Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/XnXXVfsIF5xuFq9Lfc4lYBPW4Sk.roa
File: XnXXVfsIF5xuFq9Lfc4lYBPW4Sk.roa (raw, json)
Hash identifier: wmUQcP4MPnz3h5fsGvOexKY2zJSqRfHvifx0EpEpcf8=
Subject key identifier: 5E:75:D7:55:FB:08:17:9C:6E:16:AF:4B:7D:CE:25:60:13:D6:E1:29
Certificate issuer: /CN=4ddd0f9dcd88949b8f3a3771063562a057679290
Certificate serial: 01856D385E39E140E2018180DC97B324BDCD
Authority key identifier: 4D:DD:0F:9D:CD:88:94:9B:8F:3A:37:71:06:35:62:A0:57:67:92:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Td0Pnc2IlJuPOjdxBjVioFdnkpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/XnXXVfsIF5xuFq9Lfc4lYBPW4Sk.roa
Signing time: Sun 01 Jan 2023 12:04:48 +0000
ROA not before: Sun 01 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197991
IP address blocks: 185.239.56.0/22 maxlen: 24
2a0c:4b80::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5e:39:e1:40:e2:01:81:80:dc:97:b3:24:bd:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddd0f9dcd88949b8f3a3771063562a057679290
Validity
Not Before: Jan 1 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e75d755fb08179c6e16af4b7dce256013d6e129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:84:89:8f:a4:08:66:d1:b7:bb:37:08:ea:7a:
a7:b4:cf:fa:5d:e4:28:94:02:7b:3c:cc:7d:f6:65:
e4:5e:a5:35:45:74:16:d5:5c:45:dc:a3:e1:4b:61:
69:98:e4:be:72:cb:52:5d:9e:27:34:95:dd:80:0c:
3f:fe:0c:64:d0:1e:16:85:70:27:97:f0:89:55:ac:
52:72:17:f1:2d:51:42:75:05:5c:a6:1b:06:f0:84:
a0:46:38:8b:f9:72:a2:11:b9:d7:f7:86:52:4b:2f:
dd:55:69:3e:68:bc:50:7b:52:af:ad:b2:30:3d:0e:
15:4c:bb:d7:5c:41:52:9b:b4:f7:97:e8:b3:49:c3:
2d:85:30:91:0e:30:fe:6e:cc:52:af:78:d0:94:66:
29:a0:30:a4:65:ab:e5:02:cb:43:2f:20:b3:8f:df:
4b:59:25:c4:f2:5d:a2:f1:ed:a6:9b:f3:e8:49:0d:
39:7f:ea:21:34:74:76:c6:b8:90:b2:46:57:a3:81:
92:c3:85:b7:fa:28:a5:e9:2c:7a:db:d1:01:37:9a:
f4:cb:5b:53:f4:8c:f8:99:99:e0:f5:26:25:1c:ab:
a5:75:e8:b5:6d:bd:0e:43:76:da:3a:48:00:a1:b6:
92:50:c7:8a:9e:3e:0c:c6:d2:ec:83:95:c1:2e:48:
e1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:75:D7:55:FB:08:17:9C:6E:16:AF:4B:7D:CE:25:60:13:D6:E1:29
X509v3 Authority Key Identifier:
keyid:4D:DD:0F:9D:CD:88:94:9B:8F:3A:37:71:06:35:62:A0:57:67:92:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Td0Pnc2IlJuPOjdxBjVioFdnkpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/XnXXVfsIF5xuFq9Lfc4lYBPW4Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/Td0Pnc2IlJuPOjdxBjVioFdnkpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.56.0/22
IPv6:
2a0c:4b80::/34
Signature Algorithm: sha256WithRSAEncryption
