Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/XCRCZWLpci5NnFfsOZ_QXmfH90I.roa
File: XCRCZWLpci5NnFfsOZ_QXmfH90I.roa (raw, json)
Hash identifier: 1FZsjw8GYRFCBpAKC2GmtsXSkgk1NCXY9abRU8Zf3xs=
Subject key identifier: 5C:24:42:65:62:E9:72:2E:4D:9C:57:EC:39:9F:D0:5E:67:C7:F7:42
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018CC4248499622EED6368498FB287540947
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/XCRCZWLpci5NnFfsOZ_QXmfH90I.roa
Signing time: Mon 01 Jan 2024 08:29:36 +0000
ROA not before: Mon 01 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48944
IP address blocks: 2a05:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Jan 2024 15:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:84:99:62:2e:ed:63:68:49:8f:b2:87:54:09:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c24426562e9722e4d9c57ec399fd05e67c7f742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:8f:6b:3d:b2:9a:ca:25:e5:6b:c4:54:a9:
0a:a8:ae:b2:21:89:70:c6:e8:28:16:f7:06:62:1d:
24:13:d9:c7:b0:0a:a4:24:d3:2c:bc:ef:29:cc:33:
a1:2a:7f:4f:05:97:01:68:8f:65:f4:20:07:87:a3:
5e:ea:40:90:e5:e0:e3:e6:a1:c8:10:06:f5:05:04:
eb:89:71:9f:a2:78:b3:c3:07:a1:c5:b8:fa:be:53:
87:40:36:d0:76:c8:0b:b3:8b:4b:7c:2a:91:06:ec:
8c:89:f7:80:cc:43:a9:83:ad:cb:58:80:34:d1:d4:
bb:04:25:06:7b:9b:b2:78:64:04:10:e1:d6:2b:62:
71:d8:a8:a2:0c:00:ec:52:4f:8d:dd:77:d4:57:03:
9c:b7:62:ac:20:db:8a:20:95:01:8f:1f:0b:9c:21:
8e:9e:88:fd:df:87:98:fb:bf:1d:ba:32:8c:ff:14:
dc:e6:ef:a3:4c:16:7c:c3:ea:d6:5c:d1:d5:c7:42:
57:6c:9d:83:07:59:11:1b:34:07:7f:64:af:97:43:
5d:e4:ad:08:0a:55:a1:3d:a5:02:4c:00:a8:7c:3d:
62:a6:07:b6:58:3b:d1:3d:a1:13:5e:b7:7e:5e:25:
d1:4c:23:f1:e0:40:04:97:6e:1a:88:33:69:59:bf:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:24:42:65:62:E9:72:2E:4D:9C:57:EC:39:9F:D0:5E:67:C7:F7:42
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/XCRCZWLpci5NnFfsOZ_QXmfH90I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:f5:d6:9f:0d:3c:28:07:96:58:59:9e:da:88:b5:89:5d:ab:
8b:3c:64:28:43:f0:67:3b:da:fd:5b:13:91:29:1d:e4:ad:86:
4f:26:4e:b7:49:8f:cb:d6:14:d5:c6:49:8a:76:50:df:fe:76:
de:e0:a5:08:02:66:53:fa:eb:d3:17:cd:54:16:a1:19:17:88:
5e:a2:f5:c6:a7:b9:d4:d1:41:43:8d:29:b9:2c:54:23:79:52:
18:9b:84:d1:3e:45:a6:a2:76:e0:35:ad:3f:50:11:27:fb:80:
82:f9:ba:d0:0f:c2:f5:50:77:ef:ea:38:66:27:e6:ec:3d:dc:
07:b7:e4:8e:15:33:f3:3e:fb:7a:01:ad:0d:49:98:11:1b:43:
b6:9b:52:e6:02:4f:dc:67:35:65:a0:2a:00:29:8b:45:29:9f:
1b:c0:9a:e0:c7:97:45:00:cd:94:c0:52:3a:df:12:a5:c7:4c:
0d:ca:70:bc:d8:33:74:3a:57:8d:94:fb:9b:d5:9f:f7:58:fd:
77:40:69:ba:d9:5c:14:08:91:3b:e0:04:79:50:b1:45:ca:81:
ec:45:74:4f:5f:cc:ca:b9:ba:d7:96:57:82:81:93:e6:a2:f5:
60:10:7a:53:3a:70:12:26:2e:35:a8:d0:d4:ac:fc:57:e3:54:
e7:a6:92:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJISZYi7tY2hJj7KHVAlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI0NDI2NTYyZTk3MjJlNGQ5YzU3ZWMzOTlmZDA1ZTY3YzdmNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqaPaz2ymsol5WvEVKkKqK6yIYlw
xugoFvcGYh0kE9nHsAqkJNMsvO8pzDOhKn9PBZcBaI9l9CAHh6Ne6kCQ5eDj5qHI
EAb1BQTriXGfonizwwehxbj6vlOHQDbQdsgLs4tLfCqRBuyMifeAzEOpg63LWIA0
0dS7BCUGe5uyeGQEEOHWK2Jx2KiiDADsUk+N3XfUVwOct2KsINuKIJUBjx8LnCGO
noj934eY+78dujKM/xTc5u+jTBZ8w+rWXNHVx0JXbJ2DB1kRGzQHf2Svl0Nd5K0I
ClWhPaUCTACofD1ipge2WDvRPaETXrd+XiXRTCPx4EAEl24aiDNpWb95tQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFwkQmVi6XIuTZxX7Dmf0F5nx/dCMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvWENSQ1pXTHBjaTVObkZmc09aX1FYbWZIOTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVjwDAN
BgkqhkiG9w0BAQsFAAOCAQEAXfXWnw08KAeWWFme2oi1iV2rizxkKEPwZzva/VsT
kSkd5K2GTyZOt0mPy9YU1cZJinZQ3/523uClCAJmU/rr0xfNVBahGReIXqL1xqe5
1NFBQ40puSxUI3lSGJuE0T5FpqJ24DWtP1ARJ/uAgvm60A/C9VB37+o4Zifm7D3c
B7fkjhUz8z77egGtDUmYERtDtptS5gJP3Gc1ZaAqACmLRSmfG8Ca4MeXRQDNlMBS
Ot8SpcdMDcpwvNgzdDpXjZT7m9Wf91j9d0BputlcFAiRO+AEeVCxRcqB7EV0T1/M
yrm615ZXgoGT5qL1YBB6UzpwEiYuNajQ1Kz8V+NU56aSMA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:14:16 2025 by rpki-client