Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XUNInQ8iLZxAlUxKwA8eNBiCtPg.roa
File: XUNInQ8iLZxAlUxKwA8eNBiCtPg.roa (raw, json)
Hash identifier: ky5XY8PDK8xZw+SbOM6OkR/2Y3jMvuWuNQzYb0+TngA=
Subject key identifier: 5D:43:48:9D:0F:22:2D:9C:40:95:4C:4A:C0:0F:1E:34:18:82:B4:F8
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 0185DF0271A8907E4FA18C07F288CD6D37C8
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XUNInQ8iLZxAlUxKwA8eNBiCtPg.roa
Signing time: Mon 23 Jan 2023 14:22:37 +0000
ROA not before: Mon 23 Jan 2023 14:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42381
IP address blocks: 212.237.195.0/24 maxlen: 24
212.237.194.0/24 maxlen: 24
212.237.194.0/23 maxlen: 24
2a01:3f6::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:02:71:a8:90:7e:4f:a1:8c:07:f2:88:cd:6d:37:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 23 14:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d43489d0f222d9c40954c4ac00f1e341882b4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:15:2e:1d:3e:ac:bf:47:eb:14:35:2e:77:ad:
ef:44:ac:61:9d:e9:c2:8d:8e:d9:aa:18:81:11:92:
9e:a1:89:11:28:df:7e:22:38:22:54:17:39:b5:92:
73:4f:fa:66:74:0e:f9:53:39:83:41:db:3b:1e:3d:
3c:bc:40:92:e1:88:cc:0b:b6:f9:21:51:d7:aa:72:
5d:2d:da:23:47:3f:5c:20:ce:90:f9:c4:bc:75:89:
4d:64:9e:d7:b7:2a:2c:4a:d2:1b:37:58:b9:a0:b5:
76:4e:4a:5a:44:8a:f4:ba:5e:5a:e4:e5:0e:d9:f3:
76:2c:49:27:23:bd:ae:0c:63:f9:89:b3:0f:a1:68:
da:5b:a0:e0:44:45:1b:d5:c6:0d:5e:cc:56:de:9c:
d3:39:b4:92:f9:2d:4e:03:06:67:50:12:a4:6e:52:
91:18:72:81:f6:d1:39:16:38:d5:99:13:c6:00:60:
b1:0d:8e:0e:7c:71:c0:db:3f:ac:0a:11:e3:a8:b3:
66:ef:4b:c1:1c:40:c4:c7:54:6c:67:1f:c8:49:a1:
9f:ae:c1:b3:6b:0a:48:4b:82:be:73:df:43:cc:99:
05:46:03:30:78:95:c4:2f:5a:c0:e3:97:e5:10:28:
88:53:8f:34:1a:82:52:6a:80:cc:14:0e:a4:b5:71:
8c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:43:48:9D:0F:22:2D:9C:40:95:4C:4A:C0:0F:1E:34:18:82:B4:F8
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XUNInQ8iLZxAlUxKwA8eNBiCtPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.237.194.0/23
IPv6:
2a01:3f6::/32
Signature Algorithm: sha256WithRSAEncryption
9e:e4:f2:77:8f:f8:e0:5e:5c:0e:35:65:73:7d:ea:7d:6b:94:
7e:34:08:1f:c7:58:13:94:fd:42:53:9a:01:6a:a1:5f:95:eb:
2d:80:1b:81:2c:ca:54:da:1a:5e:ea:9a:fe:d7:05:aa:c3:bb:
58:8d:35:8a:eb:ae:1f:a0:25:1b:d6:62:fc:6c:4d:f6:91:ba:
2e:76:56:ad:c1:05:7f:5a:c9:4b:95:45:89:b5:19:2f:bc:43:
7a:a5:29:cf:59:57:96:8e:38:80:6d:ca:a2:ef:4e:57:8a:81:
1c:b3:6f:3a:c8:99:e9:d7:cc:39:f4:12:8f:8d:5f:d5:d5:b1:
08:0d:03:f6:12:ed:04:ef:bc:61:97:20:79:eb:56:a9:06:81:
49:ea:08:c1:bd:17:28:b1:d3:2d:27:22:09:fd:97:53:0a:c9:
31:35:d6:b7:a3:4a:19:50:74:ef:ce:27:3d:f4:08:6d:49:c6:
d3:ff:3f:62:56:06:f4:97:13:bd:38:93:9c:e3:26:36:3a:dc:
47:3a:68:d1:ea:9e:ae:15:eb:d0:9e:56:33:02:dd:08:56:f1:
40:5f:50:b5:63:31:d5:89:82:a2:90:d1:88:49:8e:e6:e2:d1:
c6:05:01:2a:da:d6:73:80:03:fb:82:89:1d:ce:45:7e:03:90:
e9:5d:4c:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXfAnGokH5PoYwH8ojNbTfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTIzMTQyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQzNDg5ZDBmMjIyZDljNDA5NTRjNGFjMDBmMWUzNDE4ODJiNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xUuHT6sv0frFDUud63vRKxhnenC
jY7ZqhiBEZKeoYkRKN9+IjgiVBc5tZJzT/pmdA75UzmDQds7Hj08vECS4YjMC7b5
IVHXqnJdLdojRz9cIM6Q+cS8dYlNZJ7XtyosStIbN1i5oLV2TkpaRIr0ul5a5OUO
2fN2LEknI72uDGP5ibMPoWjaW6DgREUb1cYNXsxW3pzTObSS+S1OAwZnUBKkblKR
GHKB9tE5FjjVmRPGAGCxDY4OfHHA2z+sChHjqLNm70vBHEDEx1RsZx/ISaGfrsGz
awpIS4K+c99DzJkFRgMweJXEL1rA45flECiIU480GoJSaoDMFA6ktXGMEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF1DSJ0PIi2cQJVMSsAPHjQYgrT4MB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvWFVOSW5ROGlMWnhBbFV4S3dBOGVOQmlDdFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1O3CMA0E
AgACMAcDBQAqAQP2MA0GCSqGSIb3DQEBCwUAA4IBAQCe5PJ3j/jgXlwONWVzfep9
a5R+NAgfx1gTlP1CU5oBaqFflestgBuBLMpU2hpe6pr+1wWqw7tYjTWK664foCUb
1mL8bE32kboudlatwQV/WslLlUWJtRkvvEN6pSnPWVeWjjiAbcqi705XioEcs286
yJnp18w59BKPjV/V1bEIDQP2Eu0E77xhlyB561apBoFJ6gjBvRcosdMtJyIJ/ZdT
CskxNda3o0oZUHTvzic99AhtScbT/z9iVgb0lxO9OJOc4yY2OtxHOmjR6p6uFevQ
nlYzAt0IVvFAX1C1YzHViYKikNGISY7m4tHGBQEq2tZzgAP7gokdzkV+A5DpXUxm
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:31 2024 by rpki-client on console-ams.rpki-client.org