Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/2c8b70-66bc-4163-8f80-20f7d44ed126/1/XZl6LS0O754OhNf98CrpYIZZE9E.roa
File: XZl6LS0O754OhNf98CrpYIZZE9E.roa (raw, json)
Hash identifier: cwQaRqxdBWI6uu49Tl4Swud3kvEHoqbCYTpnfQRgz7I=
Subject key identifier: 5D:99:7A:2D:2D:0E:EF:9E:0E:84:D7:FD:F0:2A:E9:60:86:59:13:D1
Certificate issuer: /CN=a63dcb90a14742a52be5ca09cbed8dfc1cd3d1ef
Certificate serial: 01856B00C6C22566C45C30E473299EF83BB4
Authority key identifier: A6:3D:CB:90:A1:47:42:A5:2B:E5:CA:09:CB:ED:8D:FC:1C:D3:D1:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pj3LkKFHQqUr5coJy-2N_BzT0e8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/2c8b70-66bc-4163-8f80-20f7d44ed126/1/XZl6LS0O754OhNf98CrpYIZZE9E.roa
Signing time: Sun 01 Jan 2023 01:44:50 +0000
ROA not before: Sun 01 Jan 2023 01:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204307
IP address blocks: 2001:678:638::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:c6:c2:25:66:c4:5c:30:e4:73:29:9e:f8:3b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63dcb90a14742a52be5ca09cbed8dfc1cd3d1ef
Validity
Not Before: Jan 1 01:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d997a2d2d0eef9e0e84d7fdf02ae960865913d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b2:43:e1:23:76:06:4a:07:af:2d:e8:ce:25:
0d:e4:01:c4:98:59:b8:5b:ad:57:10:ae:fd:b2:84:
9c:c1:eb:33:08:9e:4a:63:c7:8e:c5:2b:f5:76:2b:
be:71:f5:22:4a:1e:6a:93:a0:36:a9:fc:d0:5b:1a:
21:bc:d6:34:c7:29:08:5c:b6:5a:85:26:39:00:10:
92:89:30:da:3f:0c:e7:42:0f:09:ac:42:c5:58:79:
56:5e:55:1d:0e:48:fd:5f:7d:86:84:64:49:5d:46:
f3:c5:5d:d1:d5:6d:6f:4c:e2:26:43:c4:a2:c7:36:
3d:20:13:a1:d9:39:6b:7a:39:18:bd:c9:81:3d:55:
ec:32:c8:d4:f1:44:06:2f:ac:64:5e:82:78:eb:6f:
df:d4:d1:ba:d3:54:bb:be:b8:ee:73:5b:53:a2:ea:
be:49:39:17:94:d5:e9:13:2a:40:6c:9c:e9:55:c9:
af:d3:d5:2b:a0:2a:30:64:a4:c8:1b:85:5d:92:a2:
bc:8e:e5:7d:2b:d5:39:24:b7:9d:05:d1:38:f2:fe:
11:97:7c:7c:0a:8b:a9:c8:2b:a5:50:d1:d0:a2:60:
c7:4b:b8:fd:7b:84:09:db:12:c5:73:3c:32:dd:e8:
ee:ab:a6:df:01:47:43:58:1a:9e:b8:13:8f:9c:52:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:99:7A:2D:2D:0E:EF:9E:0E:84:D7:FD:F0:2A:E9:60:86:59:13:D1
X509v3 Authority Key Identifier:
keyid:A6:3D:CB:90:A1:47:42:A5:2B:E5:CA:09:CB:ED:8D:FC:1C:D3:D1:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pj3LkKFHQqUr5coJy-2N_BzT0e8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/2c8b70-66bc-4163-8f80-20f7d44ed126/1/XZl6LS0O754OhNf98CrpYIZZE9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/2c8b70-66bc-4163-8f80-20f7d44ed126/1/pj3LkKFHQqUr5coJy-2N_BzT0e8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:638::/48
