Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/XXkQG0SeZfFi9od_hAemz1kQmTE.roa
File: XXkQG0SeZfFi9od_hAemz1kQmTE.roa (raw, json)
Hash identifier: 6VtnkmNDEZRIcRLamVt6pN63aQAjVKVHqdoy+pVg/pc=
Subject key identifier: 5D:79:10:1B:44:9E:65:F1:62:F6:87:7F:84:07:A6:CF:59:10:99:31
Certificate issuer: /CN=747aae5d24b0c97a42031f3510a14e2f95bbd838
Certificate serial: 0189B60799C086C835313F2F0CA22E0F6917
Authority key identifier: 74:7A:AE:5D:24:B0:C9:7A:42:03:1F:35:10:A1:4E:2F:95:BB:D8:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHquXSSwyXpCAx81EKFOL5W72Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/XXkQG0SeZfFi9od_hAemz1kQmTE.roa
Signing time: Wed 02 Aug 2023 11:34:58 +0000
ROA not before: Wed 02 Aug 2023 11:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51395
IP address blocks: 185.78.124.0/22 maxlen: 22
2a05:6a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:07:99:c0:86:c8:35:31:3f:2f:0c:a2:2e:0f:69:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=747aae5d24b0c97a42031f3510a14e2f95bbd838
Validity
Not Before: Aug 2 11:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d79101b449e65f162f6877f8407a6cf59109931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:40:c2:c2:78:5f:f7:b6:c0:9f:31:87:be:
53:d0:eb:bf:f0:34:ee:ce:8c:d4:5a:d2:2b:6c:93:
e1:57:9f:6a:63:ca:ac:d0:94:32:d0:ad:5a:0d:c5:
b7:8f:1c:cd:74:3a:8f:fb:6a:b1:c5:10:21:c2:fa:
7a:7d:6e:b0:5b:dc:4c:a2:2f:5c:19:9b:5a:f1:3c:
bb:48:7a:32:66:66:b6:9b:09:f4:64:5d:d6:7b:31:
4b:20:74:f1:50:7b:7f:b5:27:37:1a:b8:bd:32:72:
8d:26:a1:d4:01:a3:c8:0d:e4:94:72:c1:41:f1:7c:
56:49:ad:25:3e:cd:a5:f9:81:f4:b3:51:0f:28:fa:
bf:28:97:28:a6:0a:97:22:e6:62:c9:85:3d:9a:27:
ac:08:b2:6c:32:37:d2:f1:6b:06:09:95:00:c4:e5:
14:04:2b:06:c9:58:6d:50:4c:9e:80:cc:b6:09:9c:
a2:f6:58:ea:7e:47:cd:0e:61:be:9d:75:d2:7a:a1:
34:f7:63:37:3d:05:e1:82:55:a5:ce:96:1a:99:4e:
6f:08:a2:2e:6f:00:27:04:01:5a:5e:51:41:83:df:
30:25:38:9f:7e:8a:23:e4:68:be:6e:7a:c9:a0:c8:
2b:68:a3:4e:0b:73:42:3e:01:8c:c6:2e:fd:00:32:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:79:10:1B:44:9E:65:F1:62:F6:87:7F:84:07:A6:CF:59:10:99:31
X509v3 Authority Key Identifier:
keyid:74:7A:AE:5D:24:B0:C9:7A:42:03:1F:35:10:A1:4E:2F:95:BB:D8:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHquXSSwyXpCAx81EKFOL5W72Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/XXkQG0SeZfFi9od_hAemz1kQmTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/dHquXSSwyXpCAx81EKFOL5W72Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.124.0/22
IPv6:
2a05:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
