Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/xEuziVfSbnhCuE3Qh69vlcY2eoE.roa
File: xEuziVfSbnhCuE3Qh69vlcY2eoE.roa (raw, json)
Hash identifier: 1H/Pljhin7VtqdcR5FapDInlwbwxrMfOqhe6CZpcxK8=
Subject key identifier: C4:4B:B3:89:57:D2:6E:78:42:B8:4D:D0:87:AF:6F:95:C6:36:7A:81
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 01856FF06176F1D137AA39C42B7A325BB892
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/xEuziVfSbnhCuE3Qh69vlcY2eoE.roa
Signing time: Mon 02 Jan 2023 00:45:02 +0000
ROA not before: Mon 02 Jan 2023 00:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 2001:4c08:2006::/48 maxlen: 48
2001:4c08:201e::/48 maxlen: 48
2001:4c08:2007::/48 maxlen: 48
2001:4c08:2002::/48 maxlen: 48
2001:4c08:2012::/48 maxlen: 48
2001:4c08:2005::/48 maxlen: 48
2001:4c08:2018::/48 maxlen: 48
2001:4c08:2008::/48 maxlen: 48
2001:4c08:2020::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:61:76:f1:d1:37:aa:39:c4:2b:7a:32:5b:b8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 00:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c44bb38957d26e7842b84dd087af6f95c6367a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:19:53:c5:9d:c4:ec:fd:86:ba:f9:00:c5:
17:95:96:4a:4c:ec:19:20:1d:58:f3:41:eb:1a:0c:
8c:43:66:d8:72:e5:e6:8f:ec:64:ba:13:a0:31:c7:
17:01:91:df:03:f7:43:67:94:04:be:db:0e:f1:c0:
e0:5b:3d:12:bd:74:a5:04:2f:14:15:41:99:16:e7:
f7:16:43:49:89:da:1f:de:15:00:4f:f5:b7:15:c9:
e0:d2:88:e3:38:72:c3:2e:64:82:d8:d7:3d:4a:95:
70:e1:c2:6b:79:82:e1:12:9e:67:bb:f0:e3:26:0e:
5b:48:c7:d4:a2:38:b8:23:cd:b4:26:ca:e8:d0:30:
fd:aa:2e:92:cc:77:7a:84:78:42:8e:91:f2:b1:07:
61:3f:15:aa:4f:49:f7:91:6b:db:56:70:0b:09:7e:
b8:ba:dc:22:9b:80:2e:a9:19:cd:44:4c:4c:aa:b8:
d2:dc:3d:44:af:33:e6:9f:ef:4a:e4:de:94:f9:27:
b1:4c:9a:49:3d:86:6c:38:90:b8:e6:48:19:2f:0b:
f8:6a:3a:18:04:62:b0:a6:5b:47:96:64:ff:4a:76:
6d:e1:a1:06:8c:d1:e9:1a:24:56:52:d6:bd:70:12:
96:b0:ad:7d:6b:0f:88:eb:64:29:e6:ab:a8:0b:46:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4B:B3:89:57:D2:6E:78:42:B8:4D:D0:87:AF:6F:95:C6:36:7A:81
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/xEuziVfSbnhCuE3Qh69vlcY2eoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4c08:2002::/48
2001:4c08:2005::-2001:4c08:2008:ffff:ffff:ffff:ffff:ffff
2001:4c08:2012::/48
2001:4c08:2018::/48
2001:4c08:201e::/48
2001:4c08:2020::/48
Signature Algorithm: sha256WithRSAEncryption
c5:8f:7e:6d:69:3f:2f:e9:f0:c9:a5:a1:22:5b:24:0e:70:6b:
2b:66:97:16:da:0e:44:68:72:43:b2:03:60:2b:9f:24:c5:06:
08:f8:61:3a:4e:fc:82:14:92:f6:7f:02:df:09:1a:54:4d:2a:
06:2c:59:c2:0a:70:1e:e8:bf:dd:19:a9:47:b2:d7:e0:28:49:
54:4a:d1:ae:af:5e:e2:29:88:3d:99:99:35:5f:30:5e:d7:f1:
9d:46:1b:5f:1a:0a:93:e3:ea:aa:42:c6:05:49:8e:7b:3c:fb:
69:3f:60:39:39:e3:ec:b9:cc:bc:8d:25:e7:a5:c7:e2:c2:8b:
76:08:89:c6:d9:6d:da:1b:3f:f8:6f:50:9f:b6:4f:f4:9c:6e:
95:ef:42:50:80:86:c2:79:f1:31:25:85:14:0d:7d:03:c7:c4:
5f:28:e6:71:c7:65:03:e7:86:03:0f:84:33:af:9c:78:9f:f2:
1f:1a:20:ef:35:cd:c6:e3:fd:53:42:c1:ba:2e:e1:7e:e9:4e:
85:90:62:d1:c0:2c:fa:db:70:7e:fd:24:9b:61:e2:99:9a:5c:
18:ce:76:99:5a:ba:ea:b1:86:f4:11:aa:0e:35:f7:c6:ac:cc:
ea:fa:23:d3:f1:71:47:70:cc:f5:e6:1c:c9:08:8b:38:03:68:
d1:56:14:81
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVv8GF28dE3qjnEK3oyW7iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwMTAyMDA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRiYjM4OTU3ZDI2ZTc4NDJiODRkZDA4N2FmNmY5NWM2MzY3YTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf4ZU8WdxOz9hrr5AMUXlZZKTOwZ
IB1Y80HrGgyMQ2bYcuXmj+xkuhOgMccXAZHfA/dDZ5QEvtsO8cDgWz0SvXSlBC8U
FUGZFuf3FkNJidof3hUAT/W3Fcng0ojjOHLDLmSC2Nc9SpVw4cJreYLhEp5nu/Dj
Jg5bSMfUoji4I820Jsro0DD9qi6SzHd6hHhCjpHysQdhPxWqT0n3kWvbVnALCX64
utwim4AuqRnNRExMqrjS3D1ErzPmn+9K5N6U+SexTJpJPYZsOJC45kgZLwv4ajoY
BGKwpltHlmT/SnZt4aEGjNHpGiRWUta9cBKWsK19aw+I62Qp5quoC0YK2QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMRLs4lX0m54QrhN0Ievb5XGNnqBMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEveEV1emlWZlNibmhDdUUzUWg2OXZsY1kyZW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAIAFMCCAC
MBIDBwAgAUwIIAUDBwAgAUwIIAgDBwAgAUwIIBIDBwAgAUwIIBgDBwAgAUwIIB4D
BwAgAUwIICAwDQYJKoZIhvcNAQELBQADggEBAMWPfm1pPy/p8MmloSJbJA5waytm
lxbaDkRockOyA2ArnyTFBgj4YTpO/IIUkvZ/At8JGlRNKgYsWcIKcB7ov90ZqUey
1+AoSVRK0a6vXuIpiD2ZmTVfMF7X8Z1GG18aCpPj6qpCxgVJjns8+2k/YDk54+y5
zLyNJeelx+LCi3YIicbZbdobP/hvUJ+2T/ScbpXvQlCAhsJ58TElhRQNfQPHxF8o
5nHHZQPnhgMPhDOvnHif8h8aIO81zcbj/VNCwbou4X7pToWQYtHALPrbcH79JJth
4pmaXBjOdplauuqxhvQRqg4198aszOr6I9PxcUdwzPXmHMkIizgDaNFWFIE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:29 2024 by rpki-client on console-fra.rpki-client.org