Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/a3e46f-7e5a-4663-bd63-dc0966669609/1/XIJZA-DekIKjlyrh4UZq9wlxXDY.roa
File: XIJZA-DekIKjlyrh4UZq9wlxXDY.roa (raw, json)
Hash identifier: uVZYFVdFhVbPKkut0qAJryk1UZ3EYUGUfwotdk/yLkk=
Subject key identifier: 5C:82:59:03:E0:DE:90:82:A3:97:2A:E1:E1:46:6A:F7:09:71:5C:36
Certificate issuer: /CN=9ea1425225410c93211d08758fcdaf0f7aa1ccaa
Certificate serial: 0185E53ED0BAA9CCC4A49C0142AC63F0FE91
Authority key identifier: 9E:A1:42:52:25:41:0C:93:21:1D:08:75:8F:CD:AF:0F:7A:A1:CC:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nqFCUiVBDJMhHQh1j82vD3qhzKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/a3e46f-7e5a-4663-bd63-dc0966669609/1/XIJZA-DekIKjlyrh4UZq9wlxXDY.roa
Signing time: Tue 24 Jan 2023 19:26:17 +0000
ROA not before: Tue 24 Jan 2023 19:26:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212496
IP address blocks: 91.247.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e5:3e:d0:ba:a9:cc:c4:a4:9c:01:42:ac:63:f0:fe:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ea1425225410c93211d08758fcdaf0f7aa1ccaa
Validity
Not Before: Jan 24 19:26:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c825903e0de9082a3972ae1e1466af709715c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9a:8b:cd:87:3d:4d:a4:24:a7:c5:53:ed:bb:
cf:5e:15:fb:9e:d3:58:9c:0d:83:39:18:eb:a9:c7:
f1:49:cb:c4:8e:60:ff:d5:53:25:4c:72:27:b3:63:
91:ac:49:b6:33:73:01:ec:99:b4:a8:8c:17:e5:40:
7c:0b:0a:88:9d:5e:b5:4a:2e:98:be:65:98:4c:ce:
15:e0:df:8a:d5:68:38:96:64:e1:48:f8:b4:7e:f8:
3d:eb:ea:a5:fa:d3:11:c7:f9:59:50:bf:3a:8e:ae:
a5:19:02:10:a4:77:be:38:ab:14:39:08:51:a6:5e:
94:a6:73:b4:0e:13:6d:ce:58:dd:fd:fd:6e:b6:de:
60:66:59:28:67:ec:91:06:f0:7d:38:b3:0c:f4:0e:
b4:a6:7f:39:f8:0a:22:49:96:9b:8f:cb:a1:7c:2a:
a9:80:81:1d:e4:2d:be:dd:08:11:57:39:14:61:a2:
bc:65:1f:fa:64:af:45:ac:3f:e6:4c:83:90:05:41:
0b:86:dd:97:6e:b5:c7:cc:bc:c9:a1:57:e2:b0:01:
b7:50:b3:ee:b8:b8:00:9e:a0:b2:c5:73:94:d4:38:
3e:5c:bc:9e:a4:4f:4a:96:da:df:9e:3b:9b:b4:b6:
41:4f:53:c5:4e:31:e8:2d:ba:39:22:c5:54:2d:7b:
97:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:82:59:03:E0:DE:90:82:A3:97:2A:E1:E1:46:6A:F7:09:71:5C:36
X509v3 Authority Key Identifier:
keyid:9E:A1:42:52:25:41:0C:93:21:1D:08:75:8F:CD:AF:0F:7A:A1:CC:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nqFCUiVBDJMhHQh1j82vD3qhzKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/a3e46f-7e5a-4663-bd63-dc0966669609/1/XIJZA-DekIKjlyrh4UZq9wlxXDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/a3e46f-7e5a-4663-bd63-dc0966669609/1/nqFCUiVBDJMhHQh1j82vD3qhzKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.38.0/24
