Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/52fb09-6a27-4369-bbdb-87bfc37f0ec2/1/xwyGx9zQ5mksLYimbgs0waGweRI.roa
File: xwyGx9zQ5mksLYimbgs0waGweRI.roa (raw, json)
Hash identifier: u8htpGNaknyYPMg32KGV6aS8AdtY4seEij82Cb4SQ/k=
Subject key identifier: C7:0C:86:C7:DC:D0:E6:69:2C:2D:88:A6:6E:0B:34:C1:A1:B0:79:12
Certificate issuer: /CN=7a550c8065bf6033fcc6a3b03813ef9271924196
Certificate serial: 0188772A785280CC1EBD94186D5DD347A486
Authority key identifier: 7A:55:0C:80:65:BF:60:33:FC:C6:A3:B0:38:13:EF:92:71:92:41:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/elUMgGW_YDP8xqOwOBPvknGSQZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/52fb09-6a27-4369-bbdb-87bfc37f0ec2/1/xwyGx9zQ5mksLYimbgs0waGweRI.roa
Signing time: Thu 01 Jun 2023 13:34:11 +0000
ROA not before: Thu 01 Jun 2023 13:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 185.161.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:2a:78:52:80:cc:1e:bd:94:18:6d:5d:d3:47:a4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a550c8065bf6033fcc6a3b03813ef9271924196
Validity
Not Before: Jun 1 13:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c70c86c7dcd0e6692c2d88a66e0b34c1a1b07912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:d0:88:7a:df:dd:d3:0a:60:9d:ca:29:2a:
e0:01:5c:85:a2:ca:ea:61:6c:d8:8e:ad:a9:d4:22:
88:57:71:04:c2:65:71:fd:33:12:dd:8f:46:d5:94:
e3:ba:59:40:a3:9f:72:b0:14:87:55:a7:d3:58:ea:
af:68:21:df:2e:0d:b5:ee:18:6b:18:4f:ab:08:69:
ec:a2:f7:3b:1c:83:cb:44:61:c0:57:12:a6:76:e0:
c4:27:1f:89:65:f6:58:2f:70:6d:51:d6:a0:4f:e8:
36:3b:7b:1d:13:f8:40:db:1e:f4:0a:5e:a1:5a:3c:
26:7f:ce:45:a1:51:34:ee:9c:3a:cf:63:89:3c:34:
5b:fb:42:f6:5f:5e:18:9e:48:26:8b:3e:53:0a:a8:
ee:37:18:6b:08:a2:8f:9f:41:b0:5e:74:81:02:b4:
69:41:4e:e6:cf:8f:76:a7:54:fc:df:93:e6:ad:64:
49:ce:51:b9:72:57:1d:81:e9:79:a9:be:8c:40:7d:
35:cf:d0:55:ee:dd:42:a8:1c:01:99:69:67:7f:65:
80:5a:a9:63:81:12:f8:3d:60:9a:15:26:d2:a3:e0:
2e:b2:af:1e:e9:49:b5:14:c8:c0:f0:fc:cb:45:8d:
4d:77:98:ce:8e:76:d4:f7:63:eb:e9:ae:13:75:35:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0C:86:C7:DC:D0:E6:69:2C:2D:88:A6:6E:0B:34:C1:A1:B0:79:12
X509v3 Authority Key Identifier:
keyid:7A:55:0C:80:65:BF:60:33:FC:C6:A3:B0:38:13:EF:92:71:92:41:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/elUMgGW_YDP8xqOwOBPvknGSQZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/52fb09-6a27-4369-bbdb-87bfc37f0ec2/1/xwyGx9zQ5mksLYimbgs0waGweRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/52fb09-6a27-4369-bbdb-87bfc37f0ec2/1/elUMgGW_YDP8xqOwOBPvknGSQZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.251.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:6b:fe:d0:4b:65:7f:0e:ee:74:05:95:15:d8:70:71:4e:ee:
