Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xYam_V5DslYle0DAfmUdw8mWxtw.roa
File: xYam_V5DslYle0DAfmUdw8mWxtw.roa (raw, json)
Hash identifier: DCfN7ALDpH2WA40VO9v7V1XsfMuJHeTtiOk3KzyjwIQ=
Subject key identifier: C5:86:A6:FD:5E:43:B2:56:25:7B:40:C0:7E:65:1D:C3:C9:96:C6:DC
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DC57EB3A030B2FBD9BBEEC8119A64
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xYam_V5DslYle0DAfmUdw8mWxtw.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3204
IP address blocks: 2a09:7:200a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c5:7e:b3:a0:30:b2:fb:d9:bb:ee:c8:11:9a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c586a6fd5e43b256257b40c07e651dc3c996c6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d6:24:a0:6a:bd:a3:28:a2:1f:bc:d4:0c:12:
60:06:1c:50:33:f8:86:12:84:ba:24:5b:ba:7d:d4:
e2:56:22:69:5a:de:f9:9a:70:b0:de:f9:44:ff:56:
29:70:3c:ed:2f:fb:b9:45:21:1a:3b:17:ff:20:54:
41:31:aa:88:c3:09:e1:cd:fd:22:49:b7:7e:e1:99:
84:22:0c:01:64:a0:e7:75:8c:f2:a9:c6:85:d8:0d:
0f:55:09:d5:e3:47:98:1d:5e:b6:d9:eb:5b:cf:10:
d5:af:c3:42:77:50:5b:17:d9:c2:7b:1e:de:64:1e:
75:25:1c:31:90:cf:a9:23:43:b0:e7:95:25:8a:01:
bf:4f:ed:06:82:a7:4f:2a:59:27:41:e3:cf:ff:98:
a1:7b:01:e8:eb:fa:38:17:21:13:f9:08:ac:31:25:
73:5a:2c:76:86:57:43:c7:c6:10:1f:04:aa:9a:3d:
98:26:74:60:ba:fb:b7:7d:03:6d:f5:43:3d:8f:88:
5d:a9:87:91:6d:a8:70:88:5f:6d:6e:be:84:fa:64:
3c:de:4e:d1:81:66:d4:7f:3c:92:c0:b6:99:4e:bc:
52:a1:8d:61:3c:ba:e9:80:8d:1d:b8:98:75:08:1c:
b7:8f:1d:f8:e7:00:19:79:85:32:4e:5e:5e:37:ff:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:86:A6:FD:5E:43:B2:56:25:7B:40:C0:7E:65:1D:C3:C9:96:C6:DC
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xYam_V5DslYle0DAfmUdw8mWxtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7:200a::/48
Signature Algorithm: sha256WithRSAEncryption
06:17:d5:01:bf:dc:21:02:e0:bd:95:01:f0:da:21:ce:b1:17:
29:ae:66:e9:83:5f:f2:cf:ed:a5:2e:d5:a5:74:14:31:bc:af:
6f:75:ed:14:0a:a6:11:29:fb:7c:3c:8d:7e:1f:87:3e:5a:68:
7e:25:1b:36:a0:ae:18:4d:09:17:0c:dd:40:33:ab:15:34:42:
db:1c:42:b0:d1:52:f7:e3:00:69:29:da:7d:26:5b:0c:39:75:
40:b2:75:4a:12:4a:a6:1c:ea:a8:d4:31:50:6a:18:35:b0:90:
8c:71:95:50:9e:9f:be:fa:1c:9c:74:5c:cd:10:8a:a0:12:d3:
54:60:33:93:7f:6d:00:53:8c:d4:ed:db:66:05:4c:8d:55:83:
7a:8b:32:bc:d0:1e:95:73:87:60:4f:46:d8:ba:b7:30:60:d7:
62:20:dc:14:9c:2c:98:43:af:dd:b8:06:69:3e:e9:67:a5:34:
6a:de:79:c4:c1:2c:df:29:c0:a0:b8:66:8b:af:0f:bf:df:5e:
1e:35:d5:3c:72:18:e0:90:dc:a0:3e:b9:7b:f7:65:a1:f6:7b:
0a:93:d7:2a:d6:81:18:f6:fe:a0:57:8d:2a:8a:73:95:29:46:
bf:46:0c:75:bc:cd:dd:52:ba:a9:73:b7:e8:28:36:e2:5f:02:
d7:5b:3a:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvHcV+s6AwsvvZu+7IEZpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg2YTZmZDVlNDNiMjU2MjU3YjQwYzA3ZTY1MWRjM2M5OTZjNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9YkoGq9oyiiH7zUDBJgBhxQM/iG
EoS6JFu6fdTiViJpWt75mnCw3vlE/1YpcDztL/u5RSEaOxf/IFRBMaqIwwnhzf0i
Sbd+4ZmEIgwBZKDndYzyqcaF2A0PVQnV40eYHV622etbzxDVr8NCd1BbF9nCex7e
ZB51JRwxkM+pI0Ow55UligG/T+0GgqdPKlknQePP/5ihewHo6/o4FyET+QisMSVz
Wix2hldDx8YQHwSqmj2YJnRguvu3fQNt9UM9j4hdqYeRbahwiF9tbr6E+mQ83k7R
gWbUfzySwLaZTrxSoY1hPLrpgI0duJh1CBy3jx345wAZeYUyTl5eN//oPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMWGpv1eQ7JWJXtAwH5lHcPJlsbcMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEveFlhbV9WNURzbFlsZTBEQWZtVWR3OG1XeHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAK
MA0GCSqGSIb3DQEBCwUAA4IBAQAGF9UBv9whAuC9lQHw2iHOsRcprmbpg1/yz+2l
LtWldBQxvK9vde0UCqYRKft8PI1+H4c+Wmh+JRs2oK4YTQkXDN1AM6sVNELbHEKw
0VL34wBpKdp9JlsMOXVAsnVKEkqmHOqo1DFQahg1sJCMcZVQnp+++hycdFzNEIqg
EtNUYDOTf20AU4zU7dtmBUyNVYN6izK80B6Vc4dgT0bYurcwYNdiINwUnCyYQ6/d
uAZpPulnpTRq3nnEwSzfKcCguGaLrw+/314eNdU8chjgkNygPrl792Wh9nsKk9cq
1oEY9v6gV40qinOVKUa/Rgx1vM3dUrqpc7foKDbiXwLXWzoR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org