Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/xlgHOJQPRMq7Aekb4vtKhDphgis.roa
File: xlgHOJQPRMq7Aekb4vtKhDphgis.roa (raw, json)
Hash identifier: sm0IDiXKohVPQKiScm38yrNN9WDSm5Sp8Z5TZu/GXak=
Subject key identifier: C6:58:07:38:94:0F:44:CA:BB:01:E9:1B:E2:FB:4A:84:3A:61:82:2B
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 01856D81D92A45671A8A67B60532DE5EB5CA
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/xlgHOJQPRMq7Aekb4vtKhDphgis.roa
Signing time: Sun 01 Jan 2023 13:25:04 +0000
ROA not before: Sun 01 Jan 2023 13:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.20.255.0/24 maxlen: 24
91.239.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jan 2023 18:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:d9:2a:45:67:1a:8a:67:b6:05:32:de:5e:b5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jan 1 13:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6580738940f44cabb01e91be2fb4a843a61822b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:9b:31:e3:44:5e:9e:96:04:28:f9:eb:71:
64:f7:96:13:78:6d:65:bc:ec:22:c8:8c:81:0e:f5:
f4:94:72:1a:67:3d:0b:20:93:a1:9f:14:7e:92:65:
c1:1a:36:df:6f:ce:23:6b:e6:9c:cc:b1:95:a7:e2:
61:d3:69:7d:cf:ea:45:34:6c:40:15:30:1d:fe:96:
1a:7b:68:25:a6:67:66:15:6d:13:d5:35:0f:f9:83:
6f:eb:a2:39:e4:6c:b2:a8:7f:2e:e9:33:74:ce:57:
f9:73:16:66:4b:2a:67:49:c4:1b:10:c7:ab:55:32:
45:fd:77:d6:d4:05:9a:1b:6b:fa:f6:e3:49:18:68:
08:e4:9f:88:78:c5:a7:20:9a:de:06:af:9e:8e:92:
51:45:54:22:e3:f1:dd:9e:86:db:da:b2:0e:d3:20:
17:71:d0:9c:f9:d7:b4:b7:49:40:bb:0b:da:ff:85:
9c:e2:c3:97:c2:60:6b:51:64:7e:ab:68:4b:4c:f7:
f1:9b:09:f5:a7:bc:fc:20:6c:a6:76:b3:0a:66:d0:
9c:43:3b:e2:95:aa:f7:af:67:58:64:46:fa:7f:da:
94:eb:5e:d0:21:18:b4:f5:b7:da:87:2a:83:c6:e3:
85:bb:82:96:af:4b:bd:db:67:d1:7e:6a:2c:bb:48:
02:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:58:07:38:94:0F:44:CA:BB:01:E9:1B:E2:FB:4A:84:3A:61:82:2B
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/xlgHOJQPRMq7Aekb4vtKhDphgis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.62.0/24
185.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
61:03:c6:61:8f:c4:b4:32:c3:1d:db:07:7b:d1:e3:3a:42:8f:
d7:41:56:4e:13:72:4b:1a:83:7f:68:75:7d:86:8a:c7:0d:6f:
85:7f:32:1f:de:3d:ac:2b:3f:d2:c5:2a:89:c3:c4:81:15:5c:
0f:e1:84:c2:8b:75:b8:f5:c0:ad:8a:4b:44:02:22:2c:e6:07:
77:43:35:75:85:13:1c:e1:d2:cc:e2:a9:f1:02:54:78:38:8a:
fb:ed:6b:c6:7a:4d:33:45:cd:dd:82:5d:23:77:20:40:d7:99:
1c:10:6f:76:5c:85:62:49:f9:9d:34:fc:8a:9a:e7:ef:ca:97:
f5:a9:6c:71:f7:30:10:02:01:87:26:d7:70:e6:49:5c:c6:12:
c4:16:89:c7:b1:e4:3a:e5:1b:25:6d:c7:6e:0b:76:77:fd:23:
88:de:9d:c1:69:79:76:05:03:4b:7c:27:01:4d:3d:18:53:56:
6b:25:49:4d:76:58:b1:bd:c0:c9:1c:fc:eb:91:5f:4e:46:f6:
d7:14:6b:ef:bb:11:03:16:45:fe:c8:81:e8:04:35:df:95:0c:
f2:6c:15:a5:46:08:01:1b:1a:b4:62:7d:b7:25:cf:6e:46:3f:
59:aa:52:1e:b0:da:41:49:af:45:cb:cf:79:66:08:29:b7:78:
9f:f8:a1:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgdkqRWcaime2BTLeXrXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMwMTAxMTMyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjU4MDczODk0MGY0NGNhYmIwMWU5MWJlMmZiNGE4NDNhNjE4MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5CbMeNEXp6WBCj563Fk95YTeG1l
vOwiyIyBDvX0lHIaZz0LIJOhnxR+kmXBGjbfb84ja+aczLGVp+Jh02l9z+pFNGxA
FTAd/pYae2glpmdmFW0T1TUP+YNv66I55GyyqH8u6TN0zlf5cxZmSypnScQbEMer
VTJF/XfW1AWaG2v69uNJGGgI5J+IeMWnIJreBq+ejpJRRVQi4/Hdnobb2rIO0yAX
cdCc+de0t0lAuwva/4Wc4sOXwmBrUWR+q2hLTPfxmwn1p7z8IGymdrMKZtCcQzvi
lar3r2dYZEb6f9qU617QIRi09bfahyqDxuOFu4KWr0u922fRfmosu0gCiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZYBziUD0TKuwHpG+L7SoQ6YYIrMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEveGxnSE9KUVBSTXE3QWVrYjR2dEtoRHBoZ2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+8+AwQA
uRT/MA0GCSqGSIb3DQEBCwUAA4IBAQBhA8Zhj8S0MsMd2wd70eM6Qo/XQVZOE3JL
GoN/aHV9horHDW+FfzIf3j2sKz/SxSqJw8SBFVwP4YTCi3W49cCtiktEAiIs5gd3
QzV1hRMc4dLM4qnxAlR4OIr77WvGek0zRc3dgl0jdyBA15kcEG92XIViSfmdNPyK
mufvypf1qWxx9zAQAgGHJtdw5klcxhLEFonHseQ65RslbcduC3Z3/SOI3p3BaXl2
BQNLfCcBTT0YU1ZrJUlNdlixvcDJHPzrkV9ORvbXFGvvuxEDFkX+yIHoBDXflQzy
bBWlRggBGxq0Yn23Jc9uRj9ZqlIesNpBSa9Fy895Zggpt3if+KEb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:47 2024 by rpki-client on console-fra.rpki-client.org