Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XLb_71qw4gFngRQPbzv9NIhQ5LY.roa
File: XLb_71qw4gFngRQPbzv9NIhQ5LY.roa (raw, json)
Hash identifier: 10HjINUxLdvtZfzHfZpuVLfAaSkwTcSMj9n0784HgQ0=
Subject key identifier: 5C:B6:FF:EF:5A:B0:E2:01:67:81:14:0F:6F:3B:FD:34:88:50:E4:B6
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 01887F89B8B052B32787A4B82FA92B3694AF
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XLb_71qw4gFngRQPbzv9NIhQ5LY.roa
Signing time: Sat 03 Jun 2023 04:35:12 +0000
ROA not before: Sat 03 Jun 2023 04:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50321
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7f:89:b8:b0:52:b3:27:87:a4:b8:2f:a9:2b:36:94:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Jun 3 04:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cb6ffef5ab0e2016781140f6f3bfd348850e4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:a9:1d:84:b9:1f:a5:cf:06:62:78:a6:95:
0e:ff:29:5c:81:8a:e6:7e:79:6c:95:67:d5:05:f0:
c2:52:54:1e:ab:d9:17:77:7a:bc:ba:97:38:1e:a0:
2b:9d:7b:24:a8:bc:03:97:41:09:50:97:be:fd:cf:
23:d4:32:c2:45:99:23:bf:9f:88:a6:0e:39:c6:84:
1c:8d:23:d3:a1:0a:ff:55:f6:17:d4:42:67:5f:ef:
c7:4a:9a:86:fc:71:df:c2:fe:22:5e:3b:dc:be:51:
cb:03:2b:30:48:49:e5:bd:cf:b9:93:df:ff:d5:2e:
2c:00:e5:f3:42:67:0a:d6:4e:e5:4a:06:af:c8:82:
9e:8d:98:44:a3:13:71:d1:b9:a4:40:45:14:38:77:
7d:72:99:c7:b3:88:6a:bf:25:51:f2:91:b6:b9:bf:
58:9d:85:ac:1f:51:b3:a6:e5:b9:6c:ff:d1:e9:57:
20:d7:7f:2a:dc:e7:85:af:91:36:46:d2:97:8b:06:
94:00:4c:e9:2c:b6:14:2e:ac:9b:98:dd:f9:9c:17:
21:29:b2:21:e7:96:79:64:9d:45:5c:f6:61:43:60:
ba:54:55:ac:15:cf:20:d3:27:77:c9:2c:3b:97:33:
3c:2f:99:36:d7:b4:58:95:da:09:2c:2f:31:85:03:
ff:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B6:FF:EF:5A:B0:E2:01:67:81:14:0F:6F:3B:FD:34:88:50:E4:B6
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XLb_71qw4gFngRQPbzv9NIhQ5LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:19:9f:0e:53:e6:97:f8:25:1c:f7:e6:71:24:4b:c7:a9:b6:
c8:61:ac:79:90:f2:89:fb:fe:b4:88:ad:e7:a8:51:ff:d1:5a:
dd:f3:3f:98:72:c8:9d:57:34:83:1f:2c:f3:49:9a:15:36:83:
4e:b9:87:9c:5f:28:a5:81:6c:14:ae:eb:c4:d0:96:41:a5:90:
c6:4e:e3:bb:82:52:0a:30:2e:28:1f:e3:9e:e3:9d:26:7f:28:
6f:95:82:17:f6:54:fe:f9:92:2d:64:9f:68:4b:31:c8:1d:3d:
f1:bc:bc:4e:03:bd:f3:dc:98:ae:7e:96:10:c9:8e:5f:f5:e6:
da:39:86:21:2b:c2:a1:c2:e7:4f:2e:ac:46:a9:a7:52:78:79:
64:81:c5:e5:75:06:f7:45:00:63:65:60:21:99:43:40:13:34:
ba:30:a2:d8:94:db:4c:d6:d0:ad:46:ab:ea:7f:c4:8d:ae:bd:
9f:f8:01:85:91:5a:60:ad:7d:43:a2:30:7c:58:ab:4a:91:73:
12:f2:50:0f:af:fb:b6:0f:a6:8f:6b:78:ea:4e:f8:b1:89:0c:
9e:97:e3:71:fa:5f:0b:35:83:f5:bd:54:9e:db:82:2a:a0:22:
56:87:39:69:b6:fe:81:3b:7f:9f:71:54:e5:49:32:56:93:8f:
6a:88:e5:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh/ibiwUrMnh6S4L6krNpSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjMwNjAzMDQzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I2ZmZlZjVhYjBlMjAxNjc4MTE0MGY2ZjNiZmQzNDg4NTBlNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluCpHYS5H6XPBmJ4ppUO/ylcgYrm
fnlslWfVBfDCUlQeq9kXd3q8upc4HqArnXskqLwDl0EJUJe+/c8j1DLCRZkjv5+I
pg45xoQcjSPToQr/VfYX1EJnX+/HSpqG/HHfwv4iXjvcvlHLAyswSEnlvc+5k9//
1S4sAOXzQmcK1k7lSgavyIKejZhEoxNx0bmkQEUUOHd9cpnHs4hqvyVR8pG2ub9Y
nYWsH1GzpuW5bP/R6Vcg138q3OeFr5E2RtKXiwaUAEzpLLYULqybmN35nBchKbIh
55Z5ZJ1FXPZhQ2C6VFWsFc8g0yd3ySw7lzM8L5k217RYldoJLC8xhQP/UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFy2/+9asOIBZ4EUD287/TSIUOS2MB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvWExiXzcxcXc0Z0ZuZ1JRUGJ6djlOSWhRNUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQAdGZ8OU+aX+CUc9+ZxJEvHqbbIYax5kPKJ+/60iK3n
qFH/0Vrd8z+YcsidVzSDHyzzSZoVNoNOuYecXyilgWwUruvE0JZBpZDGTuO7glIK
MC4oH+Oe450mfyhvlYIX9lT++ZItZJ9oSzHIHT3xvLxOA73z3JiufpYQyY5f9eba
OYYhK8KhwudPLqxGqadSeHlkgcXldQb3RQBjZWAhmUNAEzS6MKLYlNtM1tCtRqvq
f8SNrr2f+AGFkVpgrX1DojB8WKtKkXMS8lAPr/u2D6aPa3jqTvixiQyel+Nx+l8L
NYP1vVSe24IqoCJWhzlptv6BO3+fcVTlSTJWk49qiOUC
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:32 2024 by rpki-client on console-fra.rpki-client.org