f6:c3:c9:35:24:76:a6:d0:e2:df:65:f8:19:a0:b9:83:c1:0f:
d9:97:5e:eb:c7:9c:26:12:75:48:04:4e:df:42:fd:4a:db:fc:
2b:77:97:23:d6:33:82:6d:8f:53:08:1b:67:5c:01:5c:15:3c:
d5:5d:42:c9:2c:84:e4:e0:37:99:6a:dc:88:bb:69:0e:4d:14:
53:c3:b9:84:e4:4f:6f:77:67:03:5b:dd:67:78:8f:68:31:90:
e3:3f:04:6a:cc:a6:7b:81:a4:09:45:c4:85:dc:09:c0:89:c3:
52:b6:af:c0:f2:27:24:3c:b2:99:7f:93:40:25:3a:32:1d:91:
27:5e:b2:b6:5b:e3:93:ce:a3:ab:2a:6e:ec:fd:d1:a8:29:f0:
b2:ec:90:dc:47:00:77:20:db:44:62:32:1e:49:ba:d7:b5:f9:
58:b9:60:f0:cb:16:52:80:ab:c1:3c:fd:88:42:8c:af:44:4b:
c3:67:38:07:8c:9e:fb:44:69:eb:4e:32:6a:eb:58:3f:33:e3:
2f:54:52:4a:84:34:19:0a:04:ce:0c:34:0a:70:50:7d:ea:7a:
e2:2c:45:95:a5:74:a7:1d:87:f7:44:a7:73:e0:8f:cb:aa:1d:
c2:02:c6:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh3KnhSgMwevZQYbV3TR6SGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNTUwYzgwNjViZjYwMzNmY2M2YTNiMDM4MTNlZjkyNzE5
MjQxOTYwHhcNMjMwNjAxMTMzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBjODZjN2RjZDBlNjY5MmMyZDg4YTY2ZTBiMzRjMWExYjA3OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7DQiHrf3dMKYJ3KKSrgAVyFosrq
YWzYjq2p1CKIV3EEwmVx/TMS3Y9G1ZTjullAo59ysBSHVafTWOqvaCHfLg217hhr
GE+rCGnsovc7HIPLRGHAVxKmduDEJx+JZfZYL3BtUdagT+g2O3sdE/hA2x70Cl6h
Wjwmf85FoVE07pw6z2OJPDRb+0L2X14Ynkgmiz5TCqjuNxhrCKKPn0GwXnSBArRp
QU7mz492p1T835PmrWRJzlG5clcdgel5qb6MQH01z9BV7t1CqBwBmWlnf2WAWqlj
gRL4PWCaFSbSo+Ausq8e6Um1FMjA8PzLRY1Nd5jOjnbU92Pr6a4TdTVeuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcMhsfc0OZpLC2Ipm4LNMGhsHkSMB8GA1UdIwQY
MBaAFHpVDIBlv2Az/MajsDgT75JxkkGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWxVTWdHV19ZRFA4eHFPd09CUHZrbkdTUVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81MmZiMDktNmEyNy00MzY5LWJiZGIt
ODdiZmMzN2YwZWMyLzEveHd5R3g5elE1bWtzTFlpbWJnczB3YUd3ZVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81MmZiMDktNmEyNy00MzY5LWJiZGItODdiZmMzN2YwZWMy
LzEvZWxVTWdHV19ZRFA4eHFPd09CUHZrbkdTUVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaH7MA0G
CSqGSIb3DQEBCwUAA4IBAQB7a/7QS2V/Du50BZUV2HBxTu72w8k1JHam0OLfZfgZ
oLmDwQ/Zl17rx5wmEnVIBE7fQv1K2/wrd5cj1jOCbY9TCBtnXAFcFTzVXULJLITk
4DeZatyIu2kOTRRTw7mE5E9vd2cDW91neI9oMZDjPwRqzKZ7gaQJRcSF3AnAicNS
tq/A8ickPLKZf5NAJToyHZEnXrK2W+OTzqOrKm7s/dGoKfCy7JDcRwB3INtEYjIe
SbrXtflYuWDwyxZSgKvBPP2IQoyvREvDZzgHjJ77RGnrTjJq61g/M+MvVFJKhDQZ
CgTODDQKcFB96nriLEWVpXSnHYf3RKdz4I/Lqh3CAsZo
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:26 2024 by rpki-client on console-ams.rpki-client.org