Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xfC5RcbldCTqPDuVNdNLlA-sdVw.roa
File: xfC5RcbldCTqPDuVNdNLlA-sdVw.roa (raw, json)
Hash identifier: +ZXrRX55ZrPbA6MVeHkY+X5cKAjLySFbLgB8lypMvyc=
Subject key identifier: C5:F0:B9:45:C6:E5:74:24:EA:3C:3B:95:35:D3:4B:94:0F:AC:75:5C
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A329AC6B43F927C0AE968878836A2
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xfC5RcbldCTqPDuVNdNLlA-sdVw.roa
Signing time: Sun 01 Jan 2023 03:05:02 +0000
ROA not before: Sun 01 Jan 2023 03:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59941
IP address blocks: 141.101.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:32:9a:c6:b4:3f:92:7c:0a:e9:68:87:88:36:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5f0b945c6e57424ea3c3b9535d34b940fac755c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:8d:84:f4:09:3c:a3:ff:c5:1f:56:e0:51:
00:9a:2f:ff:f8:5a:a7:90:ff:af:ac:33:99:cd:23:
cc:86:9c:86:f2:f6:64:9d:8b:d3:74:4a:4b:5b:ae:
62:31:7a:2f:b3:d9:1c:24:81:73:65:6e:30:6e:03:
30:93:50:df:eb:b0:9b:7d:ef:60:dc:db:21:8d:9c:
7b:e1:5f:bd:bf:e9:8d:79:3f:88:23:2e:ec:4c:aa:
43:a0:15:1d:fc:8d:56:2e:b8:98:1c:78:6e:db:55:
b8:bc:06:49:4e:81:d2:f3:22:e6:88:e9:dc:6a:28:
f2:0d:1f:38:9d:3a:70:81:0e:5a:d9:15:b3:ab:bd:
8c:95:f2:ea:66:b9:5f:8d:6f:71:27:bb:ee:d9:a2:
2e:e2:e6:0b:fc:2a:5e:be:42:53:15:79:f6:80:b1:
93:50:96:b5:38:18:58:77:39:5b:da:cb:a9:cf:55:
97:18:5d:57:1d:3f:9d:48:c1:47:2f:ac:45:e8:bf:
55:05:c1:35:cc:bf:de:87:6b:07:2a:58:10:c7:35:
62:c7:45:8a:9f:12:a2:98:24:a3:33:43:7b:a1:89:
ae:94:3c:47:49:1b:ed:92:4e:19:f0:cc:4c:e2:01:
0d:56:b3:b6:1b:09:09:0b:d7:b2:f0:b7:a1:23:78:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F0:B9:45:C6:E5:74:24:EA:3C:3B:95:35:D3:4B:94:0F:AC:75:5C
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xfC5RcbldCTqPDuVNdNLlA-sdVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:ba:fd:61:8d:b2:ad:bc:9c:e1:94:dc:25:93:b5:19:97:83:
f9:7f:0f:ef:be:07:f0:c9:d3:cb:cb:aa:f7:d4:bb:43:27:04:
55:38:ef:18:dc:64:3e:1c:d4:9b:e1:5c:86:fc:72:b0:ea:5a:
dd:3e:a9:05:e5:5e:4d:0c:be:de:b4:ac:75:87:f7:c4:f6:42:
29:67:ff:19:a8:8d:21:ac:11:25:65:cf:50:39:9c:cb:31:86:
3e:9d:4d:1e:01:40:a9:09:36:cd:74:21:32:ab:60:79:20:a6:
ce:b8:96:85:dc:bd:1d:01:05:32:14:c1:85:f6:e6:28:00:c4:
89:7d:a7:f9:b5:26:1d:50:5a:ad:8d:a8:df:3f:c1:d8:c7:2e:
f5:ba:94:9c:9e:91:c6:f4:1a:da:b1:b2:8f:ef:05:e5:21:80:
06:84:ad:d4:d4:a0:d3:fb:7e:16:cd:72:f4:bf:83:fe:48:d8:
ad:bf:23:7d:85:0f:bf:bf:69:a2:ed:6c:99:dc:7f:3c:7c:e0:
b3:72:17:6c:df:be:e3:ec:7f:f4:f8:5f:26:07:41:3c:9a:69:
4f:e9:7d:20:a9:a5:01:21:d3:e0:57:4f:df:16:07:d3:0b:bb:
2c:23:d0:71:25:51:3e:60:20:5e:04:0e:66:d6:a1:23:ba:eb:
03:da:c0:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSjKaxrQ/knwK6WiHiDaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWYwYjk0NWM2ZTU3NDI0ZWEzYzNiOTUzNWQzNGI5NDBmYWM3NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj82NhPQJPKP/xR9W4FEAmi//+Fqn
kP+vrDOZzSPMhpyG8vZknYvTdEpLW65iMXovs9kcJIFzZW4wbgMwk1Df67Cbfe9g
3NshjZx74V+9v+mNeT+IIy7sTKpDoBUd/I1WLriYHHhu21W4vAZJToHS8yLmiOnc
aijyDR84nTpwgQ5a2RWzq72MlfLqZrlfjW9xJ7vu2aIu4uYL/CpevkJTFXn2gLGT
UJa1OBhYdzlb2supz1WXGF1XHT+dSMFHL6xF6L9VBcE1zL/eh2sHKlgQxzVix0WK
nxKimCSjM0N7oYmulDxHSRvtkk4Z8MxM4gENVrO2GwkJC9ey8LehI3hIwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXwuUXG5XQk6jw7lTXTS5QPrHVcMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEveGZDNVJjYmxkQ1RxUER1Vk5kTkxsQS1zZFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWX7MA0G
CSqGSIb3DQEBCwUAA4IBAQC2uv1hjbKtvJzhlNwlk7UZl4P5fw/vvgfwydPLy6r3
1LtDJwRVOO8Y3GQ+HNSb4VyG/HKw6lrdPqkF5V5NDL7etKx1h/fE9kIpZ/8ZqI0h
rBElZc9QOZzLMYY+nU0eAUCpCTbNdCEyq2B5IKbOuJaF3L0dAQUyFMGF9uYoAMSJ
faf5tSYdUFqtjajfP8HYxy71upScnpHG9BrasbKP7wXlIYAGhK3U1KDT+34WzXL0
v4P+SNitvyN9hQ+/v2mi7WyZ3H88fOCzchds377j7H/0+F8mB0E8mmlP6X0gqaUB
IdPgV0/fFgfTC7ssI9BxJVE+YCBeBA5m1qEjuusD2sA/
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:29 2024 by rpki-client on console-ams.rpki-client.org