a0:6d:d5:fa:41:1c:c2:02:76:46:bf:45:24:8e:8e:0b:f5:6f:
2b:6a:50:a6:9f:aa:8a:21:70:39:2e:30:78:3d:26:38:a9:ea:
6e:9b:bf:8f:04:ce:f5:3b:16:3f:8f:c5:0a:01:c3:34:9e:e7:
8c:c3:4f:18:eb:2e:bf:dc:ab:96:04:69:a0:64:1f:e9:86:b9:
c6:49:f4:eb:35:c0:37:9b:82:a2:88:36:5c:6e:11:d6:07:8c:
b1:20:fa:f3:4e:a9:fa:3f:54:71:e2:d9:a4:eb:98:bf:ea:94:
f5:ce:32:ba:e5:57:62:c4:b5:f3:97:d3:cb:04:8f:0b:0b:6e:
d6:3a:b2:0a:a6:9c:04:03:08:92:2c:83:85:81:e9:d7:f9:62:
5f:96:9c:89:75:35:32:2a:46:69:1d:39:15:75:a2:19:72:b4:
e9:f9:2f:55:58:dd:0c:98:c6:81:9d:85:6a:2a:24:12:bf:85:
68:43:47:47:63:cb:e3:cb:8c:19:79:a2:5e:99:00:4c:fb:54:
50:d3:06:3c:b3:2e:73:51:08:ae:53:ab:95:51:cf:44:6f:fb:
23:82:a9:f7:84:6f:ab:c7:3c:84:13:60:7f:3b:36:4d:77:45:
0f:7b:2d:d1:7b:4d:2e:cf:61:48:17:fd:f0:36:93:97:c0:fd:
f5:b8:64:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYm2B5nAhsg1MT8vDKIuD2kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0N2FhZTVkMjRiMGM5N2E0MjAzMWYzNTEwYTE0ZTJmOTVi
YmQ4MzgwHhcNMjMwODAyMTEzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc5MTAxYjQ0OWU2NWYxNjJmNjg3N2Y4NDA3YTZjZjU5MTA5OTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqRAwsJ4X/e2wJ8xh75T0Ou/8DTu
zozUWtIrbJPhV59qY8qs0JQy0K1aDcW3jxzNdDqP+2qxxRAhwvp6fW6wW9xMoi9c
GZta8Ty7SHoyZma2mwn0ZF3WezFLIHTxUHt/tSc3Gri9MnKNJqHUAaPIDeSUcsFB
8XxWSa0lPs2l+YH0s1EPKPq/KJcopgqXIuZiyYU9miesCLJsMjfS8WsGCZUAxOUU
BCsGyVhtUEyegMy2CZyi9ljqfkfNDmG+nXXSeqE092M3PQXhglWlzpYamU5vCKIu
bwAnBAFaXlFBg98wJTiffooj5Gi+bnrJoMgraKNOC3NCPgGMxi79ADJYNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF15EBtEnmXxYvaHf4QHps9ZEJkxMB8GA1UdIwQY
MBaAFHR6rl0ksMl6QgMfNRChTi+Vu9g4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhxdVhTU3d5WHBDQXg4MUVLRk9MNVc3MkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mNDFmYmYtNGU4ZC00YWFhLTlkYjEt
NjI2YmJmZWUwYjMxLzEvWFhrUUcwU2VaZkZpOW9kX2hBZW16MWtRbVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mNDFmYmYtNGU4ZC00YWFhLTlkYjEtNjI2YmJmZWUwYjMx
LzEvZEhxdVhTU3d5WHBDQXg4MUVLRk9MNVc3MkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU58MA0E
AgACMAcDBQMqBWoAMA0GCSqGSIb3DQEBCwUAA4IBAQCgbdX6QRzCAnZGv0Ukjo4L
9W8ralCmn6qKIXA5LjB4PSY4qepum7+PBM71OxY/j8UKAcM0nueMw08Y6y6/3KuW
BGmgZB/phrnGSfTrNcA3m4KiiDZcbhHWB4yxIPrzTqn6P1Rx4tmk65i/6pT1zjK6
5VdixLXzl9PLBI8LC27WOrIKppwEAwiSLIOFgenX+WJflpyJdTUyKkZpHTkVdaIZ
crTp+S9VWN0MmMaBnYVqKiQSv4VoQ0dHY8vjy4wZeaJemQBM+1RQ0wY8sy5zUQiu
U6uVUc9Eb/sjgqn3hG+rxzyEE2B/OzZNd0UPey3Re00uz2FIF/3wNpOXwP31uGT3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:27 2024 by rpki-client on console-ams.rpki-client.org