Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/442101-780b-47ac-857d-f9e7cb03c527/1/XsPaTlWr_79nT6TSDA3DyqozbEk.roa
File: XsPaTlWr_79nT6TSDA3DyqozbEk.roa (raw, json)
Hash identifier: ITdlvFUJxlLPMICAk5H+HdKgKW+J92n41DEIZLqZMsA=
Subject key identifier: 5E:C3:DA:4E:55:AB:FF:BF:67:4F:A4:D2:0C:0D:C3:CA:AA:33:6C:49
Certificate issuer: /CN=bc65b4ba4d7869d5cb8f9574f0f4feee70ebc6c5
Certificate serial: 01856BA5854C2B9F76293CF6282DD51E6F25
Authority key identifier: BC:65:B4:BA:4D:78:69:D5:CB:8F:95:74:F0:F4:FE:EE:70:EB:C6:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGW0uk14adXLj5V08PT-7nDrxsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/442101-780b-47ac-857d-f9e7cb03c527/1/XsPaTlWr_79nT6TSDA3DyqozbEk.roa
Signing time: Sun 01 Jan 2023 04:44:47 +0000
ROA not before: Sun 01 Jan 2023 04:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207893
IP address blocks: 2a0f:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:85:4c:2b:9f:76:29:3c:f6:28:2d:d5:1e:6f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc65b4ba4d7869d5cb8f9574f0f4feee70ebc6c5
Validity
Not Before: Jan 1 04:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ec3da4e55abffbf674fa4d20c0dc3caaa336c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6d:9c:d6:fa:a7:34:3e:66:9c:33:1a:da:4a:
6d:a8:d2:41:5a:85:b3:68:aa:8e:93:de:19:1b:dc:
41:cf:1f:8d:2b:f3:b5:7f:2d:a7:c7:e0:a9:76:11:
e6:f2:5c:da:07:69:d0:01:b5:d7:c2:d9:c6:df:33:
2f:d5:45:8c:e9:d5:b5:b6:7a:20:10:18:37:93:79:
59:f2:fd:78:68:cc:69:c9:d7:3e:57:85:39:e7:b3:
d4:8f:3b:0d:02:9d:1b:98:f7:82:b9:05:d4:fe:e9:
6d:00:13:36:fb:24:af:41:9f:f0:39:3d:26:66:ae:
b2:32:db:a3:8a:01:83:5c:87:5d:af:8f:66:6c:e1:
fd:e8:7d:6d:39:4c:ff:65:54:18:5e:87:6a:9f:76:
31:d7:3c:78:26:5a:57:fb:b1:3d:03:56:c2:b8:44:
36:6d:6a:46:7c:66:4a:79:d0:aa:07:77:91:6c:16:
12:a6:fe:ef:03:db:49:b9:69:90:1e:a5:62:4c:d0:
18:fc:fc:71:34:f7:04:51:cf:dd:50:a4:11:08:e7:
ec:31:63:57:2c:a3:60:ee:85:10:3f:de:80:a7:c8:
9c:7d:99:8b:42:09:fd:ce:95:87:ad:30:cb:b5:62:
f5:f4:75:5d:0c:d8:5e:2e:b4:4c:80:d5:6d:f0:3d:
5b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C3:DA:4E:55:AB:FF:BF:67:4F:A4:D2:0C:0D:C3:CA:AA:33:6C:49
X509v3 Authority Key Identifier:
keyid:BC:65:B4:BA:4D:78:69:D5:CB:8F:95:74:F0:F4:FE:EE:70:EB:C6:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGW0uk14adXLj5V08PT-7nDrxsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/442101-780b-47ac-857d-f9e7cb03c527/1/XsPaTlWr_79nT6TSDA3DyqozbEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/442101-780b-47ac-857d-f9e7cb03c527/1/vGW0uk14adXLj5V08PT-7nDrxsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
