Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xSlkR7fE4p4123DCUG8K2VnzbAk.roa
File: xSlkR7fE4p4123DCUG8K2VnzbAk.roa (raw, json)
Hash identifier: XQ600wlYoeZychur8++FT+QVkQNZt5wujT3YsyAJtcQ=
Subject key identifier: C5:29:64:47:B7:C4:E2:9E:35:DB:70:C2:50:6F:0A:D9:59:F3:6C:09
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CF326458B02F0A600134119B0646E115F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xSlkR7fE4p4123DCUG8K2VnzbAk.roa
Signing time: Wed 10 Jan 2024 11:33:40 +0000
ROA not before: Wed 10 Jan 2024 11:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.137.0/24 maxlen: 24
94.176.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:26:45:8b:02:f0:a6:00:13:41:19:b0:64:6e:11:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 10 11:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5296447b7c4e29e35db70c2506f0ad959f36c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:52:1e:47:54:f7:67:b6:3f:0a:91:97:e5:d1:
18:cc:79:ed:54:ff:74:ce:b1:bf:1b:d2:ce:14:e9:
84:42:e8:cb:a9:9d:7b:d1:1e:a0:89:b5:7c:14:e0:
2e:4c:47:e4:8e:16:98:30:56:bf:01:b5:80:34:0c:
91:2d:01:3c:63:00:96:ea:b9:2d:8d:0d:39:6a:64:
b7:41:76:ca:95:26:ed:1d:49:03:4a:c3:7e:e8:fe:
31:ef:3a:17:1b:99:5c:ab:b1:96:b9:64:5d:a4:cc:
22:64:3c:24:6d:76:2f:a5:10:69:bc:e4:73:a6:ec:
78:4d:e8:28:ef:b6:c7:36:71:e9:fb:94:04:1f:cd:
85:6a:b3:52:2b:07:4d:e0:0a:1a:da:a4:03:cf:b3:
3b:85:a1:f4:8a:3d:79:b8:41:c7:ea:fd:1d:6b:27:
5c:92:30:a8:6c:c4:12:fa:d0:3c:12:61:e5:7b:e3:
f6:1e:26:81:51:1b:27:14:77:3b:77:5f:e0:c8:df:
c9:8a:38:a0:9e:b4:68:0b:53:ff:af:89:63:66:5d:
51:83:60:0b:28:c1:bb:18:ea:05:93:97:eb:3d:b5:
76:bb:8c:82:3d:90:28:55:c2:ff:8c:70:60:15:54:
ab:83:31:5a:fa:94:e4:8b:ff:a2:94:71:cc:de:65:
4a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:29:64:47:B7:C4:E2:9E:35:DB:70:C2:50:6F:0A:D9:59:F3:6C:09
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xSlkR7fE4p4123DCUG8K2VnzbAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.215.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fe:21:81:29:8c:1e:67:2b:b4:ee:f7:ca:3f:e7:04:fb:d1:
74:fe:84:33:da:40:53:3d:fb:bb:24:20:df:7f:eb:f1:ec:d1:
ba:ec:82:a6:82:6b:ef:12:81:7e:38:bb:08:5e:49:3c:80:49:
18:a0:97:9d:65:be:ce:aa:eb:3d:65:8d:34:58:a7:b0:dd:7c:
34:6d:75:9b:8f:87:43:72:c7:de:fc:eb:57:fa:09:9a:cc:fe:
a9:b6:68:e0:fe:b6:d8:57:a8:87:40:16:ee:3c:ac:55:21:22:
bd:5b:bf:62:c2:49:52:b9:1d:ad:53:a2:a6:2b:e4:9c:b8:20:
6e:5d:61:0c:ef:18:39:4b:c9:8f:56:ba:83:d7:82:4a:bd:f2:
9f:cb:9d:83:8a:3c:db:7d:ec:32:be:bc:fa:1f:c1:de:2b:a1:
77:56:b8:0a:c6:4d:32:ef:a1:70:b8:f4:62:6c:d3:ce:12:0c:
b7:2f:81:58:6a:8b:40:78:ec:12:31:cc:fe:f0:3e:6c:73:bc:
51:a8:ff:ac:bb:3d:16:ae:3b:30:ad:32:57:ba:fa:7a:43:6d:
0c:b2:09:c7:15:f5:51:d7:62:2a:52:60:e9:87:b9:10:9a:8c:
7d:31:49:52:ff:a8:07:4a:6d:39:5d:e5:74:51:7e:a5:44:9b:
8d:3c:c9:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzzJkWLAvCmABNBGbBkbhFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTEwMTEzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI5NjQ0N2I3YzRlMjllMzVkYjcwYzI1MDZmMGFkOTU5ZjM2YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1IeR1T3Z7Y/CpGX5dEYzHntVP90
zrG/G9LOFOmEQujLqZ170R6gibV8FOAuTEfkjhaYMFa/AbWANAyRLQE8YwCW6rkt
jQ05amS3QXbKlSbtHUkDSsN+6P4x7zoXG5lcq7GWuWRdpMwiZDwkbXYvpRBpvORz
pux4Tego77bHNnHp+5QEH82FarNSKwdN4Aoa2qQDz7M7haH0ij15uEHH6v0daydc
kjCobMQS+tA8EmHle+P2HiaBURsnFHc7d1/gyN/JijignrRoC1P/r4ljZl1Rg2AL
KMG7GOoFk5frPbV2u4yCPZAoVcL/jHBgFVSrgzFa+pTki/+ilHHM3mVK5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMUpZEe3xOKeNdtwwlBvCtlZ82wJMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveFNsa1I3ZkU0cDQxMjNEQ1VHOEsyVm56YkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrDXAwQA
vPGJMA0GCSqGSIb3DQEBCwUAA4IBAQBf/iGBKYweZyu07vfKP+cE+9F0/oQz2kBT
Pfu7JCDff+vx7NG67IKmgmvvEoF+OLsIXkk8gEkYoJedZb7Oqus9ZY00WKew3Xw0
bXWbj4dDcsfe/OtX+gmazP6ptmjg/rbYV6iHQBbuPKxVISK9W79iwklSuR2tU6Km
K+ScuCBuXWEM7xg5S8mPVrqD14JKvfKfy52Dijzbfewyvrz6H8HeK6F3VrgKxk0y
76FwuPRibNPOEgy3L4FYaotAeOwSMcz+8D5sc7xRqP+suz0WrjswrTJXuvp6Q20M
sgnHFfVR12IqUmDph7kQmox9MUlS/6gHSm05XeV0UX6lRJuNPMkt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org