Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/xaAedMxuw_mD_9TMQLSyWpaRDLc.roa
File: xaAedMxuw_mD_9TMQLSyWpaRDLc.roa (raw, json)
Hash identifier: eDgwciV8AFdUOVruxSdN9NqLzXQapfIWiRUR1gkuEtY=
Subject key identifier: C5:A0:1E:74:CC:6E:C3:F9:83:FF:D4:CC:40:B4:B2:5A:96:91:0C:B7
Certificate issuer: /CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Certificate serial: 0185724C764FCF47942C8075CA61E9B25747
Authority key identifier: 11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/xaAedMxuw_mD_9TMQLSyWpaRDLc.roa
Signing time: Mon 02 Jan 2023 11:44:51 +0000
ROA not before: Mon 02 Jan 2023 11:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5598
IP address blocks: 176.101.97.144/28 maxlen: 28
176.101.97.128/28 maxlen: 28
176.101.96.0/19 maxlen: 19
176.101.96.96/27 maxlen: 27
176.101.104.0/23 maxlen: 23
176.101.102.0/23 maxlen: 23
176.101.110.0/24 maxlen: 24
176.101.106.0/23 maxlen: 23
176.101.108.0/23 maxlen: 23
176.101.125.0/24 maxlen: 24
176.101.127.0/24 maxlen: 24
176.101.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:76:4f:cf:47:94:2c:80:75:ca:61:e9:b2:57:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Validity
Not Before: Jan 2 11:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a01e74cc6ec3f983ffd4cc40b4b25a96910cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:5f:a1:2c:d1:61:37:84:fd:82:ac:66:53:
20:9d:cf:5a:87:91:48:fc:2b:6f:70:71:43:bc:c9:
42:56:f7:ef:8c:77:99:51:33:c6:69:b2:08:74:2f:
f8:85:d9:1d:cf:39:e1:08:1d:79:4b:15:ea:6f:c4:
0e:d3:a1:d6:a1:3e:bc:a1:b5:22:3c:5a:3c:08:09:
e4:fe:cf:e4:36:9e:fb:ee:87:5a:de:1a:63:3e:2a:
1c:f0:da:7c:b4:43:b8:0a:cf:10:b4:7d:c1:4f:9c:
1e:7f:50:08:0e:00:78:ff:1b:f5:94:92:bc:cb:24:
6f:35:1d:35:d4:2c:66:28:3e:d7:45:16:e4:9e:79:
f8:fd:97:03:02:c3:1c:79:48:1e:19:bf:02:c1:e7:
9e:88:3d:07:99:68:e0:ff:f9:ca:80:e5:7c:07:63:
2a:b1:d1:46:48:31:57:87:41:2d:f4:40:f1:fd:4e:
47:7f:ac:82:bc:d2:dc:6c:16:0c:98:3a:7c:f6:cd:
5c:02:1c:58:5b:e9:be:82:4c:1c:63:29:c0:49:08:
56:1f:9f:30:4c:14:8e:42:12:35:6a:db:57:6b:c9:
24:7f:ed:40:ae:29:a6:2c:e4:0b:f3:c5:46:10:24:
25:04:eb:f6:fb:54:c0:b7:98:73:31:9d:38:46:8e:
3e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A0:1E:74:CC:6E:C3:F9:83:FF:D4:CC:40:B4:B2:5A:96:91:0C:B7
X509v3 Authority Key Identifier:
keyid:11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/xaAedMxuw_mD_9TMQLSyWpaRDLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/EdGfiLDcG4kCVNuUqbYgRta-eUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:a3:38:08:5d:c0:09:b4:8b:15:82:22:05:67:7c:d2:50:23:
