Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/XH23rQiuUAhRyrxqTqy3_7XN1OY.roa
File: XH23rQiuUAhRyrxqTqy3_7XN1OY.roa (raw, json)
Hash identifier: kg8metAIsUiv8iiDbZbwO5a6PtyqMzUekO+pvQ948tw=
Subject key identifier: 5C:7D:B7:AD:08:AE:50:08:51:CA:BC:6A:4E:AC:B7:FF:B5:CD:D4:E6
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018A220223707C5C7093F81BACA8796FF57F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/XH23rQiuUAhRyrxqTqy3_7XN1OY.roa
Signing time: Wed 23 Aug 2023 10:47:59 +0000
ROA not before: Wed 23 Aug 2023 10:47:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51308
IP address blocks: 2a12:bec0:e03::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:02:23:70:7c:5c:70:93:f8:1b:ac:a8:79:6f:f5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Aug 23 10:47:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c7db7ad08ae500851cabc6a4eacb7ffb5cdd4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c0:7b:ee:9a:94:50:bd:dc:e8:81:c3:37:8c:
0d:d6:f6:61:4c:59:7a:33:1d:bb:70:2e:bd:99:f8:
13:7b:f8:ca:b1:f0:b7:37:eb:02:a1:2f:6a:56:9c:
f1:d3:41:83:3b:29:f7:99:aa:d6:43:6c:59:e5:28:
b7:f1:5f:ef:60:ef:e3:dc:40:9c:d1:80:d6:1f:8a:
7e:a3:ec:d4:4f:c1:c5:d8:b6:fc:b2:55:e1:88:84:
3a:12:10:bf:7a:03:48:c9:d5:10:17:29:70:65:9b:
29:a6:f5:24:cb:3c:3b:a6:61:96:bb:d6:93:8a:ed:
36:36:7e:7b:c3:ca:dd:fa:a4:b6:55:98:eb:ef:41:
6a:29:e2:15:e3:c8:04:83:e3:08:da:9d:95:88:97:
3f:35:d8:56:fe:b5:5a:9b:65:16:2e:b8:ca:93:d9:
e8:1c:47:3c:88:13:75:24:54:5a:ed:d0:48:86:31:
38:23:1d:03:43:45:53:fb:4a:56:d9:a1:fd:87:6f:
57:2f:f0:0a:ed:d7:b0:ca:1e:02:f0:e7:78:91:0e:
17:dc:94:25:3b:62:e1:f3:cb:86:c4:31:67:b1:ef:
44:48:a2:06:c4:bf:00:c5:dd:b7:90:7c:54:0c:bd:
1b:90:d8:9a:46:9d:1f:52:85:a8:c3:22:0d:6f:bd:
08:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7D:B7:AD:08:AE:50:08:51:CA:BC:6A:4E:AC:B7:FF:B5:CD:D4:E6
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/XH23rQiuUAhRyrxqTqy3_7XN1OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:e03::/48
Signature Algorithm: sha256WithRSAEncryption
96:7c:51:37:7a:8a:da:4c:1f:c9:36:91:dc:df:44:8b:fc:58:
b5:73:b7:07:01:e4:f7:f5:a8:03:33:6b:96:cb:63:47:02:02:
df:37:23:cc:8f:6d:6d:54:f9:52:58:f8:5f:f3:40:88:64:97:
c7:5b:4d:06:2c:87:a9:e3:33:c7:01:cc:f8:2c:65:24:b1:77:
5c:14:17:b2:38:b1:de:83:16:eb:51:7b:be:f9:c9:41:b1:9b:
79:ca:17:19:78:d0:bc:75:58:30:30:bb:b1:fc:d9:cc:41:1c:
7b:0b:07:74:d2:41:38:67:0f:a2:8d:82:85:2f:83:a9:74:1e:
dc:36:a0:82:4b:5a:0b:b7:f6:55:79:f8:35:92:cf:76:74:d0:
7f:15:a2:f6:a1:c1:ba:be:7f:5f:2a:14:c5:b4:3f:da:1f:45:
ca:4e:ed:1e:52:84:bd:55:6b:0b:c5:e7:86:87:e9:0a:f9:67:
89:cd:00:a3:91:bb:58:23:90:31:2c:53:4c:05:aa:ed:cd:9c:
84:d6:c1:0f:1e:9b:43:eb:6c:0d:55:b1:3d:38:cf:22:1a:4e:
1a:e7:64:57:77:9d:8b:c5:cf:64:bc:e6:5b:ea:78:0f:d6:e8:
52:94:3f:01:62:7a:6b:ba:23:78:28:76:47:df:3e:47:6e:7c:
6b:ba:ac:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoiAiNwfFxwk/gbrKh5b/V/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwODIzMTA0NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdkYjdhZDA4YWU1MDA4NTFjYWJjNmE0ZWFjYjdmZmI1Y2RkNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8B77pqUUL3c6IHDN4wN1vZhTFl6
Mx27cC69mfgTe/jKsfC3N+sCoS9qVpzx00GDOyn3marWQ2xZ5Si38V/vYO/j3ECc
0YDWH4p+o+zUT8HF2Lb8slXhiIQ6EhC/egNIydUQFylwZZsppvUkyzw7pmGWu9aT
iu02Nn57w8rd+qS2VZjr70FqKeIV48gEg+MI2p2ViJc/NdhW/rVam2UWLrjKk9no
HEc8iBN1JFRa7dBIhjE4Ix0DQ0VT+0pW2aH9h29XL/AK7dewyh4C8Od4kQ4X3JQl
O2Lh88uGxDFnse9ESKIGxL8Axd23kHxUDL0bkNiaRp0fUoWowyINb70InwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFx9t60IrlAIUcq8ak6st/+1zdTmMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvWEgyM3JRaXVVQWhSeXJ4cVRxeTNfN1hOMU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+wA4D
MA0GCSqGSIb3DQEBCwUAA4IBAQCWfFE3eoraTB/JNpHc30SL/Fi1c7cHAeT39agD
M2uWy2NHAgLfNyPMj21tVPlSWPhf80CIZJfHW00GLIep4zPHAcz4LGUksXdcFBey
OLHegxbrUXu++clBsZt5yhcZeNC8dVgwMLux/NnMQRx7Cwd00kE4Zw+ijYKFL4Op
dB7cNqCCS1oLt/ZVefg1ks92dNB/FaL2ocG6vn9fKhTFtD/aH0XKTu0eUoS9VWsL
xeeGh+kK+WeJzQCjkbtYI5AxLFNMBartzZyE1sEPHptD62wNVbE9OM8iGk4a52RX
d52Lxc9kvOZb6ngP1uhSlD8BYnpruiN4KHZH3z5Hbnxruqxk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org