Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XxzLyz_U8l8nHRn7J0vwCXum9PM.roa
File: XxzLyz_U8l8nHRn7J0vwCXum9PM.roa (raw, json)
Hash identifier: jT8dZLejiWcmzdUxYb6hWDXlNYahBz91qK/MAWXQ7IE=
Subject key identifier: 5F:1C:CB:CB:3F:D4:F2:5F:27:1D:19:FB:27:4B:F0:09:7B:A6:F4:F3
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 0185719559CF7AA1E55F9CB19A304DDE6B14
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XxzLyz_U8l8nHRn7J0vwCXum9PM.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 719
IP address blocks: 158.233.0.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:59:cf:7a:a1:e5:5f:9c:b1:9a:30:4d:de:6b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1ccbcb3fd4f25f271d19fb274bf0097ba6f4f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:7a:07:6f:1c:54:b4:88:05:9c:92:e9:db:
75:cd:a2:4e:ec:a9:f7:09:87:3a:68:29:70:47:88:
1c:4a:28:58:28:0d:ae:ed:0c:1e:14:60:9b:a9:01:
c8:5a:c6:fd:86:6b:0d:f7:d9:d4:05:1e:d2:47:a8:
b6:2d:22:65:90:2f:7b:96:bd:0b:a3:9f:5d:f0:e7:
b9:dc:e3:9e:35:8a:fa:74:76:43:37:c5:a5:03:46:
35:c3:d4:ce:a3:14:1b:1b:f1:2d:5d:46:50:f5:03:
f1:32:3b:c6:a8:78:2b:39:79:f1:0f:d3:d4:eb:97:
31:36:e1:c9:6f:30:01:37:52:a3:17:d0:62:c5:9f:
b7:cb:71:72:e2:d7:20:1e:9a:38:ed:05:b2:1d:c9:
ce:14:bf:09:69:c2:e1:c6:71:d3:df:b5:71:f8:f8:
3b:16:c1:f5:b2:3c:a5:fe:99:de:a7:49:b7:e1:d0:
3f:35:0d:f2:54:4e:7d:d7:46:8e:49:54:cb:bd:ab:
de:70:15:0d:5e:14:e5:97:d1:88:c7:c9:34:d9:a9:
29:2f:c8:7c:35:19:fa:29:13:15:b9:74:4c:39:5f:
03:1a:ab:3c:f7:29:8d:56:00:db:bb:ee:c7:2d:27:
6e:61:70:51:36:35:05:37:47:31:67:c0:50:2e:f2:
61:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1C:CB:CB:3F:D4:F2:5F:27:1D:19:FB:27:4B:F0:09:7B:A6:F4:F3
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XxzLyz_U8l8nHRn7J0vwCXum9PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.0.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:b4:9f:d4:8f:1d:af:ed:b1:54:8f:37:27:6d:f3:31:19:91:
00:b3:02:49:11:11:3e:18:25:73:0b:b3:71:d5:1a:0d:cd:2f:
9b:68:58:73:61:da:13:40:97:60:dd:48:fa:19:a2:2a:a0:36:
15:fa:3a:0a:9c:0d:a5:19:f2:41:1e:bc:c5:52:b2:b8:62:36:
d0:45:06:f9:5c:56:8a:cd:a4:3f:a7:fc:a0:fc:c4:7f:ba:1a:
b2:c0:33:ce:02:9b:5f:0e:aa:da:86:dc:c6:45:5f:8b:a0:78:
e2:b3:8d:1b:3f:70:b3:97:c1:a1:db:4b:57:f8:a7:1e:a5:3e:
0c:c0:a2:18:a9:0c:d3:25:dc:28:83:ff:f6:5d:52:6b:11:48:
63:38:d6:aa:f8:4b:67:17:08:66:62:89:2c:49:bb:51:d8:bd:
05:95:8c:b8:be:df:cb:1d:82:96:55:81:ff:c3:a2:e6:87:34:
98:71:18:fc:16:95:ab:b6:10:11:2d:25:8b:b2:c9:32:08:1b:
3f:73:3e:dd:9c:ab:05:e0:80:83:0e:96:83:2d:31:15:81:0e:
fe:da:f6:16:ee:85:05:80:7c:59:04:b3:95:39:8c:41:51:9b:
26:fe:7e:be:e3:1a:5c:98:f3:f0:04:07:59:23:d4:9d:39:1d:
8c:8d:6f:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlVnPeqHlX5yxmjBN3msUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFjY2JjYjNmZDRmMjVmMjcxZDE5ZmIyNzRiZjAwOTdiYTZmNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf16B28cVLSIBZyS6dt1zaJO7Kn3
CYc6aClwR4gcSihYKA2u7QweFGCbqQHIWsb9hmsN99nUBR7SR6i2LSJlkC97lr0L
o59d8Oe53OOeNYr6dHZDN8WlA0Y1w9TOoxQbG/EtXUZQ9QPxMjvGqHgrOXnxD9PU
65cxNuHJbzABN1KjF9BixZ+3y3Fy4tcgHpo47QWyHcnOFL8JacLhxnHT37Vx+Pg7
FsH1sjyl/pnep0m34dA/NQ3yVE5910aOSVTLvavecBUNXhTll9GIx8k02akpL8h8
NRn6KRMVuXRMOV8DGqs89ymNVgDbu+7HLSduYXBRNjUFN0cxZ8BQLvJhiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8cy8s/1PJfJx0Z+ydL8Al7pvTzMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvWHh6THl6X1U4bDhuSFJuN0owdndDWHVtOVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnukAMA0G
CSqGSIb3DQEBCwUAA4IBAQAstJ/Ujx2v7bFUjzcnbfMxGZEAswJJERE+GCVzC7Nx
1RoNzS+baFhzYdoTQJdg3Uj6GaIqoDYV+joKnA2lGfJBHrzFUrK4YjbQRQb5XFaK
zaQ/p/yg/MR/uhqywDPOAptfDqrahtzGRV+LoHjis40bP3Czl8Gh20tX+KcepT4M
wKIYqQzTJdwog//2XVJrEUhjONaq+EtnFwhmYoksSbtR2L0FlYy4vt/LHYKWVYH/
w6LmhzSYcRj8FpWrthARLSWLsskyCBs/cz7dnKsF4ICDDpaDLTEVgQ7+2vYW7oUF
gHxZBLOVOYxBUZsm/n6+4xpcmPPwBAdZI9SdOR2MjW+D
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:54 2024 by rpki-client on console-ams.rpki-client.org