50:89:3d:5b:9d:e8:90:37:fe:1a:77:d3:b2:7a:af:91:b8:22:
c9:8c:28:f7:71:08:f2:29:f3:cc:be:cf:d9:cc:a8:08:ff:99:
0a:48:d2:11:ca:00:98:5f:af:ee:0b:2e:52:d9:25:7d:a6:9f:
d1:fd:6d:ae:34:ca:8e:55:c1:20:9f:2b:c9:43:0b:81:8a:61:
3a:6d:8b:2e:79:5e:ec:ba:44:05:2a:66:f4:79:5b:ab:16:29:
a9:0d:02:a7:e3:13:0b:4e:ce:81:f7:20:75:c3:b9:81:59:f9:
a1:e4:ae:d5:21:2f:cf:66:1c:83:82:89:c8:37:16:84:a0:71:
c5:86:e3:6f:e0:4a:8d:0d:fe:31:39:98:45:ab:86:3d:88:ed:
ae:be:19:69:e7:89:41:03:97:40:90:ed:49:82:d6:ef:5a:e4:
03:50:ed:58:41:68:70:18:06:ca:02:78:ed:07:51:20:c7:7d:
34:69:01:c8:ee:a6:98:b1:fe:e9:40:84:36:41:81:a2:86:66:
82:c3:e9:59:38:b8:e2:11:1d:ce:83:61:6d:68:3f:1a:da:f3:
9d:6e:54:bf:31:7c:30:24:bb:34:9f:d1:af:dc:5d:57:df:77:
7c:a3:cc:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTHZPz0eULIB1ymHpsldHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5Zjg4YjBkYzFiODkwMjU0ZGI5NGE5YjYyMDQ2ZDZi
ZTc5NGIwHhcNMjMwMTAyMTE0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWEwMWU3NGNjNmVjM2Y5ODNmZmQ0Y2M0MGI0YjI1YTk2OTEwY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoThfoSzRYTeE/YKsZlMgnc9ah5FI
/CtvcHFDvMlCVvfvjHeZUTPGabIIdC/4hdkdzznhCB15SxXqb8QO06HWoT68obUi
PFo8CAnk/s/kNp777oda3hpjPioc8Np8tEO4Cs8QtH3BT5wef1AIDgB4/xv1lJK8
yyRvNR011CxmKD7XRRbknnn4/ZcDAsMceUgeGb8CweeeiD0HmWjg//nKgOV8B2Mq
sdFGSDFXh0Et9EDx/U5Hf6yCvNLcbBYMmDp89s1cAhxYW+m+gkwcYynASQhWH58w
TBSOQhI1attXa8kkf+1ArimmLOQL88VGECQlBOv2+1TAt5hzMZ04Ro4+IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWgHnTMbsP5g//UzEC0slqWkQy3MB8GA1UdIwQY
MBaAFBHRn4iw3BuJAlTblKm2IEbWvnlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQt
NDhiNDk1NWYwNjAwLzEveGFBZWRNeHV3X21EXzlUTVFMU3lXcGFSRExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQtNDhiNDk1NWYwNjAw
LzEvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGVgMA0G
CSqGSIb3DQEBCwUAA4IBAQCyozgIXcAJtIsVgiIFZ3zSUCNQiT1bneiQN/4ad9Oy
eq+RuCLJjCj3cQjyKfPMvs/ZzKgI/5kKSNIRygCYX6/uCy5S2SV9pp/R/W2uNMqO
VcEgnyvJQwuBimE6bYsueV7sukQFKmb0eVurFimpDQKn4xMLTs6B9yB1w7mBWfmh
5K7VIS/PZhyDgonINxaEoHHFhuNv4EqNDf4xOZhFq4Y9iO2uvhlp54lBA5dAkO1J
gtbvWuQDUO1YQWhwGAbKAnjtB1Egx300aQHI7qaYsf7pQIQ2QYGihmaCw+lZOLji
ER3Og2FtaD8a2vOdblS/MXwwJLs0n9Gv3F1X33d8o8wo
-----END CERTIFICATE-----
Generated at Wed Aug 16 09:59:26 2023 by rpki-client on console-ams.rpki-client.org