Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XyJ70r9gZ7Pz2m7ngHpoTHHCzLg.roa
File: XyJ70r9gZ7Pz2m7ngHpoTHHCzLg.roa (raw, json)
Hash identifier: VLN24MkvBPIM9sH4rN3k0dz5f/K9g96lR8iUfnpk6Q8=
Subject key identifier: 5F:22:7B:D2:BF:60:67:B3:F3:DA:6E:E7:80:7A:68:4C:71:C2:CC:B8
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018E50C5350B0F8CE90544C0F0EAD918696C
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XyJ70r9gZ7Pz2m7ngHpoTHHCzLg.roa
Signing time: Mon 18 Mar 2024 08:54:45 +0000
ROA not before: Mon 18 Mar 2024 08:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205663
IP address blocks: 212.16.86.0/24 maxlen: 24
212.16.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 17:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:c5:35:0b:0f:8c:e9:05:44:c0:f0:ea:d9:18:69:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Mar 18 08:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f227bd2bf6067b3f3da6ee7807a684c71c2ccb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:e2:dc:3c:b2:bc:bc:a6:10:a5:94:c2:aa:
49:f4:89:df:3b:7a:f3:8c:00:3e:39:71:85:2a:ca:
c0:57:d7:ed:6b:84:88:3e:0a:8d:d9:a4:aa:41:14:
22:07:75:82:54:62:97:4f:98:bd:34:8b:dc:4c:c2:
9a:ee:2a:d1:35:03:d5:52:db:19:8b:f5:6c:a3:77:
db:5d:a0:19:bc:0e:f6:26:4a:42:10:6f:15:96:2f:
a6:ae:7d:87:c6:a6:02:06:a2:77:4e:82:69:8c:ac:
63:70:d8:4f:2f:6d:24:6e:1d:ef:98:25:97:77:66:
61:78:74:e9:d1:bb:45:db:eb:d6:14:f3:e0:2d:4c:
d9:1d:27:c9:7f:81:4b:db:00:e3:d4:c5:96:82:87:
5d:90:8a:94:af:19:d4:df:c8:d0:e4:4a:c0:cd:88:
51:3e:e1:e6:c2:10:98:ab:6e:fb:68:14:9a:34:44:
6a:98:6c:5c:03:ee:09:ce:1e:74:9d:94:24:19:a2:
34:3d:79:e6:11:85:ed:dc:55:4b:13:31:44:ba:5b:
b1:cf:e7:f7:93:55:b8:f4:8c:68:8d:a4:89:27:d5:
f5:04:21:93:f9:1d:4f:bc:a7:2f:60:00:fe:eb:f3:
ba:a1:75:f8:74:b7:c2:dd:19:21:47:78:6e:c5:5a:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:22:7B:D2:BF:60:67:B3:F3:DA:6E:E7:80:7A:68:4C:71:C2:CC:B8
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XyJ70r9gZ7Pz2m7ngHpoTHHCzLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.86.0/24
212.16.93.0/24
Signature Algorithm: sha256WithRSAEncryption
02:cf:44:7a:3c:7b:28:8b:42:1f:ab:05:09:14:80:99:fb:fa:
cf:e9:c8:32:35:1d:97:5c:e9:2f:64:51:87:dc:22:65:24:26:
a6:59:f0:e9:92:fb:8e:0f:1f:dd:93:7f:ed:03:8a:b9:12:73:
cc:d8:aa:bd:b3:99:f6:c1:52:89:0a:3b:6f:de:00:58:67:0b:
a6:72:f4:e0:62:9e:c2:2b:1b:a1:44:c3:18:62:2a:e0:98:63:
bb:80:e6:02:d1:89:f2:e7:1b:e8:1f:05:fa:ee:b1:d0:fb:cb:
09:b4:0b:80:7c:5d:80:7f:a0:38:28:3a:3b:41:ba:29:c1:58:
a9:f4:a1:53:99:80:bd:00:2b:21:45:ba:ad:68:06:b8:56:77:
9a:d6:4e:82:5b:59:99:5b:a7:f8:be:38:17:11:18:b1:2e:70:
d6:59:46:06:cc:45:46:5d:61:8e:99:80:c7:4f:02:55:24:ed:
ed:02:30:4c:00:ee:4d:94:66:94:40:93:a1:97:98:07:7a:d8:
18:74:18:a5:bd:92:dc:fd:0d:a7:d6:af:11:cf:1a:16:62:86:
44:cf:db:6b:0f:63:e5:fe:0b:79:aa:f2:be:00:a6:07:d5:ec:
0a:70:74:a9:ef:1a:0f:b2:10:0d:9e:f0:4d:5a:a5:81:30:59:
47:10:53:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5QxTULD4zpBUTA8OrZGGlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMzE4MDg1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIyN2JkMmJmNjA2N2IzZjNkYTZlZTc4MDdhNjg0YzcxYzJjY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdji3DyyvLymEKWUwqpJ9InfO3rz
jAA+OXGFKsrAV9fta4SIPgqN2aSqQRQiB3WCVGKXT5i9NIvcTMKa7irRNQPVUtsZ
i/Vso3fbXaAZvA72JkpCEG8Vli+mrn2HxqYCBqJ3ToJpjKxjcNhPL20kbh3vmCWX
d2ZheHTp0btF2+vWFPPgLUzZHSfJf4FL2wDj1MWWgoddkIqUrxnU38jQ5ErAzYhR
PuHmwhCYq277aBSaNERqmGxcA+4Jzh50nZQkGaI0PXnmEYXt3FVLEzFEuluxz+f3
k1W49IxojaSJJ9X1BCGT+R1PvKcvYAD+6/O6oXX4dLfC3RkhR3huxVqFrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF8ie9K/YGez89pu54B6aExxwsy4MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvWHlKNzByOWdaN1B6Mm03bmdIcG9USEhDekxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1BBWAwQA
1BBdMA0GCSqGSIb3DQEBCwUAA4IBAQACz0R6PHsoi0IfqwUJFICZ+/rP6cgyNR2X
XOkvZFGH3CJlJCamWfDpkvuODx/dk3/tA4q5EnPM2Kq9s5n2wVKJCjtv3gBYZwum
cvTgYp7CKxuhRMMYYirgmGO7gOYC0Yny5xvoHwX67rHQ+8sJtAuAfF2Af6A4KDo7
QbopwVip9KFTmYC9ACshRbqtaAa4Vnea1k6CW1mZW6f4vjgXERixLnDWWUYGzEVG
XWGOmYDHTwJVJO3tAjBMAO5NlGaUQJOhl5gHetgYdBilvZLc/Q2n1q8RzxoWYoZE
z9trD2Pl/gt5qvK+AKYH1ewKcHSp7xoPshANnvBNWqWBMFlHEFPl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org