Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/XsPT-1zV3UyFza5i3ho9OA1SqiM.roa
File: XsPT-1zV3UyFza5i3ho9OA1SqiM.roa (raw, json)
Hash identifier: QdesfZP9PndUW7q3g2Zr1VdfMpCmf5ZpW6wwdnYSKSY=
Subject key identifier: 5E:C3:D3:FB:5C:D5:DD:4C:85:CD:AE:62:DE:1A:3D:38:0D:52:AA:23
Certificate issuer: /CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99
Certificate serial: 01856DAF60F0C1555366B67CC95E57A69734
Authority key identifier: C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/XsPT-1zV3UyFza5i3ho9OA1SqiM.roa
Signing time: Sun 01 Jan 2023 14:14:48 +0000
ROA not before: Sun 01 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210150
IP address blocks: 217.145.232.0/22 maxlen: 22
79.171.64.0/21 maxlen: 21
85.158.80.0/21 maxlen: 21
2a0d:9c40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:60:f0:c1:55:53:66:b6:7c:c9:5e:57:a6:97:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99
Validity
Not Before: Jan 1 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ec3d3fb5cd5dd4c85cdae62de1a3d380d52aa23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0d:72:1e:0f:0b:e0:ce:24:cb:d0:f6:a7:bb:
d0:14:60:eb:d0:67:6d:a6:e4:ce:75:fb:2a:72:e9:
c4:42:cf:77:9a:8d:91:7b:ba:56:9e:16:96:b3:b8:
85:a1:5c:45:ee:12:27:f7:49:b9:89:70:41:96:31:
24:bf:2a:8f:03:b9:4c:12:fb:0a:a6:5a:e6:7c:38:
ca:2d:36:1a:d5:9d:6e:73:f5:57:d9:35:e2:09:a7:
66:fc:ff:af:a1:67:bd:3a:16:f1:3c:e4:66:b8:ff:
d3:cc:7b:97:7b:f8:5f:7e:53:00:c1:a5:32:90:36:
da:d6:04:c1:fd:6d:bc:d6:b0:b7:3d:d0:8e:bf:d4:
ba:e2:a2:b2:26:62:f0:10:af:19:2e:5f:98:10:5a:
e2:02:32:64:f2:36:01:cf:84:06:a1:aa:9e:db:64:
d3:c2:46:c1:fe:52:71:36:dc:c2:39:05:16:31:8c:
f0:30:38:1a:c3:f6:82:58:7b:13:df:35:c9:39:7a:
7b:31:1a:3b:4a:82:72:0f:e0:33:df:f8:43:3f:84:
e0:b9:52:31:16:1c:d3:89:59:57:1b:7a:71:64:8b:
25:cb:df:e6:e3:73:7f:97:ea:d0:3a:a9:82:35:ee:
f4:14:97:f9:7b:08:4b:d4:87:00:6e:4d:97:46:01:
b6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C3:D3:FB:5C:D5:DD:4C:85:CD:AE:62:DE:1A:3D:38:0D:52:AA:23
X509v3 Authority Key Identifier:
keyid:C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/XsPT-1zV3UyFza5i3ho9OA1SqiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.64.0/21
85.158.80.0/21
217.145.232.0/22
IPv6:
2a0d:9c40::/29
Signature Algorithm: sha256WithRSAEncryption
b3:a3:f0:b9:4f:78:61:15:e0:04:b9:ea:b0:17:b6:67:11:90:
4b:d0:13:9a:3b:69:99:34:3f:a3:09:9e:bd:bf:56:f3:d2:3b:
a6:4e:48:77:c0:5e:67:69:c2:9f:d7:3b:77:71:56:78:28:1a:
31:b6:e4:74:3e:b1:a2:e3:46:8a:32:85:91:94:54:a1:83:14:
fe:f7:3c:4b:6c:ac:58:78:ba:29:4e:62:91:e4:3b:9c:8f:74:
5b:50:38:95:50:0a:cf:3e:59:99:d8:d9:dd:62:d5:d1:a0:48:
03:9f:97:29:b7:e4:d2:48:dd:2d:72:56:6c:38:fe:81:4e:66:
76:46:5b:31:de:b5:d6:92:4b:b3:08:3a:3e:50:aa:00:73:31:
d4:a7:93:6b:e4:dd:ee:a9:50:5a:b2:95:ce:82:8b:cb:b3:94:
51:48:b9:6e:3e:55:dc:e9:a2:1f:e0:3b:94:5b:71:72:f2:48:
66:1b:a5:d3:d2:27:b5:cc:91:5b:97:13:f2:89:a7:da:4c:37:
c4:75:b4:18:ad:c4:1f:fa:06:0b:8b:61:ec:a4:11:51:bb:cc:
45:df:76:9f:b9:a5:69:04:98:ac:f2:23:75:16:00:aa:b6:a4:
3e:e3:6b:fd:06:29:27:47:eb:e1:c6:48:b5:ed:3c:5e:75:d0:
89:3c:3f:73
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtr2DwwVVTZrZ8yV5Xppc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2I0Y2YwYTc0NzFmMDAwZjhhNTZhMDQ5YjE2Mzk2N2Nj
M2JkOTkwHhcNMjMwMTAxMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMzZDNmYjVjZDVkZDRjODVjZGFlNjJkZTFhM2QzODBkNTJhYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg1yHg8L4M4ky9D2p7vQFGDr0Gdt
puTOdfsqcunEQs93mo2Re7pWnhaWs7iFoVxF7hIn90m5iXBBljEkvyqPA7lMEvsK
plrmfDjKLTYa1Z1uc/VX2TXiCadm/P+voWe9OhbxPORmuP/TzHuXe/hfflMAwaUy
kDba1gTB/W281rC3PdCOv9S64qKyJmLwEK8ZLl+YEFriAjJk8jYBz4QGoaqe22TT
wkbB/lJxNtzCOQUWMYzwMDgaw/aCWHsT3zXJOXp7MRo7SoJyD+Az3/hDP4TguVIx
FhzTiVlXG3pxZIsly9/m43N/l+rQOqmCNe70FJf5ewhL1IcAbk2XRgG2RQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF7D0/tc1d1Mhc2uYt4aPTgNUqojMB8GA1UdIwQY
MBaAFMU7TPCnRx8AD4pWoEmxY5Z8w72ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFR0TThLZEhId0FQaWxhZ1NiRmpsbnpEdlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iYjJiNzUtYmMwMi00YTZiLTk4ZDYt
ZDg0ZTZkM2FmOTc1LzEvWHNQVC0xelYzVXlGemE1aTNobzlPQTFTcWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iYjJiNzUtYmMwMi00YTZiLTk4ZDYtZDg0ZTZkM2FmOTc1
LzEveFR0TThLZEhId0FQaWxhZ1NiRmpsbnpEdlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT6tAAwQD
VZ5QAwQC2ZHoMA0EAgACMAcDBQMqDZxAMA0GCSqGSIb3DQEBCwUAA4IBAQCzo/C5
T3hhFeAEueqwF7ZnEZBL0BOaO2mZND+jCZ69v1bz0jumTkh3wF5nacKf1zt3cVZ4
KBoxtuR0PrGi40aKMoWRlFShgxT+9zxLbKxYeLopTmKR5Ducj3RbUDiVUArPPlmZ
2NndYtXRoEgDn5cpt+TSSN0tclZsOP6BTmZ2Rlsx3rXWkkuzCDo+UKoAczHUp5Nr
5N3uqVBaspXOgovLs5RRSLluPlXc6aIf4DuUW3Fy8khmG6XT0ie1zJFblxPyiafa
TDfEdbQYrcQf+gYLi2HspBFRu8xF33afuaVpBJis8iN1FgCqtqQ+42v9BiknR+vh
xki17TxeddCJPD9z
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:49 2024 by rpki-client on console-fra.rpki-client.org