Signature Algorithm: sha256WithRSAEncryption
1d:29:23:08:49:41:52:2d:75:03:0b:a1:31:0e:90:59:85:6b:
b9:da:51:ab:b3:f4:0a:3d:69:e2:49:12:dd:01:2d:1b:17:a5:
65:15:10:0a:08:7d:2f:d1:96:a4:a4:23:0d:95:01:26:e2:a6:
f8:8f:92:56:9b:9b:d9:7a:cc:86:71:c2:60:fa:13:15:9d:13:
b7:52:12:af:39:86:e0:65:bf:b6:22:c2:d5:8f:e1:87:9c:6b:
91:60:f9:26:12:c0:1d:db:a8:4a:54:12:a4:03:af:be:a2:da:
78:79:12:45:b6:ae:bd:08:c0:71:0f:87:85:b1:66:fc:61:cc:
07:92:6b:b2:1d:32:59:e9:6e:f0:0c:dc:df:00:30:44:05:4b:
08:16:4a:6a:81:bc:1a:61:bc:5e:e0:d9:1a:a0:66:42:b9:af:
c0:97:84:83:99:00:33:60:d5:1a:72:c8:a8:a1:b4:f2:e6:5b:
37:d2:5c:b9:44:a7:c7:80:f3:76:2a:fc:bb:86:20:2d:f3:93:
bb:78:22:34:18:8c:01:26:7c:cf:9d:f0:31:07:81:7a:cc:2b:
14:86:49:ac:12:dd:c7:ef:d8:0a:7c:48:ba:32:0d:97:31:67:
e7:3c:e1:9e:a1:ac:a7:65:0f:4e:65:42:42:c0:e4:55:76:2d:
59:72:c2:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrAMbCJWbEXDDkcyme+Du0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2RjYjkwYTE0NzQyYTUyYmU1Y2EwOWNiZWQ4ZGZjMWNk
M2QxZWYwHhcNMjMwMTAxMDE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk5N2EyZDJkMGVlZjllMGU4NGQ3ZmRmMDJhZTk2MDg2NTkxM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rJD4SN2BkoHry3oziUN5AHEmFm4
W61XEK79soScweszCJ5KY8eOxSv1diu+cfUiSh5qk6A2qfzQWxohvNY0xykIXLZa
hSY5ABCSiTDaPwznQg8JrELFWHlWXlUdDkj9X32GhGRJXUbzxV3R1W1vTOImQ8Si
xzY9IBOh2TlrejkYvcmBPVXsMsjU8UQGL6xkXoJ462/f1NG601S7vrjuc1tTouq+
STkXlNXpEypAbJzpVcmv09UroCowZKTIG4VdkqK8juV9K9U5JLedBdE48v4Rl3x8
CoupyCulUNHQomDHS7j9e4QJ2xLFczwy3ejuq6bfAUdDWBqeuBOPnFJ3VwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF2Zei0tDu+eDoTX/fAq6WCGWRPRMB8GA1UdIwQY
MBaAFKY9y5ChR0KlK+XKCcvtjfwc09HvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGozTGtLRkhRcVVyNWNvSnktMk5fQnpUMGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yYzhiNzAtNjZiYy00MTYzLThmODAt
MjBmN2Q0NGVkMTI2LzEvWFpsNkxTME83NTRPaE5mOThDcnBZSVpaRTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yYzhiNzAtNjZiYy00MTYzLThmODAtMjBmN2Q0NGVkMTI2
LzEvcGozTGtLRkhRcVVyNWNvSnktMk5fQnpUMGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAY4
MA0GCSqGSIb3DQEBCwUAA4IBAQAdKSMISUFSLXUDC6ExDpBZhWu52lGrs/QKPWni
SRLdAS0bF6VlFRAKCH0v0ZakpCMNlQEm4qb4j5JWm5vZesyGccJg+hMVnRO3UhKv
OYbgZb+2IsLVj+GHnGuRYPkmEsAd26hKVBKkA6++otp4eRJFtq69CMBxD4eFsWb8
YcwHkmuyHTJZ6W7wDNzfADBEBUsIFkpqgbwaYbxe4NkaoGZCua/Al4SDmQAzYNUa
csioobTy5ls30ly5RKfHgPN2Kvy7hiAt85O7eCI0GIwBJnzPnfAxB4F6zCsUhkms
Et3H79gKfEi6Mg2XMWfnPOGeoaynZQ9OZUJCwORVdi1ZcsJ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:35 2024 by rpki-client on console-fra.rpki-client.org