Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/Xp9hfRxRR7lOz3lcCrQlhbfMSNg.roa
File: Xp9hfRxRR7lOz3lcCrQlhbfMSNg.roa (raw, json)
Hash identifier: OUzYewoO1wZfzK9KvpJBo57693PN2Eib3QkzW0hchio=
Subject key identifier: 5E:9F:61:7D:1C:51:47:B9:4E:CF:79:5C:0A:B4:25:85:B7:CC:48:D8
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 018E2013C562950D78ECF644DF6F590F67B2
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/Xp9hfRxRR7lOz3lcCrQlhbfMSNg.roa
Signing time: Fri 08 Mar 2024 21:59:10 +0000
ROA not before: Fri 08 Mar 2024 21:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216441
IP address blocks: 2a01:190:deb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 13:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:20:13:c5:62:95:0d:78:ec:f6:44:df:6f:59:0f:67:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Mar 8 21:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e9f617d1c5147b94ecf795c0ab42585b7cc48d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:a5:59:69:b7:ab:9f:06:db:36:3e:67:1d:
db:5d:e5:0e:f6:15:45:60:b2:80:02:19:e2:9b:e3:
75:95:a1:4f:d1:c0:a8:7d:f3:90:e3:a8:93:34:2c:
b1:41:b8:e5:62:43:b0:17:9f:e7:2a:b0:b9:7e:f3:
fa:d8:62:c2:62:83:31:d2:67:50:82:d1:66:c0:64:
61:56:c9:f0:f1:d4:9f:a7:f5:3c:eb:57:81:a4:56:
10:49:f0:d1:50:42:03:69:f3:9f:11:90:d1:0e:8c:
58:f0:2d:f7:44:fa:28:e8:be:ed:fc:ec:d8:02:0e:
8a:e5:57:35:ac:c0:6a:61:9d:74:65:c3:ff:9f:ce:
89:78:0f:ec:15:a6:f8:8f:64:12:d1:94:e1:87:97:
6c:a4:cd:04:25:aa:8b:63:1b:a3:7e:a6:1a:d6:fc:
e6:46:67:15:13:61:79:fa:6b:01:81:9d:fe:6a:db:
20:38:b6:73:32:0b:bb:23:0c:73:2e:79:32:0a:18:
c6:a5:58:db:5f:f6:c7:12:9b:e1:82:6e:ac:18:b0:
54:6c:e2:03:71:63:72:e0:09:f6:b3:08:b1:94:77:
72:7e:71:ed:d3:6b:74:79:f8:31:cf:54:2d:fb:3f:
4a:ed:c2:ba:10:96:c0:0f:ff:5b:8a:36:b0:fe:fd:
2b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9F:61:7D:1C:51:47:B9:4E:CF:79:5C:0A:B4:25:85:B7:CC:48:D8
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/Xp9hfRxRR7lOz3lcCrQlhbfMSNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:190:deb0::/44
Signature Algorithm: sha256WithRSAEncryption
00:df:1f:f4:03:96:df:4d:26:1b:a8:18:ae:01:e5:b3:ad:b3:
5a:20:9a:5a:b1:5d:be:2e:29:7c:1f:53:88:b4:fe:dc:66:e3:
0c:c0:7a:b5:89:7a:39:db:27:41:02:b5:f9:90:ef:3a:e9:94:
62:fc:10:72:45:51:b1:18:e9:c5:f0:9c:ed:8f:01:96:c8:07:
66:4f:78:56:73:6a:a9:ff:ed:10:fd:a1:03:6c:c7:d6:c9:3f:
f6:ac:48:54:19:ea:4e:0d:98:cb:07:a1:d3:3e:77:08:03:91:
31:01:dc:85:92:eb:99:36:0c:57:c9:ef:b2:1f:c2:07:03:19:
8d:62:df:b9:5e:4f:3f:09:ad:b4:cd:e3:75:0a:af:48:2d:e7:
ab:46:f3:08:1c:e9:aa:04:42:71:09:9b:58:c1:60:ea:d0:83:
ee:17:c8:06:47:ca:fe:c2:19:62:eb:09:d0:6e:17:b6:47:13:
b9:82:19:d9:aa:9c:0b:19:66:b5:1e:9e:c3:55:87:a8:c7:0b:
7f:fa:3c:97:e6:2e:13:a5:54:49:20:f4:b9:29:cf:89:63:17:
60:1e:f3:09:d7:a4:a0:28:0f:5d:c4:cc:d9:e5:63:a8:6f:c3:
79:6b:58:e7:17:da:0e:63:11:65:13:27:06:6c:42:26:8d:5c:
9d:df:56:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY4gE8VilQ147PZE329ZD2eyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjQwMzA4MjE1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTlmNjE3ZDFjNTE0N2I5NGVjZjc5NWMwYWI0MjU4NWI3Y2M0OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKmlWWm3q58G2zY+Zx3bXeUO9hVF
YLKAAhnim+N1laFP0cCoffOQ46iTNCyxQbjlYkOwF5/nKrC5fvP62GLCYoMx0mdQ
gtFmwGRhVsnw8dSfp/U861eBpFYQSfDRUEIDafOfEZDRDoxY8C33RPoo6L7t/OzY
Ag6K5Vc1rMBqYZ10ZcP/n86JeA/sFab4j2QS0ZThh5dspM0EJaqLYxujfqYa1vzm
RmcVE2F5+msBgZ3+atsgOLZzMgu7IwxzLnkyChjGpVjbX/bHEpvhgm6sGLBUbOID
cWNy4An2swixlHdyfnHt02t0efgxz1Qt+z9K7cK6EJbAD/9bijaw/v0rwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF6fYX0cUUe5Ts95XAq0JYW3zEjYMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvWHA5aGZSeFJSN2xPejNsY0NyUWxoYmZNU05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgEBkN6w
MA0GCSqGSIb3DQEBCwUAA4IBAQAA3x/0A5bfTSYbqBiuAeWzrbNaIJpasV2+Lil8
H1OItP7cZuMMwHq1iXo52ydBArX5kO866ZRi/BByRVGxGOnF8JztjwGWyAdmT3hW
c2qp/+0Q/aEDbMfWyT/2rEhUGepODZjLB6HTPncIA5ExAdyFkuuZNgxXye+yH8IH
AxmNYt+5Xk8/Ca20zeN1Cq9ILeerRvMIHOmqBEJxCZtYwWDq0IPuF8gGR8r+whli
6wnQbhe2RxO5ghnZqpwLGWa1Hp7DVYeoxwt/+jyX5i4TpVRJIPS5Kc+JYxdgHvMJ
16SgKA9dxMzZ5WOob8N5a1jnF9oOYxFlEycGbEImjVyd31YB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:39 2025 by rpki-client