Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/xCTxIzyjNbHWQ2sATLjfam7bUX0.roa
File: xCTxIzyjNbHWQ2sATLjfam7bUX0.roa (raw, json)
Hash identifier: x52jNXkLagFTUVZXgWmuH8n3/x8vRByjf75MY2nraR0=
Subject key identifier: C4:24:F1:23:3C:A3:35:B1:D6:43:6B:00:4C:B8:DF:6A:6E:DB:51:7D
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018571D7CF7DE5BD247DA51301D306084DEC
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/xCTxIzyjNbHWQ2sATLjfam7bUX0.roa
Signing time: Mon 02 Jan 2023 09:37:26 +0000
ROA not before: Mon 02 Jan 2023 09:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63018
IP address blocks: 2a11:840:33::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:cf:7d:e5:bd:24:7d:a5:13:01:d3:06:08:4d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 09:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c424f1233ca335b1d6436b004cb8df6a6edb517d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:54:7f:cb:94:d4:cd:ac:4b:10:7a:10:40:a6:
b8:21:70:b6:0c:c2:9e:4b:f3:a1:10:ca:27:4b:c3:
24:95:7e:e0:cb:a6:67:f8:66:3c:c9:6a:93:e2:4b:
10:89:34:66:33:59:14:84:1b:3e:cd:bc:68:54:40:
f1:c5:90:e7:9c:c4:a0:01:67:06:0b:69:7d:36:b5:
41:1e:1c:12:24:45:fe:6a:7d:94:4d:5a:32:fa:bd:
2c:10:ad:bf:1a:df:f3:62:9d:c5:6b:dc:d8:a8:e5:
f6:3f:9a:f4:fe:2f:35:e9:25:cb:f0:3d:5f:a0:3b:
1b:c1:05:fb:22:1b:90:98:3a:33:e2:82:e4:99:fc:
d1:80:3b:ca:21:81:ea:a2:f3:b4:e2:7d:63:18:94:
01:6f:89:97:21:85:4f:7d:48:87:01:9c:0a:90:58:
35:f6:11:f1:6d:3b:c2:5e:8d:85:0c:e4:e1:50:5c:
76:c2:ea:18:e2:09:68:cc:0e:40:51:9d:23:08:71:
a3:00:9d:c4:af:25:fc:2d:45:22:e5:03:da:9c:de:
a9:a3:77:de:6c:65:8f:14:eb:94:77:f5:07:06:e9:
cb:a0:86:a5:57:40:1d:2b:54:bf:26:ed:77:56:5b:
3d:23:ca:d2:dc:5f:ef:2e:73:b0:04:ea:e2:7c:84:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:24:F1:23:3C:A3:35:B1:D6:43:6B:00:4C:B8:DF:6A:6E:DB:51:7D
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/xCTxIzyjNbHWQ2sATLjfam7bUX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:33::/48
Signature Algorithm: sha256WithRSAEncryption
45:aa:7a:a4:d7:a4:ed:4f:79:9e:a6:04:e8:63:65:80:92:ab:
19:f4:f9:b2:5d:55:26:4a:bd:f5:16:69:f9:15:d0:70:f8:3a:
9a:4f:64:03:07:9d:b2:53:1b:99:83:28:3f:20:38:79:2e:db:
85:c9:2f:73:a2:81:65:ff:08:ad:1c:93:f9:a7:e2:6d:28:82:
1c:8e:ec:05:96:db:06:f3:e9:3e:30:3a:dc:77:4b:ef:e6:4b:
14:9d:43:46:9d:f7:28:c9:b9:74:a8:ba:d1:be:de:bb:55:dc:
08:7e:83:01:44:15:d0:04:47:a9:56:a9:83:95:74:f1:b2:56:
92:69:3b:92:9c:d9:e9:de:71:6e:e2:1b:34:6b:67:fe:a0:0c:
01:20:ed:43:ff:af:f4:10:77:77:bf:1d:0f:7b:f4:26:bc:c1:
33:8f:6f:11:b3:62:b2:62:37:ae:09:59:bb:40:c4:71:1b:30:
58:23:7b:f6:29:b8:c6:5f:4c:28:d6:14:51:86:f3:68:8e:c7:
7c:76:40:62:0c:83:d1:43:55:ee:d5:8a:9d:0a:3f:20:0f:40:
69:33:18:8a:0b:dc:c8:2b:17:b1:3b:c5:86:e2:c9:4c:b1:d8:
52:6f:f1:61:2f:b7:cb:01:9b:d8:88:8a:65:4c:79:67:b8:3c:
17:cf:27:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx18995b0kfaUTAdMGCE3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwMTAyMDkzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI0ZjEyMzNjYTMzNWIxZDY0MzZiMDA0Y2I4ZGY2YTZlZGI1MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVR/y5TUzaxLEHoQQKa4IXC2DMKe
S/OhEMonS8MklX7gy6Zn+GY8yWqT4ksQiTRmM1kUhBs+zbxoVEDxxZDnnMSgAWcG
C2l9NrVBHhwSJEX+an2UTVoy+r0sEK2/Gt/zYp3Fa9zYqOX2P5r0/i816SXL8D1f
oDsbwQX7IhuQmDoz4oLkmfzRgDvKIYHqovO04n1jGJQBb4mXIYVPfUiHAZwKkFg1
9hHxbTvCXo2FDOThUFx2wuoY4glozA5AUZ0jCHGjAJ3EryX8LUUi5QPanN6po3fe
bGWPFOuUd/UHBunLoIalV0AdK1S/Ju13Vls9I8rS3F/vLnOwBOrifIREQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMQk8SM8ozWx1kNrAEy432pu21F9MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEveENUeEl6eWpOYkhXUTJzQVRMamZhbTdiVVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAz
MA0GCSqGSIb3DQEBCwUAA4IBAQBFqnqk16TtT3mepgToY2WAkqsZ9PmyXVUmSr31
Fmn5FdBw+DqaT2QDB52yUxuZgyg/IDh5LtuFyS9zooFl/witHJP5p+JtKIIcjuwF
ltsG8+k+MDrcd0vv5ksUnUNGnfcoybl0qLrRvt67VdwIfoMBRBXQBEepVqmDlXTx
slaSaTuSnNnp3nFu4hs0a2f+oAwBIO1D/6/0EHd3vx0Pe/QmvMEzj28Rs2KyYjeu
CVm7QMRxGzBYI3v2KbjGX0wo1hRRhvNojsd8dkBiDIPRQ1Xu1YqdCj8gD0BpMxiK
C9zIKxexO8WG4slMsdhSb/FhL7fLAZvYiIplTHlnuDwXzydb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org