Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/xtoM0KhJXhJvbuFrJhQBC2xC98w.roa
File: xtoM0KhJXhJvbuFrJhQBC2xC98w.roa (raw, json)
Hash identifier: QBmUBxGPJixfdr9GIHaK3+RqfUAnWYKZCJprWXn0F6Y=
Subject key identifier: C6:DA:0C:D0:A8:49:5E:12:6F:6E:E1:6B:26:14:01:0B:6C:42:F7:CC
Certificate issuer: /CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Certificate serial: 0185711E6236C2F74E0196F6378C5C50E4B6
Authority key identifier: 45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/xtoM0KhJXhJvbuFrJhQBC2xC98w.roa
Signing time: Mon 02 Jan 2023 06:14:54 +0000
ROA not before: Mon 02 Jan 2023 06:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56457
IP address blocks: 2a13:5a00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Feb 2023 10:09:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:62:36:c2:f7:4e:01:96:f6:37:8c:5c:50:e4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Validity
Not Before: Jan 2 06:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6da0cd0a8495e126f6ee16b2614010b6c42f7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:16:af:17:55:4e:f9:ea:63:e3:de:e6:bb:27:
c1:4a:43:da:2d:fa:4f:a2:71:0c:7a:b9:ce:97:9a:
37:10:02:2c:33:d4:c2:10:06:7e:80:b2:01:f9:96:
a3:a4:d1:4c:b7:98:6e:ec:95:1f:5a:18:fd:c4:cd:
c4:3c:f1:4f:2c:dd:cc:79:2c:2c:28:86:7c:75:97:
44:44:ce:92:9f:35:ae:7c:11:be:97:e8:f4:5c:e0:
6c:97:be:63:b4:43:f7:40:bf:b6:d3:b5:84:10:8c:
5e:ad:72:1c:b4:f9:b9:0a:49:65:b9:13:17:fa:40:
be:e4:df:2d:26:9f:81:8f:a0:b8:f4:08:7e:05:2c:
46:7e:6c:4a:a7:dc:13:49:52:26:13:59:3a:d9:bf:
c8:81:c2:cf:19:4d:cc:ed:c4:c6:00:52:6e:1c:4b:
a0:79:de:ac:bc:3c:a6:14:05:ec:4c:f4:f0:59:e9:
6c:5d:d1:41:27:6e:aa:fe:30:a7:79:1a:80:98:3c:
84:6a:ad:a3:ed:0b:aa:db:0f:5c:62:c7:70:30:74:
5a:a6:42:29:e0:f9:0e:da:29:56:05:fa:e0:5a:63:
46:fb:dd:f9:35:85:35:b4:fe:9b:47:a5:09:07:d0:
d3:9f:a8:2e:17:9a:db:2c:81:2d:73:ee:c4:72:a2:
43:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DA:0C:D0:A8:49:5E:12:6F:6E:E1:6B:26:14:01:0B:6C:42:F7:CC
X509v3 Authority Key Identifier:
keyid:45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/xtoM0KhJXhJvbuFrJhQBC2xC98w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/RRbrDuN6cQdkYexsuouSWsXiigQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:1f:5f:e7:1c:72:e2:24:c2:01:6f:e4:47:7a:23:81:29:6a:
de:cd:89:ba:1d:8e:30:f0:a3:30:30:4f:ef:30:7f:d1:ba:7b:
32:84:5b:ea:df:4c:c6:93:46:36:5c:4d:89:f7:23:65:20:5a:
46:58:1a:a3:f6:7d:68:aa:74:3d:a2:45:41:9d:f7:b1:b5:0c:
69:55:36:55:8d:63:8e:9b:5d:fb:ea:d4:1f:ba:9c:20:22:9f:
fe:8a:dc:64:45:34:27:b3:f1:23:98:34:fa:08:db:f5:95:78:
34:cd:dd:c4:6c:37:d3:50:90:73:9e:0e:02:6d:8d:33:87:52:
e4:76:e0:d3:96:e6:39:6f:07:6d:cf:21:3c:56:04:ee:8f:94:
b0:2a:7d:c8:af:74:c0:05:ba:2c:6e:ec:1c:9d:37:83:e5:cf:
d7:34:d2:a6:24:dd:64:15:ec:b6:0b:e8:29:cd:0f:9c:c3:4f:
80:d7:d5:74:a1:99:cc:e5:83:08:6a:14:6c:e2:ec:18:08:83:
f1:9c:83:24:8f:f3:a2:bb:5f:13:58:9b:8c:55:8b:0d:15:5e:
db:00:7c:fc:96:ff:3e:05:ec:01:40:1d:ec:d3:1e:98:5c:10:
0d:16:c4:49:5e:e2:2f:e5:54:c9:ac:20:e7:d0:f1:dd:bf:2b:
bd:32:7a:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxHmI2wvdOAZb2N4xcUOS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MTZlYjBlZTM3YTcxMDc2NDYxZWM2Y2JhOGI5MjVhYzVl
MjhhMDQwHhcNMjMwMTAyMDYxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRhMGNkMGE4NDk1ZTEyNmY2ZWUxNmIyNjE0MDEwYjZjNDJmN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxavF1VO+epj497muyfBSkPaLfpP
onEMernOl5o3EAIsM9TCEAZ+gLIB+ZajpNFMt5hu7JUfWhj9xM3EPPFPLN3MeSws
KIZ8dZdERM6SnzWufBG+l+j0XOBsl75jtEP3QL+207WEEIxerXIctPm5CklluRMX
+kC+5N8tJp+Bj6C49Ah+BSxGfmxKp9wTSVImE1k62b/IgcLPGU3M7cTGAFJuHEug
ed6svDymFAXsTPTwWelsXdFBJ26q/jCneRqAmDyEaq2j7Quq2w9cYsdwMHRapkIp
4PkO2ilWBfrgWmNG+935NYU1tP6bR6UJB9DTn6guF5rbLIEtc+7EcqJDaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMbaDNCoSV4Sb27hayYUAQtsQvfMMB8GA1UdIwQY
MBaAFEUW6w7jenEHZGHsbLqLklrF4ooEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJickR1TjZjUWRrWWV4c3VvdVNXc1hpaWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yOTIzYWItM2ZmOC00YWE5LTkyMjAt
NWUyOTJhYTU0NGFmLzEveHRvTTBLaEpYaEp2YnVGckpoUUJDMnhDOTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yOTIzYWItM2ZmOC00YWE5LTkyMjAtNWUyOTJhYTU0NGFm
LzEvUlJickR1TjZjUWRrWWV4c3VvdVNXc1hpaWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNaADAN
BgkqhkiG9w0BAQsFAAOCAQEACh9f5xxy4iTCAW/kR3ojgSlq3s2Juh2OMPCjMDBP
7zB/0bp7MoRb6t9MxpNGNlxNifcjZSBaRlgao/Z9aKp0PaJFQZ33sbUMaVU2VY1j
jptd++rUH7qcICKf/orcZEU0J7PxI5g0+gjb9ZV4NM3dxGw301CQc54OAm2NM4dS
5Hbg05bmOW8Hbc8hPFYE7o+UsCp9yK90wAW6LG7sHJ03g+XP1zTSpiTdZBXstgvo
Kc0PnMNPgNfVdKGZzOWDCGoUbOLsGAiD8ZyDJI/zortfE1ibjFWLDRVe2wB8/Jb/
PgXsAUAd7NMemFwQDRbESV7iL+VUyawg59Dx3b8rvTJ6tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:34 2024 by rpki-client on console-fra.rpki-client.org