Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/Xxusw7MhcFtxe4cBVlgZaJIN6wQ.roa
File: Xxusw7MhcFtxe4cBVlgZaJIN6wQ.roa (raw, json)
Hash identifier: nEjJ3TmhEPf9ROqkm4PiCaT/htnSg+uQB6jJEezV5fY=
Subject key identifier: 5F:1B:AC:C3:B3:21:70:5B:71:7B:87:01:56:58:19:68:92:0D:EB:04
Certificate issuer: /CN=e86b4ed3317c92a34b76c8fad29ae97080f91f3b
Certificate serial: 01856D2F237CF7639C8E43231FCBE4EC1C3A
Authority key identifier: E8:6B:4E:D3:31:7C:92:A3:4B:76:C8:FA:D2:9A:E9:70:80:F9:1F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6GtO0zF8kqNLdsj60prpcID5Hzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/Xxusw7MhcFtxe4cBVlgZaJIN6wQ.roa
Signing time: Sun 01 Jan 2023 11:54:43 +0000
ROA not before: Sun 01 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42510
IP address blocks: 193.106.58.0/23 maxlen: 23
193.106.57.0/24 maxlen: 24
193.106.56.0/22 maxlen: 22
193.106.56.0/24 maxlen: 24
193.106.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:23:7c:f7:63:9c:8e:43:23:1f:cb:e4:ec:1c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e86b4ed3317c92a34b76c8fad29ae97080f91f3b
Validity
Not Before: Jan 1 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1bacc3b321705b717b870156581968920deb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cd:77:53:18:90:f5:be:e8:6d:58:c0:6c:02:
53:bc:e8:a3:ea:c8:6a:98:51:4b:65:5f:d0:ee:96:
87:b2:f9:16:93:7f:7c:07:91:5c:43:27:c3:63:0d:
48:f7:95:f9:a6:6f:2b:e9:fe:4d:0a:10:5d:d5:39:
1a:44:8b:99:f4:41:f9:c7:e7:94:10:9a:7e:b0:29:
c3:17:e6:eb:04:fd:30:24:12:c3:8c:0a:91:db:b1:
a1:9f:84:f2:a6:17:87:19:3a:9f:5f:3c:c0:d3:e5:
4b:e2:df:21:1a:35:28:8f:46:ae:67:f0:f1:7a:2f:
92:d5:32:52:13:21:75:43:f5:9a:76:85:7b:1b:24:
3d:30:30:9e:96:56:b8:88:58:a9:3c:f5:e9:38:e3:
9a:62:90:4e:d3:e9:bc:f0:b3:f9:07:1e:e4:6d:ea:
dd:42:73:3d:c3:6a:ef:96:46:6f:7a:0b:1e:28:e5:
f8:22:04:56:56:f0:2b:9d:0a:b9:2e:d6:c8:a3:83:
7e:91:1b:86:76:71:a9:59:83:25:9d:02:cb:fe:c7:
1a:f3:35:c1:4c:68:9f:96:9c:27:3c:77:73:f5:b0:
f2:21:a8:b4:f4:e6:b1:dd:7a:ef:d7:91:e8:3a:c7:
3f:6c:9a:3a:ef:eb:c5:bb:2a:2c:9b:98:e9:5a:5e:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1B:AC:C3:B3:21:70:5B:71:7B:87:01:56:58:19:68:92:0D:EB:04
X509v3 Authority Key Identifier:
keyid:E8:6B:4E:D3:31:7C:92:A3:4B:76:C8:FA:D2:9A:E9:70:80:F9:1F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6GtO0zF8kqNLdsj60prpcID5Hzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/Xxusw7MhcFtxe4cBVlgZaJIN6wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/6GtO0zF8kqNLdsj60prpcID5Hzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:b7:fe:70:af:b5:ba:0d:d5:6f:fb:7a:cf:46:98:d9:da:87:
