Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XbwJZ62wHYH7ojcbvwDtUJku6qk.roa
File: XbwJZ62wHYH7ojcbvwDtUJku6qk.roa (raw, json)
Hash identifier: bfuzf/eg346dK15Oap1e7TN7fWY9KHyZCo8UmVZxpLY=
Subject key identifier: 5D:BC:09:67:AD:B0:1D:81:FB:A2:37:1B:BF:00:ED:50:99:2E:EA:A9
Certificate issuer: /CN=5dca17fc8d39e043ea769af28b548c9d39831d21
Certificate serial: 018573560C59B06F0F47BF99D1EA79E1E80A
Authority key identifier: 5D:CA:17:FC:8D:39:E0:43:EA:76:9A:F2:8B:54:8C:9D:39:83:1D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcoX_I054EPqdpryi1SMnTmDHSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XbwJZ62wHYH7ojcbvwDtUJku6qk.roa
Signing time: Mon 02 Jan 2023 16:34:57 +0000
ROA not before: Mon 02 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 2001:67c:273c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:0c:59:b0:6f:0f:47:bf:99:d1:ea:79:e1:e8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dca17fc8d39e043ea769af28b548c9d39831d21
Validity
Not Before: Jan 2 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dbc0967adb01d81fba2371bbf00ed50992eeaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:55:12:9d:3e:e6:ed:2b:97:59:cf:f5:21:05:
fc:64:42:e7:4c:1d:4c:aa:72:f5:88:af:bf:40:6c:
a7:ad:67:fd:df:f7:29:b3:9f:98:7a:18:61:a9:b9:
74:aa:e6:39:b4:53:6e:1b:63:ed:dd:33:0a:e9:ba:
ca:fa:1b:21:83:da:4f:13:77:56:40:0e:17:82:9e:
9e:be:32:94:88:1f:13:8e:8e:7f:4e:db:22:84:76:
e6:6f:1a:1b:a3:51:5e:26:25:b0:87:e9:6c:6a:53:
6c:c9:a6:19:44:6c:95:96:1f:b7:1b:ec:42:8d:86:
e9:3c:8a:94:12:f8:b3:c6:a6:23:0b:d6:f2:1c:d4:
50:55:6e:6b:11:e5:ba:b0:15:e5:66:2c:6a:37:5a:
70:79:65:41:0b:34:d5:3b:63:c2:fa:5e:38:d3:81:
1f:92:e6:e9:f0:17:cc:7d:84:c0:b8:d9:b0:6c:1d:
ae:c8:71:a5:1b:b3:6a:f2:20:2e:0c:de:fb:b7:14:
81:bd:29:5a:9b:df:c0:80:06:54:43:3e:3f:d7:52:
a1:df:8b:7b:a0:c6:37:66:b2:11:47:64:e7:32:ba:
df:54:72:52:7a:86:69:a9:a7:4b:2b:19:ff:03:7c:
12:59:8d:46:79:96:d7:64:bd:e4:da:50:7f:2c:9a:
f0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BC:09:67:AD:B0:1D:81:FB:A2:37:1B:BF:00:ED:50:99:2E:EA:A9
X509v3 Authority Key Identifier:
keyid:5D:CA:17:FC:8D:39:E0:43:EA:76:9A:F2:8B:54:8C:9D:39:83:1D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcoX_I054EPqdpryi1SMnTmDHSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XbwJZ62wHYH7ojcbvwDtUJku6qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XcoX_I054EPqdpryi1SMnTmDHSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:273c::/48
Signature Algorithm: sha256WithRSAEncryption
