Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/XMKmRHT-CbIWcrei7rvNSkJr1lI.roa
File: XMKmRHT-CbIWcrei7rvNSkJr1lI.roa (raw, json)
Hash identifier: zpgLeCMxbYtwwUz7Bbue7bUUIIsituYVlCAHgjsuy34=
Subject key identifier: 5C:C2:A6:44:74:FE:09:B2:16:72:B7:A2:EE:BB:CD:4A:42:6B:D6:52
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0B9AC07C7DA4E63277318BFA293E5
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/XMKmRHT-CbIWcrei7rvNSkJr1lI.roa
Signing time: Mon 02 Jan 2023 05:25:02 +0000
ROA not before: Mon 02 Jan 2023 05:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199390
IP address blocks: 195.136.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b9:ac:07:c7:da:4e:63:27:73:18:bf:a2:93:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc2a64474fe09b21672b7a2eebbcd4a426bd652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:02:9e:b8:b9:d1:ae:0e:48:e3:2a:ca:6e:42:
61:ec:33:9f:53:92:b7:1d:fc:df:4d:61:3c:9e:92:
41:d8:35:54:a7:b0:c2:a8:af:97:e7:ae:c1:44:ca:
af:87:42:60:47:73:24:fd:84:83:28:25:9a:42:f2:
4c:3b:f0:b4:0d:b6:80:4a:c8:10:89:8b:d9:83:32:
5d:db:6b:a4:d2:8c:8f:84:6e:25:2a:01:57:71:3f:
f5:9d:27:96:ab:8a:cf:9f:3e:92:da:2b:7b:bd:b4:
a3:87:a6:05:9c:a0:9a:5c:63:3e:c7:e3:fc:08:3a:
63:16:57:61:bf:85:8c:9b:c1:74:88:19:ae:b8:c9:
98:1f:eb:f7:b2:d9:44:a9:fd:9b:d2:62:13:99:db:
1a:06:6c:65:11:2d:ec:d0:54:5e:85:a7:de:5d:15:
52:87:65:26:54:02:f8:6a:e0:06:e7:1f:ca:8f:5d:
91:85:4f:2a:b5:98:bc:a6:58:4a:0b:de:4b:1a:ec:
5d:d2:a5:d9:2b:3e:a4:0a:56:eb:13:6a:41:ae:b3:
e6:5b:93:5a:e1:d6:d5:53:6c:7d:83:2e:da:dd:e8:
2c:dd:fc:30:ca:47:fc:d7:f7:4a:47:65:cc:b0:b7:
38:a5:ec:a8:22:15:ad:11:61:92:37:55:a9:48:d7:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C2:A6:44:74:FE:09:B2:16:72:B7:A2:EE:BB:CD:4A:42:6B:D6:52
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/XMKmRHT-CbIWcrei7rvNSkJr1lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.176.0/22
Signature Algorithm: sha256WithRSAEncryption
80:a0:46:8f:5e:8e:f1:3e:55:dc:1f:4c:05:de:dd:a5:c1:bc:
e5:30:2e:2e:fe:3e:ed:c8:a5:75:41:44:6c:5a:f5:a1:07:7a:
d5:97:ea:30:30:44:82:fd:e6:70:6d:11:55:c9:25:7b:9c:9a:
d3:6d:0f:69:4e:92:40:98:a3:10:1f:f2:cf:1d:58:7e:bd:a6:
c9:31:8f:fe:11:52:59:f6:10:01:a3:80:2f:59:0f:3f:7c:63:
d4:49:21:88:16:f9:ee:2e:76:e0:73:cb:f1:d3:41:18:dc:5b:
4c:a6:3c:a4:a3:be:5c:a3:9f:f7:79:f6:cb:de:0b:f1:60:05:
c9:75:d8:f2:69:46:bc:2e:63:78:f2:d2:52:b9:4f:8a:5b:89:
d0:99:7c:79:55:20:83:ab:a2:9c:07:0d:1e:ba:9b:d4:03:95:
18:5f:26:6e:ce:03:04:08:3f:d3:9b:de:00:c9:a7:da:9a:b0:
e8:6f:08:8e:b6:0f:20:59:9f:18:23:a9:c3:5c:99:b7:e6:78:
8f:b1:06:58:e9:6a:4d:6b:30:be:9f:8e:b5:be:c2:4f:1f:86:
69:a1:57:1e:f9:f6:28:ae:68:8a:e9:3d:75:03:ff:a1:19:1b:
72:6a:2e:02:17:a3:69:bd:29:5c:25:9e:7e:bb:3b:d7:4c:55:
79:95:33:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8LmsB8faTmMncxi/opPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2MyYTY0NDc0ZmUwOWIyMTY3MmI3YTJlZWJiY2Q0YTQyNmJkNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggKeuLnRrg5I4yrKbkJh7DOfU5K3
HfzfTWE8npJB2DVUp7DCqK+X567BRMqvh0JgR3Mk/YSDKCWaQvJMO/C0DbaASsgQ
iYvZgzJd22uk0oyPhG4lKgFXcT/1nSeWq4rPnz6S2it7vbSjh6YFnKCaXGM+x+P8
CDpjFldhv4WMm8F0iBmuuMmYH+v3stlEqf2b0mITmdsaBmxlES3s0FRehafeXRVS
h2UmVAL4auAG5x/Kj12RhU8qtZi8plhKC95LGuxd0qXZKz6kClbrE2pBrrPmW5Na
4dbVU2x9gy7a3egs3fwwykf81/dKR2XMsLc4peyoIhWtEWGSN1WpSNf5YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzCpkR0/gmyFnK3ou67zUpCa9ZSMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvWE1LbVJIVC1DYklXY3JlaTdydk5Ta0pyMWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4iwMA0G
CSqGSIb3DQEBCwUAA4IBAQCAoEaPXo7xPlXcH0wF3t2lwbzlMC4u/j7tyKV1QURs
WvWhB3rVl+owMESC/eZwbRFVySV7nJrTbQ9pTpJAmKMQH/LPHVh+vabJMY/+EVJZ
9hABo4AvWQ8/fGPUSSGIFvnuLnbgc8vx00EY3FtMpjyko75co5/3efbL3gvxYAXJ
ddjyaUa8LmN48tJSuU+KW4nQmXx5VSCDq6KcBw0eupvUA5UYXyZuzgMECD/Tm94A
yafamrDobwiOtg8gWZ8YI6nDXJm35niPsQZY6WpNazC+n461vsJPH4ZpoVce+fYo
rmiK6T11A/+hGRtyai4CF6NpvSlcJZ5+uzvXTFV5lTMR
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:37 2024 by rpki-client on console-fra.rpki-client.org