEDRJrVWu91r
C2Rw34c1rxJQFAV4vSCozDH061STrrKQAoVTW3/rCXMYxpOLYHqj5rZIeJB+zbiW
YEiV4BxTxymjnUJ4ObJrwSgjA/pF+f/1zeckDu3FR6o6d3nEddQyuOExWGaIyljM
SII4TjEaVK70Pg9vJS66reUCa63m7IxClccqC9tG6qP+IzqOl1iyrgJ59QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF7Ce82Zev6XVZ2lP4Pz9l7RipEzMB8GA1UdIwQY
MBaAFBITOmUj4u0KDJo26op8bw5ypd1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2Et
ODI0NzI5YWI0YjlhLzEvWHNKN3pabDZfcGRWbmFVX2dfUDJYdEdLa1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2EtODI0NzI5YWI0Yjlh
LzEvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZBVncDXyLwciGPgDFBEUsJ3mb/Q8lujjeOvVhr/z
xrw2T6TmK3lmuUY63DWvR8cfp/xMf9MZDh8uwIJA9+i5OFYFE2G/S/2YuID6bMzd
fUljrydA/cMwviwpN6eL1RzJG+zdD7OMdjIRuhwlb1mvjlOSAlUWP1nfLPFmBb8e
gsFG3L733ZMOf6XYv/ghoDMiygkC5nH74zSEoir2wx23jBbChyu5z51lCMmVEKKd
fwaNA57Lp/olnIg8+WbLqKZ1wsleDBen9b++PRgr0jj0Z0gvXQGctOzNYGpccTVr
OO9kctX4sZs3V3F9mGeHK+OjWD7OBmu5qvaV1jYkxV1a8Q==
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:14:31 2024 by rpki-client on console-fra.rpki-client.org