43:fe:0a:67:99:03:d3:80:38:a3:55:59:bd:d9:cc:75:b3:c2:
04:0b:3a:40:98:cc:52:36:08:89:c6:42:13:64:bb:d7:ef:7e:
1b:45:27:13:de:12:8f:5f:9a:31:08:46:1f:85:f3:b5:a2:8a:
b6:1f:a7:e9:4f:4a:dd:46:95:20:b1:a4:e2:44:76:ab:1e:5c:
72:85:ae:bd:02:94:6c:b4:06:8b:db:64:57:99:a3:dd:2f:a9:
2d:df:e7:1e:1b:b8:ca:e0:a9:4e:c9:b2:e8:db:96:8d:c6:bc:
cc:fd:93:f5:b6:51:96:16:f9:56:e1:93:94:25:dd:32:15:8e:
4a:b3:fa:b9:21:8e:81:d2:24:50:8f:7b:26:3b:c8:29:fd:34:
6f:b7:0f:30:af:41:f0:27:ee:ea:ab:d6:d1:d8:53:c6:85:5c:
25:b7:fd:80:f9:c2:76:fe:01:84:ee:91:19:6f:cd:7f:e0:48:
fb:1a:59:7c:af:c0:02:40:4d:1e:2a:de:ad:11:57:15:60:b7:
ac:5b:e7:83:4f:46:77:7b:16:b2:fe:ab:64:e0:dc:90:0a:9b:
db:13:63:c2:11:f4:59:55:1c:b5:04:c5:f3:2f:96:da:73:3c:
5e:28:3a:32:d5:58:0f:ab:93:92:fc:5d:bb:95:03:68:d1:f0:
92:de:f4:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzVgxZsG8PR7+Z0ep54egKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2ExN2ZjOGQzOWUwNDNlYTc2OWFmMjhiNTQ4YzlkMzk4
MzFkMjEwHhcNMjMwMTAyMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJjMDk2N2FkYjAxZDgxZmJhMjM3MWJiZjAwZWQ1MDk5MmVlYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1USnT7m7SuXWc/1IQX8ZELnTB1M
qnL1iK+/QGynrWf93/cps5+Yehhhqbl0quY5tFNuG2Pt3TMK6brK+hshg9pPE3dW
QA4Xgp6evjKUiB8Tjo5/TtsihHbmbxobo1FeJiWwh+lsalNsyaYZRGyVlh+3G+xC
jYbpPIqUEvizxqYjC9byHNRQVW5rEeW6sBXlZixqN1pweWVBCzTVO2PC+l4404Ef
kubp8BfMfYTAuNmwbB2uyHGlG7Nq8iAuDN77txSBvSlam9/AgAZUQz4/11Kh34t7
oMY3ZrIRR2TnMrrfVHJSeoZpqadLKxn/A3wSWY1GeZbXZL3k2lB/LJrwxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF28CWetsB2B+6I3G78A7VCZLuqpMB8GA1UdIwQY
MBaAFF3KF/yNOeBD6naa8otUjJ05gx0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNvWF9JMDU0RVBxZHByeWkxU01uVG1ESFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84ZDkzOWYtODdhNi00OTZmLTkwMDgt
NjU2ZGJjMmYyNDM2LzEvWGJ3Slo2MndIWUg3b2pjYnZ3RHRVSmt1NnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84ZDkzOWYtODdhNi00OTZmLTkwMDgtNjU2ZGJjMmYyNDM2
LzEvWGNvWF9JMDU0RVBxZHByeWkxU01uVG1ESFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCc8
MA0GCSqGSIb3DQEBCwUAA4IBAQBD/gpnmQPTgDijVVm92cx1s8IECzpAmMxSNgiJ
xkITZLvX734bRScT3hKPX5oxCEYfhfO1ooq2H6fpT0rdRpUgsaTiRHarHlxyha69
ApRstAaL22RXmaPdL6kt3+ceG7jK4KlOybLo25aNxrzM/ZP1tlGWFvlW4ZOUJd0y
FY5Ks/q5IY6B0iRQj3smO8gp/TRvtw8wr0HwJ+7qq9bR2FPGhVwlt/2A+cJ2/gGE
7pEZb81/4Ej7Gll8r8ACQE0eKt6tEVcVYLesW+eDT0Z3exay/qtk4NyQCpvbE2PC
EfRZVRy1BMXzL5baczxeKDoy1VgPq5OS/F27lQNo0fCS3vRM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:47 2024 by rpki-client on console-fra.rpki-client.org