Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/XZ_apP8gcKZ70SpZIM4x40gJS7k.roa
File: XZ_apP8gcKZ70SpZIM4x40gJS7k.roa (raw, json)
Hash identifier: 3dFYUacGIFV4FqxjFFwQLoSaXk+Hb8hrp6fIGx9AOCc=
Subject key identifier: 5D:9F:DA:A4:FF:20:70:A6:7B:D1:2A:59:20:CE:31:E3:48:09:4B:B9
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 0185929ED7FD7F565CACE2E58E430F2A80CB
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/XZ_apP8gcKZ70SpZIM4x40gJS7k.roa
Signing time: Sun 08 Jan 2023 18:22:41 +0000
ROA not before: Sun 08 Jan 2023 18:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.20.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 08:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:92:9e:d7:fd:7f:56:5c:ac:e2:e5:8e:43:0f:2a:80:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jan 8 18:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d9fdaa4ff2070a67bd12a5920ce31e348094bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d3:f3:4c:63:ce:4e:c3:91:6b:5e:82:be:77:
cd:4f:9e:e5:9d:d4:59:6f:da:bf:cb:9c:ed:6a:05:
97:56:72:f4:58:da:55:cf:75:32:be:d5:2f:db:68:
5d:3c:59:c9:38:8b:cf:ea:3a:73:69:25:9b:2c:7b:
ce:5a:8e:7d:8b:f8:c3:d3:94:59:9c:e2:83:70:a1:
f3:54:97:d4:7b:95:80:4e:6f:44:d0:8e:c7:1e:28:
c9:78:74:5e:e2:9f:d6:2c:53:3b:a2:27:3a:b6:67:
b0:2a:4a:61:6b:d4:2d:3b:2f:d6:18:a0:a5:db:3f:
e9:3f:13:3d:59:6d:7d:6e:69:1a:16:21:42:fa:33:
1d:f6:f5:e2:4b:f5:e5:be:d5:79:48:f9:90:95:73:
f3:3d:4a:36:6f:76:c9:38:09:ee:7e:09:21:c5:25:
d4:39:6d:5c:fd:50:ae:13:85:8b:9d:d3:c3:00:73:
be:c5:8f:2d:c1:d3:23:44:83:f6:d8:af:d7:6a:34:
c5:a8:2a:23:18:f9:03:b7:fb:a3:70:7b:66:e5:2e:
c1:87:2e:79:c9:3e:1d:8e:d7:d2:6c:b6:df:61:25:
7d:80:5b:94:c2:b1:d5:c8:7f:c4:ec:80:cc:e1:b6:
ce:dc:7d:b2:6e:ab:49:00:f4:ea:4b:dd:45:39:a0:
36:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9F:DA:A4:FF:20:70:A6:7B:D1:2A:59:20:CE:31:E3:48:09:4B:B9
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/XZ_apP8gcKZ70SpZIM4x40gJS7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a9:28:a4:6f:62:6f:61:1c:9a:35:82:d8:5d:9a:fd:75:ca:
9b:e1:0e:55:81:84:b4:d4:c0:2d:f8:07:8c:e3:fb:83:7f:86:
0a:15:72:7c:cd:a0:a4:3c:8b:93:b7:e5:4e:60:bb:db:b9:ed:
2b:31:95:8f:11:8c:54:74:f3:49:33:94:24:b7:cc:4c:bc:93:
e7:2b:f7:ad:6a:1a:37:98:46:d4:a9:1d:54:60:0e:1a:b4:4e:
81:94:3c:00:41:f0:d4:bb:67:a6:f5:5d:26:ee:4b:98:d1:ce:
59:46:6a:16:74:23:67:6e:68:ab:16:c9:77:05:4b:f7:a8:05:
7f:1c:af:88:dc:70:29:e6:3c:6c:8c:91:f7:85:7b:b4:fe:20:
42:08:7a:2b:64:b2:05:aa:4d:f8:65:7d:98:61:bc:49:05:24:
17:25:0a:55:e5:c3:bb:3a:5d:fa:33:e6:c7:25:57:08:df:e7:
ad:04:b2:64:95:f0:f9:6c:a7:f8:7c:a0:65:41:17:6d:0b:d0:
b3:6b:43:84:f1:45:83:12:de:27:ad:a6:ef:24:27:cf:26:a6:
ef:e3:32:d3:33:21:38:0b:40:56:22:65:7c:d5:e2:6d:be:b4:
38:d0:d5:b1:e2:54:43:bb:0f:bb:92:91:1a:9a:7a:f2:d8:ca:
f0:2d:43:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWSntf9f1ZcrOLljkMPKoDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMwMTA4MTgyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDlmZGFhNGZmMjA3MGE2N2JkMTJhNTkyMGNlMzFlMzQ4MDk0YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdPzTGPOTsORa16CvnfNT57lndRZ
b9q/y5ztagWXVnL0WNpVz3UyvtUv22hdPFnJOIvP6jpzaSWbLHvOWo59i/jD05RZ
nOKDcKHzVJfUe5WATm9E0I7HHijJeHRe4p/WLFM7oic6tmewKkpha9QtOy/WGKCl
2z/pPxM9WW19bmkaFiFC+jMd9vXiS/XlvtV5SPmQlXPzPUo2b3bJOAnufgkhxSXU
OW1c/VCuE4WLndPDAHO+xY8twdMjRIP22K/XajTFqCojGPkDt/ujcHtm5S7Bhy55
yT4djtfSbLbfYSV9gFuUwrHVyH/E7IDM4bbO3H2ybqtJAPTqS91FOaA2uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2f2qT/IHCme9EqWSDOMeNICUu5MB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvWFpfYXBQOGdjS1o3MFNwWklNNHg0MGdKUzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRT/MA0G
CSqGSIb3DQEBCwUAA4IBAQB3qSikb2JvYRyaNYLYXZr9dcqb4Q5VgYS01MAt+AeM
4/uDf4YKFXJ8zaCkPIuTt+VOYLvbue0rMZWPEYxUdPNJM5Qkt8xMvJPnK/etaho3
mEbUqR1UYA4atE6BlDwAQfDUu2em9V0m7kuY0c5ZRmoWdCNnbmirFsl3BUv3qAV/
HK+I3HAp5jxsjJH3hXu0/iBCCHorZLIFqk34ZX2YYbxJBSQXJQpV5cO7Ol36M+bH
JVcI3+etBLJklfD5bKf4fKBlQRdtC9Cza0OE8UWDEt4nrabvJCfPJqbv4zLTMyE4
C0BWImV81eJtvrQ40NWx4lRDuw+7kpEamnry2MrwLUPq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org