78:ed:93:94:e4:65:6a:09:46:dd:fb:ec:4a:5b:d2:c7:fe:88:
71:cc:f0:a3:10:e5:25:99:1a:dd:d3:ef:2a:2f:77:23:e2:1c:
d1:11:bc:42:2e:2d:1e:51:7e:31:ba:da:db:6b:07:7a:b9:ff:
86:0b:85:ff:24:c8:d4:42:cc:5f:e9:01:a2:38:54:0b:fa:83:
10:e6:24:49:b3:f9:f4:fe:71:d6:fe:88:8e:44:18:8b:21:8b:
43:3f:a3:c2:37:3c:e3:db:7c:55:64:d1:c7:9f:94:18:fc:1e:
ec:25:29:8a:93:1c:4f:6a:92:4b:e5:15:f7:6e:6e:d8:b5:7d:
5d:a5:d6:cf:2e:17:bc:4a:8e:6f:9f:b9:d4:4c:c7:27:0d:0c:
b8:fd:13:3a:97:8f:c5:9f:81:11:89:d0:c6:40:20:34:8e:3c:
a5:46:ac:82:50:76:20:21:af:29:c7:d9:40:30:dc:c1:5c:5e:
00:96:51:ca:e9:97:5a:df:41:74:b2:7c:0b:0e:33:e1:c8:bd:
4d:38:15:8d:bf:2b:fa:18:cd:13:ec:1b:db:ef:d0:fb:6f:21:
41:79:5b:05:11:0b:b1:57:71:89:21:70:9f:ca:f8:29:ba:c8:
b0:f7:49:d1:9f:26:88:6f:71:c4:f5:af:05:56:e1:1f:22:5f:
92:57:36:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrpYVMK592KTz2KC3VHm8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjViNGJhNGQ3ODY5ZDVjYjhmOTU3NGYwZjRmZWVlNzBl
YmM2YzUwHhcNMjMwMTAxMDQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMzZGE0ZTU1YWJmZmJmNjc0ZmE0ZDIwYzBkYzNjYWFhMzM2YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA022c1vqnND5mnDMa2kptqNJBWoWz
aKqOk94ZG9xBzx+NK/O1fy2nx+CpdhHm8lzaB2nQAbXXwtnG3zMv1UWM6dW1tnog
EBg3k3lZ8v14aMxpydc+V4U557PUjzsNAp0bmPeCuQXU/ultABM2+ySvQZ/wOT0m
Zq6yMtujigGDXIddr49mbOH96H1tOUz/ZVQYXodqn3Yx1zx4JlpX+7E9A1bCuEQ2
bWpGfGZKedCqB3eRbBYSpv7vA9tJuWmQHqViTNAY/PxxNPcEUc/dUKQRCOfsMWNX
LKNg7oUQP96Ap8icfZmLQgn9zpWHrTDLtWL19HVdDNheLrRMgNVt8D1bxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF7D2k5Vq/+/Z0+k0gwNw8qqM2xJMB8GA1UdIwQY
MBaAFLxltLpNeGnVy4+VdPD0/u5w68bFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdXMHVrMTRhZFhMajVWMDhQVC03bkRyeHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NDIxMDEtNzgwYi00N2FjLTg1N2Qt
ZjllN2NiMDNjNTI3LzEvWHNQYVRsV3JfNzluVDZUU0RBM0R5cW96YkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NDIxMDEtNzgwYi00N2FjLTg1N2QtZjllN2NiMDNjNTI3
LzEvdkdXMHVrMTRhZFhMajVWMDhQVC03bkRyeHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/sgDAN
BgkqhkiG9w0BAQsFAAOCAQEAeO2TlORlaglG3fvsSlvSx/6IcczwoxDlJZka3dPv
Ki93I+Ic0RG8Qi4tHlF+Mbra22sHern/hguF/yTI1ELMX+kBojhUC/qDEOYkSbP5
9P5x1v6IjkQYiyGLQz+jwjc849t8VWTRx5+UGPwe7CUpipMcT2qSS+UV925u2LV9
XaXWzy4XvEqOb5+51EzHJw0MuP0TOpePxZ+BEYnQxkAgNI48pUasglB2ICGvKcfZ
QDDcwVxeAJZRyumXWt9BdLJ8Cw4z4ci9TTgVjb8r+hjNE+wb2+/Q+28hQXlbBREL
sVdxiSFwn8r4KbrIsPdJ0Z8miG9xxPWvBVbhHyJfklc23A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:03 2024 by rpki-client on console-fra.rpki-client.org