c8:bd:b4:19:84:83:b7:09:50:54:68:65:6b:d0:33:15:d7:78:
75:7b:74:47:72:bc:56:a6:9b:46:b7:51:1e:58:b7:56:3b:aa:
1c:72:5b:b4:11:6c:9e:34:f8:fc:e4:c6:76:47:94:ff:84:b8:
99:48:ef:11:c2:f0:48:f1:d3:58:c4:a9:3e:0d:42:7a:db:d3:
fa:78:69:b3:04:0a:74:52:f8:e2:bb:4c:b4:e1:7a:22:e1:be:
4f:8b:92:c0:1c:17:27:7a:74:d0:04:a1:ad:6e:e1:a3:d0:4c:
fa:d3:cf:93:a3:12:ac:17:a4:7d:eb:62:0c:5b:b8:0d:75:d2:
31:b0:2c:91:05:8f:24:1a:2c:02:aa:b0:13:6d:c5:d0:0a:ca:
7b:97:e8:0a:ee:06:bd:54:c6:5c:25:aa:c9:68:82:aa:14:95:
1b:35:e4:aa:6b:e6:b8:7f:99:7a:0e:73:14:c5:b9:d1:6b:a3:
c9:da:83:83:24:3b:65:23:b1:9e:86:05:6f:b5:6a:0d:9f:91:
d3:e7:7e:a5:61:3a:bd:3d:f8:b0:6f:2f:b7:6a:72:a7:0a:25:
fc:47:cc:c0:f0:51:b3:07:ab:72:4a:5a:72:bb:65:50:96:05:
d4:ae:c4:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLyN892OcjkMjH8vk7Bw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NmI0ZWQzMzE3YzkyYTM0Yjc2YzhmYWQyOWFlOTcwODBm
OTFmM2IwHhcNMjMwMTAxMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFiYWNjM2IzMjE3MDViNzE3Yjg3MDE1NjU4MTk2ODkyMGRlYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs13UxiQ9b7obVjAbAJTvOij6shq
mFFLZV/Q7paHsvkWk398B5FcQyfDYw1I95X5pm8r6f5NChBd1TkaRIuZ9EH5x+eU
EJp+sCnDF+brBP0wJBLDjAqR27Ghn4TypheHGTqfXzzA0+VL4t8hGjUoj0auZ/Dx
ei+S1TJSEyF1Q/WadoV7GyQ9MDCella4iFipPPXpOOOaYpBO0+m88LP5Bx7kberd
QnM9w2rvlkZvegseKOX4IgRWVvArnQq5LtbIo4N+kRuGdnGpWYMlnQLL/sca8zXB
TGiflpwnPHdz9bDyIai09Oax3Xrv15HoOsc/bJo67+vFuyosm5jpWl4N1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8brMOzIXBbcXuHAVZYGWiSDesEMB8GA1UdIwQY
MBaAFOhrTtMxfJKjS3bI+tKa6XCA+R87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkd0TzB6RjhrcU5MZHNqNjBwcnBjSUQ1SHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82YzVlYWYtOWM0NC00YTVhLWJhYTEt
MzI1YWFkZDczM2MzLzEvWHh1c3c3TWhjRnR4ZTRjQlZsZ1phSklONndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82YzVlYWYtOWM0NC00YTVhLWJhYTEtMzI1YWFkZDczM2Mz
LzEvNkd0TzB6RjhrcU5MZHNqNjBwcnBjSUQ1SHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWo4MA0G
CSqGSIb3DQEBCwUAA4IBAQCgt/5wr7W6DdVv+3rPRpjZ2ofIvbQZhIO3CVBUaGVr
0DMV13h1e3RHcrxWpptGt1EeWLdWO6occlu0EWyeNPj85MZ2R5T/hLiZSO8RwvBI
8dNYxKk+DUJ629P6eGmzBAp0Uvjiu0y04Xoi4b5Pi5LAHBcnenTQBKGtbuGj0Ez6
08+ToxKsF6R962IMW7gNddIxsCyRBY8kGiwCqrATbcXQCsp7l+gK7ga9VMZcJarJ
aIKqFJUbNeSqa+a4f5l6DnMUxbnRa6PJ2oODJDtlI7GehgVvtWoNn5HT536lYTq9
Pfiwby+3anKnCiX8R8zA8FGzB6tySlpyu2VQlgXUrsQ1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:39 2024 by rpki-client on console-ams.rpki-client.org