Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/XsEo1ySKEapi65Rf8Wfu-ZP9mtw.roa
File: XsEo1ySKEapi65Rf8Wfu-ZP9mtw.roa (raw, json)
Hash identifier: 9mCMocNeHuVtyaNej5Maf9axk0eUmjzwZSAuFlLH+v4=
Subject key identifier: 5E:C1:28:D7:24:8A:11:AA:62:EB:94:5F:F1:67:EE:F9:93:FD:9A:DC
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA84DC1AA2AE29B4113137D84613CF
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/XsEo1ySKEapi65Rf8Wfu-ZP9mtw.roa
Signing time: Mon 02 Jan 2023 13:45:04 +0000
ROA not before: Mon 02 Jan 2023 13:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211679
IP address blocks: 2a0f:5707:23::/48 maxlen: 48
2a0f:5707:b110::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:84:dc:1a:a2:ae:29:b4:11:31:37:d8:46:13:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ec128d7248a11aa62eb945ff167eef993fd9adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:08:35:67:aa:9f:c9:c6:3a:c8:94:1f:c5:9c:
2a:7e:9b:10:43:78:09:08:f5:37:d8:a6:e2:b6:2f:
5d:30:36:97:e3:39:2f:29:c6:c8:59:52:c5:20:73:
35:dd:e0:77:bd:f0:6c:7a:36:cb:dd:4c:d2:bf:b3:
3f:24:49:64:59:de:49:a5:bf:6d:e7:16:76:54:30:
08:17:20:a9:4a:1c:48:11:31:a6:8b:80:ac:2c:e0:
98:70:dd:e7:b2:85:59:99:2f:6f:3e:55:49:d9:fa:
bb:5e:6e:15:39:35:a6:13:54:6b:67:37:c4:4f:d6:
1c:ba:b6:89:1c:ee:53:f4:80:fb:22:17:2a:1f:d4:
1d:40:20:93:71:26:9d:7a:ec:a4:e7:7d:13:2a:8e:
36:ff:b6:43:59:1e:0d:c3:54:ba:05:2f:71:68:5b:
81:54:dc:63:75:c3:ae:19:cc:f2:2a:be:2a:9d:bc:
fe:39:99:62:cc:fd:29:03:aa:e4:60:1e:ca:ac:d0:
e4:c9:df:23:e0:9f:b6:0a:52:d6:e7:81:1a:a8:59:
43:2b:bd:c1:9b:9b:cd:c4:da:13:6e:51:d3:9a:63:
5b:d8:05:b0:3f:1a:31:68:09:5d:a7:4b:14:a6:ae:
e2:df:4c:0d:ad:5b:d0:a0:83:0a:c8:70:90:a8:41:
54:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C1:28:D7:24:8A:11:AA:62:EB:94:5F:F1:67:EE:F9:93:FD:9A:DC
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/XsEo1ySKEapi65Rf8Wfu-ZP9mtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:23::/48
2a0f:5707:b110::/44
Signature Algorithm: sha256WithRSAEncryption
b9:e2:1f:1b:d6:25:bf:69:97:ad:1e:15:45:a9:82:76:4e:52:
42:7a:3d:97:37:a1:33:3c:51:b8:37:ee:86:de:84:c5:d1:db:
1a:7c:84:ba:fb:e1:dd:62:1e:1a:bf:e5:28:28:c2:10:e5:c1:
f6:c1:ce:96:79:53:ba:c0:a6:74:81:93:80:0a:81:3e:b9:73:
45:b1:b4:f6:84:bb:dc:8f:3f:6b:09:00:59:70:99:fc:55:25:
8a:ca:a5:9d:f3:6f:a5:77:9d:cc:f1:7f:17:80:0b:2c:ee:35:
f8:db:29:64:bf:50:3c:a3:4f:e6:05:dd:7f:86:e0:6a:b3:66:
47:a1:34:2c:39:4e:15:b0:b3:91:10:2b:e3:26:7f:20:a9:93:
0a:f5:3d:aa:bf:12:68:38:63:40:6a:a8:78:db:56:0e:d4:42:
d6:b4:88:2d:e7:cc:50:0a:3c:8f:95:0d:6a:8b:bd:5c:5c:14:
ed:ce:13:d5:c8:fe:8f:2c:9f:84:ea:b0:6c:eb:a1:d5:ab:be:
3e:e8:ec:a1:d4:c4:df:2c:11:d9:5d:12:ba:2a:38:a2:28:71:
9c:2d:3a:57:92:63:22:07:54:61:5e:ed:e7:dc:24:9a:82:59:
92:cd:2a:a8:5d:3b:82:58:7e:e5:c7:d1:f2:31:ab:4a:f1:6b:
89:ea:9a:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyuoTcGqKuKbQRMTfYRhPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMxMjhkNzI0OGExMWFhNjJlYjk0NWZmMTY3ZWVmOTkzZmQ5YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgg1Z6qfycY6yJQfxZwqfpsQQ3gJ
CPU32Kbiti9dMDaX4zkvKcbIWVLFIHM13eB3vfBsejbL3UzSv7M/JElkWd5Jpb9t
5xZ2VDAIFyCpShxIETGmi4CsLOCYcN3nsoVZmS9vPlVJ2fq7Xm4VOTWmE1RrZzfE
T9YcuraJHO5T9ID7IhcqH9QdQCCTcSadeuyk530TKo42/7ZDWR4Nw1S6BS9xaFuB
VNxjdcOuGczyKr4qnbz+OZlizP0pA6rkYB7KrNDkyd8j4J+2ClLW54EaqFlDK73B
m5vNxNoTblHTmmNb2AWwPxoxaAldp0sUpq7i30wNrVvQoIMKyHCQqEFUFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF7BKNckihGqYuuUX/Fn7vmT/ZrcMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvWHNFbzF5U0tFYXBpNjVSZjhXZnUtWlA5bXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9XBwAj
AwcEKg9XB7EQMA0GCSqGSIb3DQEBCwUAA4IBAQC54h8b1iW/aZetHhVFqYJ2TlJC
ej2XN6EzPFG4N+6G3oTF0dsafIS6++HdYh4av+UoKMIQ5cH2wc6WeVO6wKZ0gZOA
CoE+uXNFsbT2hLvcjz9rCQBZcJn8VSWKyqWd82+ld53M8X8XgAss7jX42ylkv1A8
o0/mBd1/huBqs2ZHoTQsOU4VsLORECvjJn8gqZMK9T2qvxJoOGNAaqh421YO1ELW
tIgt58xQCjyPlQ1qi71cXBTtzhPVyP6PLJ+E6rBs66HVq74+6Oyh1MTfLBHZXRK6
KjiiKHGcLTpXkmMiB1RhXu3n3CSaglmSzSqoXTuCWH7lx9HyMatK8WuJ6pqz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org