Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/xcWYxR81bw9auNSSQiCQJgdAmKs.roa
File: xcWYxR81bw9auNSSQiCQJgdAmKs.roa (raw, json)
Hash identifier: ht61Hc6mCVXPBRJnBrwp6Pgpa3fY6Jum3mK3dBnmKUQ=
Subject key identifier: C5:C5:98:C5:1F:35:6F:0F:5A:B8:D4:92:42:20:90:26:07:40:98:AB
Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Certificate serial: 018570F0B45840B27783069808717F6BB56D
Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/xcWYxR81bw9auNSSQiCQJgdAmKs.roa
Signing time: Mon 02 Jan 2023 05:25:01 +0000
ROA not before: Mon 02 Jan 2023 05:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199296
IP address blocks: 91.233.136.0/22 maxlen: 22
2a13:60c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b4:58:40:b2:77:83:06:98:08:71:7f:6b:b5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Validity
Not Before: Jan 2 05:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5c598c51f356f0f5ab8d49242209026074098ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b4:fe:3e:8a:f2:1a:0e:cd:d4:73:95:14:34:
85:11:22:52:52:12:ad:ee:38:5a:7f:df:c3:5f:ef:
59:ac:62:05:50:97:31:94:7a:3f:16:e5:c9:1f:7f:
51:95:20:d5:78:07:af:83:a2:46:c5:9e:65:03:dd:
78:de:e7:27:da:91:c9:c8:d3:f2:b7:c1:9b:99:92:
c1:a9:7c:93:4f:47:80:f7:32:a8:af:57:be:dc:11:
fa:a9:36:bf:77:a3:93:26:23:9d:17:43:a2:e0:db:
8d:c4:f3:f8:52:49:92:10:d7:df:75:1b:ba:b4:bc:
20:39:b4:eb:3e:3d:c8:9f:59:0f:a5:ae:d4:eb:79:
a4:87:b3:fa:6a:11:a3:ed:ce:20:2a:b1:36:fe:02:
24:58:a3:a1:4f:3e:43:59:75:68:c6:ae:0d:8b:f3:
8d:e5:37:1a:4b:8d:9a:55:bb:e2:92:1c:a5:83:24:
89:bc:02:4d:ba:d0:4c:44:2e:22:13:5a:13:49:73:
6d:96:ea:c6:8c:d9:98:7f:f6:a5:b8:79:a9:b1:5a:
ce:b6:49:75:ec:76:13:e6:52:a3:da:e0:c7:cc:3d:
fe:08:ff:6b:3b:ff:f9:b6:52:0d:b1:7a:18:17:b2:
61:e4:98:d0:f1:df:52:0a:58:c2:94:1e:40:8d:34:
65:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C5:98:C5:1F:35:6F:0F:5A:B8:D4:92:42:20:90:26:07:40:98:AB
X509v3 Authority Key Identifier:
keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/xcWYxR81bw9auNSSQiCQJgdAmKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.136.0/22
IPv6:
2a13:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:15:0c:e9:3b:a8:59:58:1a:b9:6e:47:5f:61:46:e2:a9:81:
43:b6:7e:b3:eb:99:51:40:a0:a5:ef:63:14:ff:3d:97:53:c5:
a9:8f:c5:aa:6c:b8:13:4c:4a:a1:5e:9c:68:6d:e3:ab:84:5f:
26:2f:1d:90:20:1a:84:56:9a:0a:bf:49:30:b7:f5:12:25:5b:
22:8e:23:ee:66:fb:fd:f2:18:78:16:68:2c:60:22:a4:30:1a:
16:68:e2:b6:95:44:82:85:3e:51:29:6e:c5:ca:f4:f4:53:68:
99:dd:ba:e2:e4:1b:70:af:4b:ce:09:49:bf:34:44:00:74:47:
c7:32:c9:49:ee:ff:ba:c2:94:11:fc:55:f1:7a:78:b6:d2:1b:
fa:d6:b6:85:8b:09:b2:61:88:77:93:8f:7c:ad:fe:2b:93:02:
ae:72:af:b9:9f:37:31:f6:5b:dd:6f:3c:73:e6:a0:f0:4c:6b:
6f:7c:f7:dc:4e:c0:e1:32:39:6c:4b:48:4f:fe:47:74:5d:45:
36:7c:64:0e:2a:b0:ad:69:85:42:0b:61:a8:70:53:90:02:33:
4a:6e:61:28:bd:43:94:8d:dc:0c:fb:f0:bc:51:4d:f1:fc:34:
32:62:81:4b:db:49:26:fa:7d:28:12:d1:80:12:3c:60:83:2e:
e0:1a:27:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw8LRYQLJ3gwaYCHF/a7VtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk
Mjc3ZDYwHhcNMjMwMTAyMDUyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM1OThjNTFmMzU2ZjBmNWFiOGQ0OTI0MjIwOTAyNjA3NDA5OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7T+PoryGg7N1HOVFDSFESJSUhKt
7jhaf9/DX+9ZrGIFUJcxlHo/FuXJH39RlSDVeAevg6JGxZ5lA9143ucn2pHJyNPy
t8GbmZLBqXyTT0eA9zKor1e+3BH6qTa/d6OTJiOdF0Oi4NuNxPP4UkmSENffdRu6
tLwgObTrPj3In1kPpa7U63mkh7P6ahGj7c4gKrE2/gIkWKOhTz5DWXVoxq4Ni/ON
5TcaS42aVbvikhylgySJvAJNutBMRC4iE1oTSXNtlurGjNmYf/aluHmpsVrOtkl1
7HYT5lKj2uDHzD3+CP9rO//5tlINsXoYF7Jh5JjQ8d9SCljClB5AjTRlQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMXFmMUfNW8PWrjUkkIgkCYHQJirMB8GA1UdIwQY
MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt
NDYxMTA0NmYxYTRlLzEveGNXWXhSODFidzlhdU5TU1FpQ1FKZ2RBbUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl
LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW+mIMA0E
AgACMAcDBQAqE2DAMA0GCSqGSIb3DQEBCwUAA4IBAQA6FQzpO6hZWBq5bkdfYUbi
qYFDtn6z65lRQKCl72MU/z2XU8Wpj8WqbLgTTEqhXpxobeOrhF8mLx2QIBqEVpoK
v0kwt/USJVsijiPuZvv98hh4FmgsYCKkMBoWaOK2lUSChT5RKW7FyvT0U2iZ3bri
5Btwr0vOCUm/NEQAdEfHMslJ7v+6wpQR/FXxeni20hv61raFiwmyYYh3k498rf4r
kwKucq+5nzcx9lvdbzxz5qDwTGtvfPfcTsDhMjlsS0hP/kd0XUU2fGQOKrCtaYVC
C2GocFOQAjNKbmEovUOUjdwM+/C8UU3x/DQyYoFL20km+n0oEtGAEjxggy7gGie6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:07 2024 by rpki-client on console-fra.rpki-client.org