31:d1:84:51:26:38:2c:19:01:91:50:62:9f:7f:c0:d7:d3:41:
10:8e:1c:f1:85:f8:49:d8:b3:8e:5b:75:63:f2:b3:4d:3f:8c:
50:b8:60:06:f7:f6:37:35:75:93:e9:50:30:d7:a3:7d:3c:fc:
2b:3f:73:7d:d1:96:3a:89:66:1f:98:8b:0f:cc:41:e7:7f:1c:
72:04:16:82:61:be:25:ee:56:e3:8e:60:77:c5:5f:3c:33:a5:
a1:17:6a:5e:6d:72:ce:6c:c4:c7:51:a2:70:d8:d2:ff:a3:17:
c9:d4:f7:1b:99:4f:99:90:bb:de:51:56:49:d5:dc:b6:80:6e:
e6:09:5b:61:c5:42:80:37:a8:8e:88:01:d8:68:33:b8:10:f8:
2d:03:f5:2b:3d:f6:af:e2:ee:0a:67:89:bb:e1:1a:15:46:fd:
29:b4:2f:81:10:37:7a:a0:b3:43:9b:b2:f9:8c:d4:be:53:83:
64:f7:d7:09:04:0f:48:98:08:ae:b6:f3:42:df:a4:2b:15:72:
ff:4e:7c:ef:e2:16:98:0b:ff:83:89:0f:82:51:31:a7:a8:ce:
a0:9f:55:ba:55:4a:78:b9:07:e0:e8:f6:00:86:f4:38:6e:01:
32:3f:d3:5c:8e:32:02:f6:b7:63:e5:d0:ac:4d:14:58:f9:f3:
a4:f0:f1:c2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVtOF454UDiAYGA3JezJL3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGQwZjlkY2Q4ODk0OWI4ZjNhMzc3MTA2MzU2MmEwNTc2
NzkyOTAwHhcNMjMwMTAxMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc1ZDc1NWZiMDgxNzljNmUxNmFmNGI3ZGNlMjU2MDEzZDZlMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4SJj6QIZtG3uzcI6nqntM/6XeQo
lAJ7PMx99mXkXqU1RXQW1VxF3KPhS2FpmOS+cstSXZ4nNJXdgAw//gxk0B4WhXAn
l/CJVaxSchfxLVFCdQVcphsG8ISgRjiL+XKiEbnX94ZSSy/dVWk+aLxQe1KvrbIw
PQ4VTLvXXEFSm7T3l+izScMthTCRDjD+bsxSr3jQlGYpoDCkZavlAstDLyCzj99L
WSXE8l2i8e2mm/PoSQ05f+ohNHR2xriQskZXo4GSw4W3+iil6Sx629EBN5r0y1tT
9Iz4mZng9SYlHKuldei1bb0OQ3baOkgAobaSUMeKnj4MxtLsg5XBLkjhVwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF5111X7CBecbhavS33OJWAT1uEpMB8GA1UdIwQY
MBaAFE3dD53NiJSbjzo3cQY1YqBXZ5KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGQwUG5jMklsSnVQT2pkeEJqVmlvRmRua3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zYTdlNDktOWQyNy00ZTRlLWFhMzYt
NmY2Y2NiNmUyY2RhLzEvWG5YWFZmc0lGNXh1RnE5TGZjNGxZQlBXNFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zYTdlNDktOWQyNy00ZTRlLWFhMzYtNmY2Y2NiNmUyY2Rh
LzEvVGQwUG5jMklsSnVQT2pkeEJqVmlvRmRua3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCue84MA4E
AgACMAgDBgYqDEuAADANBgkqhkiG9w0BAQsFAAOCAQEAMdGEUSY4LBkBkVBin3/A
19NBEI4c8YX4Sdizjlt1Y/KzTT+MULhgBvf2NzV1k+lQMNejfTz8Kz9zfdGWOolm
H5iLD8xB538ccgQWgmG+Je5W445gd8VfPDOloRdqXm1yzmzEx1GicNjS/6MXydT3
G5lPmZC73lFWSdXctoBu5glbYcVCgDeojogB2GgzuBD4LQP1Kz32r+LuCmeJu+Ea
FUb9KbQvgRA3eqCzQ5uy+YzUvlODZPfXCQQPSJgIrrbzQt+kKxVy/0587+IWmAv/
g4kPglExp6jOoJ9VulVKeLkH4Oj2AIb0OG4BMj/TXI4yAva3Y+XQrE0UWPnzpPDx
wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:05 2024 by rpki-client on console-fra.rpki-client.org