Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/XbA2-WYObKt7Qvzek0emjVjlh9o.roa
File: XbA2-WYObKt7Qvzek0emjVjlh9o.roa (raw, json)
Hash identifier: ZJEj2Yk8wB2UvvVQsZipUmBX5q0TR6lcMzqyoadtIm8=
Subject key identifier: 5D:B0:36:F9:66:0E:6C:AB:7B:42:FC:DE:93:47:A6:8D:58:E5:87:DA
Certificate issuer: /CN=1792806c34f57583899dc52dca407e25cf9d3622
Certificate serial: 01856D81C9B979934B739766C35AFF573B67
Authority key identifier: 17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/XbA2-WYObKt7Qvzek0emjVjlh9o.roa
Signing time: Sun 01 Jan 2023 13:25:00 +0000
ROA not before: Sun 01 Jan 2023 13:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34688
IP address blocks: 46.227.240.0/21 maxlen: 21
2a01:7600::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c9:b9:79:93:4b:73:97:66:c3:5a:ff:57:3b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1792806c34f57583899dc52dca407e25cf9d3622
Validity
Not Before: Jan 1 13:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5db036f9660e6cab7b42fcde9347a68d58e587da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:16:22:ce:cb:d2:de:82:1c:cd:6b:1f:18:
57:17:b3:fe:20:c5:ce:5b:82:65:61:c0:ee:dc:9f:
f6:be:8e:b3:f6:5e:03:c4:fc:ea:ed:b2:73:53:98:
87:c5:5f:2c:a5:8f:70:3d:cd:38:93:4b:c8:ec:8b:
6a:31:0b:c6:73:d3:76:fa:11:c0:b2:10:29:96:91:
5a:55:e3:b5:bf:28:83:6c:1e:e5:8f:21:a5:89:94:
08:60:2a:02:e1:f7:85:83:10:35:ca:cf:38:a0:7a:
6d:3a:2d:93:a1:aa:87:e4:ae:a9:c1:db:a2:bc:fb:
fd:55:ab:60:c8:9e:fe:2b:4b:63:10:54:d9:c4:65:
c9:a8:74:bc:9d:25:80:b4:18:7d:8f:3d:1e:db:53:
4c:a4:32:f1:01:99:07:2c:8e:16:08:54:e8:ce:49:
61:89:15:41:9f:cc:57:37:4a:df:78:bb:3c:bf:94:
e0:3f:9d:aa:33:f5:d2:ce:81:f4:7a:7f:c3:18:0f:
1d:c7:ae:a4:d6:14:2a:42:97:02:40:fb:41:b3:6f:
62:a7:c9:9c:3a:af:a4:7b:90:52:96:4e:08:ac:ff:
bc:a3:54:f9:bd:c8:22:4b:1c:30:46:11:a0:ff:86:
d2:71:79:fe:8e:3c:66:25:80:f3:8f:b7:a0:c2:ce:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B0:36:F9:66:0E:6C:AB:7B:42:FC:DE:93:47:A6:8D:58:E5:87:DA
X509v3 Authority Key Identifier:
keyid:17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/XbA2-WYObKt7Qvzek0emjVjlh9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/F5KAbDT1dYOJncUtykB-Jc-dNiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.240.0/21
IPv6:
2a01:7600::/32
Signature Algorithm: sha256WithRSAEncryption
b7:d4:12:aa:09:8c:e3:21:0d:b7:72:6b:f8:2b:b0:84:e1:3b:
b0:01:3a:6b:1d:78:18:76:5e:2d:d2:1f:58:f6:fa:32:f1:be:
94:f2:63:c6:7e:57:25:54:b9:a7:07:36:e3:2c:b9:70:e1:62:
b3:20:33:13:22:0b:8f:d7:13:b0:28:0e:68:6e:79:d2:e6:6f:
c7:5d:aa:c5:8d:23:91:1d:d0:5e:01:29:86:ce:f6:0d:56:9a:
1e:75:bd:a4:4f:2f:9e:75:31:8f:72:0e:86:cd:7c:83:fb:dd:
b7:b9:c4:3f:f5:80:14:79:44:0f:03:03:fc:52:2f:59:c6:a1:
0b:b8:e3:87:3f:83:50:32:86:e9:c9:e1:f5:b0:ef:2d:9b:3e:
91:66:4d:25:10:81:dc:7e:f4:94:07:3e:c6:38:5a:b0:d8:c5:
e0:96:f1:26:ac:54:f8:d7:1b:e7:11:7a:ee:55:56:c4:7d:55:
69:2c:5c:e6:fc:14:49:78:be:c2:26:e9:f4:c9:7f:3a:f8:40:
08:3a:ea:ca:6a:de:62:dc:0e:ac:0c:0c:80:23:c3:e0:0f:1c:
51:c6:02:0f:a6:7f:8e:92:00:a6:5e:3a:a2:a0:de:c3:02:5f:
12:63:37:81:e1:27:24:c6:80:18:c9:a9:f2:c0:f2:df:f0:46:
69:e5:9a:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgcm5eZNLc5dmw1r/VztnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTI4MDZjMzRmNTc1ODM4OTlkYzUyZGNhNDA3ZTI1Y2Y5
ZDM2MjIwHhcNMjMwMTAxMTMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIwMzZmOTY2MGU2Y2FiN2I0MmZjZGU5MzQ3YTY4ZDU4ZTU4N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQWIs7L0t6CHM1rHxhXF7P+IMXO
W4JlYcDu3J/2vo6z9l4DxPzq7bJzU5iHxV8spY9wPc04k0vI7ItqMQvGc9N2+hHA
shAplpFaVeO1vyiDbB7ljyGliZQIYCoC4feFgxA1ys84oHptOi2ToaqH5K6pwdui
vPv9VatgyJ7+K0tjEFTZxGXJqHS8nSWAtBh9jz0e21NMpDLxAZkHLI4WCFTozklh
iRVBn8xXN0rfeLs8v5TgP52qM/XSzoH0en/DGA8dx66k1hQqQpcCQPtBs29ip8mc
Oq+ke5BSlk4IrP+8o1T5vcgiSxwwRhGg/4bScXn+jjxmJYDzj7egws6GcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF2wNvlmDmyre0L83pNHpo1Y5YfaMB8GA1UdIwQY
MBaAFBeSgGw09XWDiZ3FLcpAfiXPnTYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2Yt
N2VmMmQ3MGQ3MDhmLzEvWGJBMi1XWU9iS3Q3UXZ6ZWswZW1qVmpsaDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2YtN2VmMmQ3MGQ3MDhm
LzEvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuPwMA0E
AgACMAcDBQAqAXYAMA0GCSqGSIb3DQEBCwUAA4IBAQC31BKqCYzjIQ23cmv4K7CE
4TuwATprHXgYdl4t0h9Y9voy8b6U8mPGflclVLmnBzbjLLlw4WKzIDMTIguP1xOw
KA5obnnS5m/HXarFjSORHdBeASmGzvYNVpoedb2kTy+edTGPcg6GzXyD+923ucQ/
9YAUeUQPAwP8Ui9ZxqELuOOHP4NQMobpyeH1sO8tmz6RZk0lEIHcfvSUBz7GOFqw
2MXglvEmrFT41xvnEXruVVbEfVVpLFzm/BRJeL7CJun0yX86+EAIOurKat5i3A6s
DAyAI8PgDxxRxgIPpn+OkgCmXjqioN7DAl8SYzeB4SckxoAYyanywPLf8EZp5ZpA
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:23 2024 by rpki-client on console-ams.rpki-client.org