Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/47d213-26da-471a-96cd-c8a9caa3bbe9/1/XJAZez1peL03nPhJKvrW3AsNn1k.roa
File: XJAZez1peL03nPhJKvrW3AsNn1k.roa (raw, json)
Hash identifier: 6l2J1BkG34cFH9zaO7qy/sCovSulrGIUWxOyVAG6bjw=
Subject key identifier: 5C:90:19:7B:3D:69:78:BD:37:9C:F8:49:2A:FA:D6:DC:0B:0D:9F:59
Certificate issuer: /CN=bd92eae9e11699e4ce710580519776c300296162
Certificate serial: 01856FCBB3DA9AA472DAB9B51B4FF1F063C4
Authority key identifier: BD:92:EA:E9:E1:16:99:E4:CE:71:05:80:51:97:76:C3:00:29:61:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZLq6eEWmeTOcQWAUZd2wwApYWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/47d213-26da-471a-96cd-c8a9caa3bbe9/1/XJAZez1peL03nPhJKvrW3AsNn1k.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12986
IP address blocks: 194.153.128.0/24 maxlen: 24
193.26.27.0/24 maxlen: 24
2001:67c:218c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b3:da:9a:a4:72:da:b9:b5:1b:4f:f1:f0:63:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd92eae9e11699e4ce710580519776c300296162
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c90197b3d6978bd379cf8492afad6dc0b0d9f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:7c:72:f1:66:ce:11:9f:bc:31:a2:60:5f:
47:bb:43:01:5b:c5:09:22:09:be:cc:c5:c2:da:2c:
50:ba:9e:eb:95:87:df:95:f9:6c:65:7d:e3:5e:82:
22:04:3c:04:09:33:89:e3:9a:ea:d1:99:2a:1f:61:
ec:fd:ff:99:40:d5:62:ca:23:ae:64:cf:58:15:24:
a2:4d:dc:e2:76:9e:42:b4:c6:2f:d4:87:cc:43:56:
ab:56:a5:2e:d6:39:ea:6d:b9:ec:6b:c9:a8:84:10:
24:11:e8:0a:82:7e:86:08:c8:a0:59:13:01:26:12:
d3:00:01:00:60:8f:a0:af:99:1e:83:b6:cd:10:3d:
b3:3e:7b:18:a0:4b:4a:8a:c1:64:f8:b6:ed:74:69:
3e:2f:90:19:ac:80:1b:4f:bb:05:d7:8f:f4:02:05:
b4:b7:ac:9a:ec:6d:07:3c:9b:e9:3c:5f:62:a8:f7:
19:5b:ce:f2:46:f4:a8:7c:68:8f:5b:f1:c1:e8:21:
33:98:bd:e3:41:3f:f3:c2:a0:39:dc:2b:07:b4:8f:
db:2f:ce:75:61:af:69:9b:de:02:0c:a6:8d:b4:82:
50:3b:92:41:a4:96:94:13:45:e3:b9:49:20:49:a7:
b3:ab:9e:02:d4:ac:6b:3f:20:f0:f2:d4:7c:85:d4:
72:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:90:19:7B:3D:69:78:BD:37:9C:F8:49:2A:FA:D6:DC:0B:0D:9F:59
X509v3 Authority Key Identifier:
keyid:BD:92:EA:E9:E1:16:99:E4:CE:71:05:80:51:97:76:C3:00:29:61:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZLq6eEWmeTOcQWAUZd2wwApYWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47d213-26da-471a-96cd-c8a9caa3bbe9/1/XJAZez1peL03nPhJKvrW3AsNn1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47d213-26da-471a-96cd-c8a9caa3bbe9/1/vZLq6eEWmeTOcQWAUZd2wwApYWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.27.0/24
