Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/xJTqHJN_5sNwJdtqKM-pjxlmzg8.roa
File: xJTqHJN_5sNwJdtqKM-pjxlmzg8.roa (raw, json)
Hash identifier: 9gBXci2TtIlgpBArccfigtRHMQcY1OBIG/nR10BBiSw=
Subject key identifier: C4:94:EA:1C:93:7F:E6:C3:70:25:DB:6A:28:CF:A9:8F:19:66:CE:0F
Certificate issuer: /CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Certificate serial: 018B6B4052E2B6F9DE90751244BB56AE1E36
Authority key identifier: 6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/xJTqHJN_5sNwJdtqKM-pjxlmzg8.roa
Signing time: Thu 26 Oct 2023 09:10:59 +0000
ROA not before: Thu 26 Oct 2023 09:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211190
IP address blocks: 176.97.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:40:52:e2:b6:f9:de:90:75:12:44:bb:56:ae:1e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Validity
Not Before: Oct 26 09:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c494ea1c937fe6c37025db6a28cfa98f1966ce0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:aa:7d:90:86:36:3d:03:56:4e:b3:48:18:88:
81:39:d9:3d:6f:ea:6d:34:f2:f1:8d:a6:73:80:77:
22:4f:53:6d:38:4d:20:75:db:ee:d4:4a:23:9a:d9:
0d:4b:de:c3:c2:94:c7:32:a0:91:54:79:43:eb:91:
e3:3f:b5:46:dc:df:1a:88:35:67:cf:d2:31:29:08:
e0:35:dd:de:7c:82:76:cb:26:0f:75:4f:e1:2b:67:
f0:d8:16:f5:db:97:2d:d7:45:79:8f:4b:47:39:30:
b7:d3:5e:29:17:59:8f:be:aa:76:91:18:13:35:1c:
76:81:46:ee:74:18:89:ec:ba:2f:74:24:23:d1:3b:
14:54:83:2d:fc:56:ea:55:63:de:92:4f:de:ba:4a:
46:0c:8e:9c:f3:9d:8f:44:6e:45:f5:81:bd:8d:b4:
e3:75:06:39:72:bd:50:98:75:e6:7a:6f:30:20:98:
df:98:a8:9b:27:66:b9:84:df:41:00:6c:3d:22:31:
b4:de:32:17:d9:ec:f9:b2:12:2e:0e:ef:79:d8:69:
53:0f:53:a0:dc:60:f0:67:88:54:f9:bc:d1:c0:d4:
73:b5:93:a6:92:0d:e3:2e:26:62:e3:15:cf:e0:81:
e2:22:97:59:17:f6:6c:3f:45:54:1c:3f:91:c0:81:
de:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:94:EA:1C:93:7F:E6:C3:70:25:DB:6A:28:CF:A9:8F:19:66:CE:0F
X509v3 Authority Key Identifier:
keyid:6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/xJTqHJN_5sNwJdtqKM-pjxlmzg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/a6oFxvj5v9cOPUH-Bbr8UNElO_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.221.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c0:52:3f:0b:e4:46:b4:cf:96:d2:32:b8:89:60:86:94:e8:
bc:5b:bc:45:6b:2d:1a:9c:04:e7:3b:1c:e7:63:f7:12:06:8a:
69:50:c3:ac:eb:23:56:eb:3d:8c:2e:d4:d1:96:4d:e0:7b:65:
0b:8a:5a:62:ac:c1:b9:eb:e2:6b:47:ad:87:6c:42:b4:69:d5:
5f:c1:76:a2:d1:b5:f1:03:27:f0:29:44:5e:cd:a3:95:a0:2e:
f3:ef:2f:97:0a:ba:4a:eb:b3:7c:e7:73:18:94:e1:86:5b:50:
67:d2:12:ee:42:08:c0:55:81:27:8d:ef:a8:07:1e:26:29:69:
23:50:dc:e6:4f:27:1b:b1:9e:86:58:68:33:52:a3:a0:79:44:
d3:56:c2:86:6f:37:23:65:43:30:8e:89:75:00:ee:73:0b:f7:
57:85:0b:48:ff:a6:72:e4:04:d8:76:54:ff:e4:a5:4c:15:5d:
20:f7:c9:c9:ac:82:66:90:75:69:f3:4f:e2:21:1e:eb:12:a6:
af:61:46:05:36:29:82:6b:2f:04:3c:68:60:50:d9:4f:f6:7c:
ff:e1:e2:01:77:80:73:d6:97:c9:fb:2e:e8:a9:90:d4:e6:53:
2a:1c:e5:bd:65:20:59:2e:a1:dc:90:f9:78:9a:e3:b1:20:f2:
4f:d1:58:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtrQFLitvnekHUSRLtWrh42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYWEwNWM2ZjhmOWJmZDcwZTNkNDFmZTA1YmFmYzUwZDEy
NTNiZjUwHhcNMjMxMDI2MDkxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk0ZWExYzkzN2ZlNmMzNzAyNWRiNmEyOGNmYTk4ZjE5NjZjZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKp9kIY2PQNWTrNIGIiBOdk9b+pt
NPLxjaZzgHciT1NtOE0gddvu1EojmtkNS97DwpTHMqCRVHlD65HjP7VG3N8aiDVn
z9IxKQjgNd3efIJ2yyYPdU/hK2fw2Bb125ct10V5j0tHOTC3014pF1mPvqp2kRgT
NRx2gUbudBiJ7LovdCQj0TsUVIMt/FbqVWPekk/eukpGDI6c852PRG5F9YG9jbTj
dQY5cr1QmHXmem8wIJjfmKibJ2a5hN9BAGw9IjG03jIX2ez5shIuDu952GlTD1Og
3GDwZ4hU+bzRwNRztZOmkg3jLiZi4xXP4IHiIpdZF/ZsP0VUHD+RwIHeeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSU6hyTf+bDcCXbaijPqY8ZZs4PMB8GA1UdIwQY
MBaAFGuqBcb4+b/XDj1B/gW6/FDRJTv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYt
ZjMyMTFkOTE1MjBkLzEveEpUcUhKTl81c053SmR0cUtNLXBqeGxtemc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYtZjMyMTFkOTE1MjBk
LzEvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHdMA0G
CSqGSIb3DQEBCwUAA4IBAQBlwFI/C+RGtM+W0jK4iWCGlOi8W7xFay0anATnOxzn
Y/cSBoppUMOs6yNW6z2MLtTRlk3ge2ULilpirMG56+JrR62HbEK0adVfwXai0bXx
AyfwKURezaOVoC7z7y+XCrpK67N853MYlOGGW1Bn0hLuQgjAVYEnje+oBx4mKWkj
UNzmTycbsZ6GWGgzUqOgeUTTVsKGbzcjZUMwjol1AO5zC/dXhQtI/6Zy5ATYdlT/
5KVMFV0g98nJrIJmkHVp80/iIR7rEqavYUYFNimCay8EPGhgUNlP9nz/4eIBd4Bz
1pfJ+y7oqZDU5lMqHOW9ZSBZLqHckPl4muOxIPJP0VjY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:50 2024 by rpki-client on console-fra.rpki-client.org