Signature Algorithm: sha256WithRSAEncryption
84:59:56:c5:44:bc:1f:fb:f6:fd:d7:8c:a5:d8:f1:ea:45:ec:
10:35:8e:5f:3e:ad:4c:5d:c1:c3:8f:9b:22:28:61:47:c6:ef:
3b:6a:8c:28:d6:15:74:bf:91:7c:9e:ae:cd:c7:aa:b4:a3:a1:
b6:46:26:86:60:d3:15:80:59:5b:41:6a:4e:08:78:c5:22:ec:
e2:48:87:48:94:5f:94:ef:6c:8f:45:fd:ac:1c:62:94:cb:85:
ac:46:7d:c9:03:50:eb:33:f8:6c:a2:75:b8:c8:9b:b1:a3:8d:
71:a6:ab:79:08:75:59:29:9b:5f:61:6f:a3:ca:d7:5d:b6:6c:
fa:b0:f9:a1:06:12:c1:61:36:cd:d3:3b:e0:9c:85:98:82:34:
28:ba:6d:1d:ca:3a:da:db:5a:65:c5:48:0f:e1:34:ba:01:38:
d0:4c:04:0a:39:b0:52:d2:d2:f3:6d:bd:ec:0c:15:84:23:9f:
00:27:e2:54:b2:d6:0e:b2:cb:92:25:60:c2:4a:c3:d3:1a:83:
4d:ec:17:22:ea:50:a6:38:62:9d:0e:f8:14:4c:dd:ee:d0:96:
1e:20:2a:80:6a:b9:53:13:0a:be:d4:46:9b:75:dc:a0:08:b8:
8a:ab:17:99:fc:28:f5:64:ae:a8:3d:f3:b1:93:bf:24:c6:79:
34:90:30:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXlPtC6qczEpJwBQqxj8P6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYTE0MjUyMjU0MTBjOTMyMTFkMDg3NThmY2RhZjBmN2Fh
MWNjYWEwHhcNMjMwMTI0MTkyNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgyNTkwM2UwZGU5MDgyYTM5NzJhZTFlMTQ2NmFmNzA5NzE1YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZqLzYc9TaQkp8VT7bvPXhX7ntNY
nA2DORjrqcfxScvEjmD/1VMlTHIns2ORrEm2M3MB7Jm0qIwX5UB8CwqInV61Si6Y
vmWYTM4V4N+K1Wg4lmThSPi0fvg96+ql+tMRx/lZUL86jq6lGQIQpHe+OKsUOQhR
pl6UpnO0DhNtzljd/f1utt5gZlkoZ+yRBvB9OLMM9A60pn85+AoiSZabj8uhfCqp
gIEd5C2+3QgRVzkUYaK8ZR/6ZK9FrD/mTIOQBUELht2XbrXHzLzJoVfisAG3ULPu
uLgAnqCyxXOU1Dg+XLyepE9KltrfnjubtLZBT1PFTjHoLbo5IsVULXuXgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyCWQPg3pCCo5cq4eFGavcJcVw2MB8GA1UdIwQY
MBaAFJ6hQlIlQQyTIR0IdY/Nrw96ocyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnFGQ1VpVkJESk1oSFFoMWo4MnZEM3FoektvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9hM2U0NmYtN2U1YS00NjYzLWJkNjMt
ZGMwOTY2NjY5NjA5LzEvWElKWkEtRGVrSUtqbHlyaDRVWnE5d2x4WERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9hM2U0NmYtN2U1YS00NjYzLWJkNjMtZGMwOTY2NjY5NjA5
LzEvbnFGQ1VpVkJESk1oSFFoMWo4MnZEM3FoektvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/cmMA0G
CSqGSIb3DQEBCwUAA4IBAQCEWVbFRLwf+/b914yl2PHqRewQNY5fPq1MXcHDj5si
KGFHxu87aowo1hV0v5F8nq7Nx6q0o6G2RiaGYNMVgFlbQWpOCHjFIuziSIdIlF+U
72yPRf2sHGKUy4WsRn3JA1DrM/hsonW4yJuxo41xpqt5CHVZKZtfYW+jytddtmz6
sPmhBhLBYTbN0zvgnIWYgjQoum0dyjra21plxUgP4TS6ATjQTAQKObBS0tLzbb3s
DBWEI58AJ+JUstYOssuSJWDCSsPTGoNN7Bci6lCmOGKdDvgUTN3u0JYeICqAarlT
Ewq+1EabddygCLiKqxeZ/Cj1ZK6oPfOxk78kxnk0kDDN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:13 2024 by rpki-client on console-ams.rpki-client.org