194.153.128.0/24
IPv6:
2001:67c:218c::/48
Signature Algorithm: sha256WithRSAEncryption
5a:38:bf:ef:3a:26:35:6d:24:e8:76:e9:8f:5c:dc:6c:aa:1d:
32:b7:cb:80:56:a5:ca:11:25:5d:b2:4b:ee:4f:24:0b:5a:15:
56:fb:db:1b:87:7d:34:ab:e6:a9:85:f6:ef:71:bf:f0:6c:4a:
c9:d1:9e:18:e8:a1:30:5a:e1:23:57:3f:d4:08:a7:d7:4a:66:
82:a8:16:8d:20:7f:4e:09:25:59:7c:5e:ad:17:32:09:1e:36:
da:99:28:a2:19:16:43:01:77:5c:5f:7a:c1:66:13:c5:0b:e8:
5f:20:f0:73:42:38:01:93:13:d2:fc:a8:43:a2:cd:7e:8b:9c:
04:e1:a4:28:20:76:e3:61:d4:b0:ca:27:4e:33:4c:58:d4:62:
a7:b1:ea:98:cf:2a:54:1f:df:83:bf:14:ed:4f:b6:bb:36:d5:
04:b6:61:7c:4c:51:bc:92:18:ba:41:9d:2f:10:87:bb:ef:15:
76:a4:ab:70:9e:37:6d:19:42:d9:62:49:3b:4e:97:1e:ea:9b:
bc:08:d2:32:f2:1e:d6:d4:55:00:fe:90:f6:6d:1a:7e:5b:f4:
ac:17:2e:8d:f9:16:b2:df:7f:aa:f5:40:9f:9e:4d:b2:8a:a4:
2a:a8:d4:21:c2:c9:65:bf:5f:83:a7:1b:7b:68:a9:44:0a:56:
82:6c:10:40
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvy7PamqRy2rm1G0/x8GPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTJlYWU5ZTExNjk5ZTRjZTcxMDU4MDUxOTc3NmMzMDAy
OTYxNjIwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzkwMTk3YjNkNjk3OGJkMzc5Y2Y4NDkyYWZhZDZkYzBiMGQ5ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIV8cvFmzhGfvDGiYF9Hu0MBW8UJ
Igm+zMXC2ixQup7rlYfflflsZX3jXoIiBDwECTOJ45rq0ZkqH2Hs/f+ZQNViyiOu
ZM9YFSSiTdzidp5CtMYv1IfMQ1arVqUu1jnqbbnsa8mohBAkEegKgn6GCMigWRMB
JhLTAAEAYI+gr5keg7bNED2zPnsYoEtKisFk+LbtdGk+L5AZrIAbT7sF14/0AgW0
t6ya7G0HPJvpPF9iqPcZW87yRvSofGiPW/HB6CEzmL3jQT/zwqA53CsHtI/bL851
Ya9pm94CDKaNtIJQO5JBpJaUE0XjuUkgSaezq54C1KxrPyDw8tR8hdRyZwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFyQGXs9aXi9N5z4SSr61twLDZ9ZMB8GA1UdIwQY
MBaAFL2S6unhFpnkznEFgFGXdsMAKWFiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpMcTZlRVdtZVRPY1FXQVVaZDJ3d0FwWVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80N2QyMTMtMjZkYS00NzFhLTk2Y2Qt
YzhhOWNhYTNiYmU5LzEvWEpBWmV6MXBlTDAzblBoSkt2clczQXNObjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80N2QyMTMtMjZkYS00NzFhLTk2Y2QtYzhhOWNhYTNiYmU5
LzEvdlpMcTZlRVdtZVRPY1FXQVVaZDJ3d0FwWVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwRobAwQA
wpmAMA8EAgACMAkDBwAgAQZ8IYwwDQYJKoZIhvcNAQELBQADggEBAFo4v+86JjVt
JOh26Y9c3GyqHTK3y4BWpcoRJV2yS+5PJAtaFVb72xuHfTSr5qmF9u9xv/BsSsnR
nhjooTBa4SNXP9QIp9dKZoKoFo0gf04JJVl8Xq0XMgkeNtqZKKIZFkMBd1xfesFm
E8UL6F8g8HNCOAGTE9L8qEOizX6LnAThpCggduNh1LDKJ04zTFjUYqex6pjPKlQf
34O/FO1Ptrs21QS2YXxMUbySGLpBnS8Qh7vvFXakq3CeN20ZQtliSTtOlx7qm7wI
0jLyHtbUVQD+kPZtGn5b9KwXLo35FrLff6r1QJ+eTbKKpCqo1CHCyWW/X4OnG3to
qUQKVoJsEEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org