Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b5fb58-928c-438f-bcef-858f8aca323f/1/XDILvvKovK62SZUirswxhxVFISM.roa
File: XDILvvKovK62SZUirswxhxVFISM.roa (raw, json)
Hash identifier: QmaTPBawSuypyeS/HwTup0pVZiZWPpJZN1Z1xHIrrUw=
Subject key identifier: 5C:32:0B:BE:F2:A8:BC:AE:B6:49:95:22:AE:CC:31:87:15:45:21:23
Certificate issuer: /CN=4c9fbe4756028fa4187a399595fac65c3c1c43c6
Certificate serial: 018CC2DB4D70A422275F14A0133B48C44B5B
Authority key identifier: 4C:9F:BE:47:56:02:8F:A4:18:7A:39:95:95:FA:C6:5C:3C:1C:43:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJ--R1YCj6QYejmVlfrGXDwcQ8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b5fb58-928c-438f-bcef-858f8aca323f/1/XDILvvKovK62SZUirswxhxVFISM.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43872
IP address blocks: 84.38.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:55:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4d:70:a4:22:27:5f:14:a0:13:3b:48:c4:4b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c9fbe4756028fa4187a399595fac65c3c1c43c6
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c320bbef2a8bcaeb6499522aecc318715452123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:52:25:c3:44:51:42:a1:73:93:db:31:b2:
af:ad:ea:e7:18:b0:84:88:5c:06:82:f4:1b:0a:71:
2f:fb:ad:e1:80:e5:40:78:15:b2:2f:99:0d:26:11:
ca:fe:22:01:d9:c8:b1:1b:61:40:56:53:f5:3d:5d:
f7:2b:7f:52:8d:09:cd:64:b0:99:90:20:94:fa:25:
93:14:45:c9:ba:95:37:0e:00:b7:1c:46:fa:95:a8:
e4:ba:74:44:b6:e3:4a:9b:4f:c3:11:b5:6b:81:f7:
33:63:72:99:f6:16:9a:9c:a1:08:b0:ec:24:76:2c:
36:76:53:aa:e1:4a:93:99:bf:2c:36:19:ca:5f:6c:
7e:b4:e6:be:0b:9c:2b:91:6f:8d:48:81:b2:ab:1d:
06:ab:70:d1:a7:a2:5c:70:19:76:56:7f:9e:57:4b:
9f:f6:e1:a9:f0:b5:4e:fb:a0:a9:57:38:8c:bf:a6:
28:d3:71:fc:7b:6b:5d:b8:81:91:20:d0:36:3e:6b:
cb:31:69:26:c0:25:1e:6e:ae:e9:78:aa:c8:62:ec:
95:eb:0b:17:cd:32:4e:04:61:15:e3:b0:4f:00:ad:
6f:46:f6:3e:a9:fb:21:33:48:6a:19:9c:72:6b:ce:
7f:a8:86:e9:f9:8b:87:86:5e:e1:77:65:76:d4:02:
b3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:32:0B:BE:F2:A8:BC:AE:B6:49:95:22:AE:CC:31:87:15:45:21:23
X509v3 Authority Key Identifier:
keyid:4C:9F:BE:47:56:02:8F:A4:18:7A:39:95:95:FA:C6:5C:3C:1C:43:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ--R1YCj6QYejmVlfrGXDwcQ8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b5fb58-928c-438f-bcef-858f8aca323f/1/XDILvvKovK62SZUirswxhxVFISM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b5fb58-928c-438f-bcef-858f8aca323f/1/TJ--R1YCj6QYejmVlfrGXDwcQ8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:c7:ad:e1:0b:7a:01:ca:94:8e:1b:e1:ea:fe:aa:db:b9:bf:
81:62:24:ca:74:38:7f:3c:47:64:18:16:28:0c:22:2a:3d:ee:
18:ee:cf:5c:d1:00:74:77:ef:76:4d:95:ff:b8:4e:53:2f:52:
52:4b:50:28:12:df:ef:20:18:9f:cc:77:b8:d4:4c:03:19:42:
96:6d:0a:df:8d:d8:85:83:44:85:cf:03:60:99:e1:57:c4:b9:
cd:2d:c0:b2:45:ca:bd:ed:3c:af:22:1f:54:64:01:e1:27:b2:
98:20:88:c2:ac:95:0a:17:85:5c:5e:40:b3:b1:4e:b8:b7:c9:
52:82:67:a6:f5:72:3e:75:d8:93:62:b1:11:7e:5e:48:3b:c3:
bd:92:73:97:e7:3a:93:bd:d2:dd:be:84:8f:e4:dd:73:43:0f:
1e:19:69:b5:8d:cf:db:6d:24:34:5a:4f:e7:34:25:f6:46:7e:
de:8a:13:b7:8f:be:1e:f1:b1:7d:f3:85:8d:82:b1:24:a4:95:
8e:61:8a:c3:fe:95:8a:d8:41:25:7d:cc:44:26:16:5d:fe:c6:
9c:14:bf:f3:11:e7:77:63:01:39:83:a2:8b:b9:fd:28:74:ab:
3b:2d:60:0f:59:f0:6a:a1:aa:96:d8:2d:ef:13:5d:14:93:65:
d8:a0:e9:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC201wpCInXxSgEztIxEtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWZiZTQ3NTYwMjhmYTQxODdhMzk5NTk1ZmFjNjVjM2Mx
YzQzYzYwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzMyMGJiZWYyYThiY2FlYjY0OTk1MjJhZWNjMzE4NzE1NDUyMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnJSJcNEUUKhc5PbMbKvrernGLCE
iFwGgvQbCnEv+63hgOVAeBWyL5kNJhHK/iIB2cixG2FAVlP1PV33K39SjQnNZLCZ
kCCU+iWTFEXJupU3DgC3HEb6lajkunREtuNKm0/DEbVrgfczY3KZ9haanKEIsOwk
diw2dlOq4UqTmb8sNhnKX2x+tOa+C5wrkW+NSIGyqx0Gq3DRp6JccBl2Vn+eV0uf
9uGp8LVO+6CpVziMv6Yo03H8e2tduIGRINA2PmvLMWkmwCUebq7peKrIYuyV6wsX
zTJOBGEV47BPAK1vRvY+qfshM0hqGZxya85/qIbp+YuHhl7hd2V21AKzgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwyC77yqLyutkmVIq7MMYcVRSEjMB8GA1UdIwQY
MBaAFEyfvkdWAo+kGHo5lZX6xlw8HEPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEotLVIxWUNqNlFZZWptVmxmckdYRHdjUThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iNWZiNTgtOTI4Yy00MzhmLWJjZWYt
ODU4ZjhhY2EzMjNmLzEvWERJTHZ2S292SzYyU1pVaXJzd3hoeFZGSVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iNWZiNTgtOTI4Yy00MzhmLWJjZWYtODU4ZjhhY2EzMjNm
LzEvVEotLVIxWUNqNlFZZWptVmxmckdYRHdjUThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCb2MA0G
CSqGSIb3DQEBCwUAA4IBAQCMx63hC3oBypSOG+Hq/qrbub+BYiTKdDh/PEdkGBYo
DCIqPe4Y7s9c0QB0d+92TZX/uE5TL1JSS1AoEt/vIBifzHe41EwDGUKWbQrfjdiF
g0SFzwNgmeFXxLnNLcCyRcq97TyvIh9UZAHhJ7KYIIjCrJUKF4VcXkCzsU64t8lS
gmem9XI+ddiTYrERfl5IO8O9knOX5zqTvdLdvoSP5N1zQw8eGWm1jc/bbSQ0Wk/n
NCX2Rn7eihO3j74e8bF984WNgrEkpJWOYYrD/pWK2EElfcxEJhZd/sacFL/zEed3
YwE5g6KLuf0odKs7LWAPWfBqoaqW2C3vE10Uk2XYoOnZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:55 2025 by rpki-client