Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/XTWJHToXgyZ3HFcKlXU5fK55LK8.roa
File: XTWJHToXgyZ3HFcKlXU5fK55LK8.roa (raw, json)
Hash identifier: uynVknYu+ugf78saRD/qAoZTH/GAkDkpH6kfeu4S1vk=
Subject key identifier: 5D:35:89:1D:3A:17:83:26:77:1C:57:0A:95:75:39:7C:AE:79:2C:AF
Certificate issuer: /CN=230340d27e4b24f9124977322edb36942e2d160c
Certificate serial: 01857102DA061A8ADDD1C19313152D8FCDA9
Authority key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/XTWJHToXgyZ3HFcKlXU5fK55LK8.roa
Signing time: Mon 02 Jan 2023 05:44:50 +0000
ROA not before: Mon 02 Jan 2023 05:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208930
IP address blocks: 81.6.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:da:06:1a:8a:dd:d1:c1:93:13:15:2d:8f:cd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230340d27e4b24f9124977322edb36942e2d160c
Validity
Not Before: Jan 2 05:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d35891d3a178326771c570a9575397cae792caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e0:ae:cb:3d:e7:82:d5:85:42:c6:c4:b5:a4:
bc:63:0b:f1:34:6e:98:66:17:15:41:d3:06:0a:ed:
1e:ae:56:1f:34:eb:47:71:02:d3:6d:59:c6:e6:f0:
7e:ae:74:dd:8e:cb:65:a2:76:8b:44:c5:97:48:a8:
e9:0c:05:7b:81:85:5a:54:69:8a:26:84:1e:bc:2d:
b9:29:34:6e:4e:e8:2f:ec:eb:3a:91:71:b8:0e:95:
a8:01:4e:72:f7:6e:fb:95:03:63:ee:b0:d3:f6:34:
30:5e:32:9e:d9:d7:80:27:4e:b4:48:80:d7:ad:b2:
ce:12:d4:c7:fb:50:c3:4e:66:0d:fe:08:77:e0:d7:
7d:74:47:8b:4f:db:bb:38:c8:44:15:86:46:2d:dd:
e1:f1:62:b1:e5:70:02:00:c0:5d:b9:fc:5f:e7:99:
1f:55:da:b2:1f:c5:f3:3f:ad:67:79:14:fb:66:18:
40:dd:38:80:77:46:8b:78:ea:51:90:2b:90:2b:c2:
9b:50:46:48:d6:b0:2d:22:18:ee:3d:ab:c1:24:37:
68:28:c8:0c:4b:40:28:ca:eb:d7:73:58:60:da:9a:
c7:41:b9:01:0e:e9:8c:2e:4c:05:5c:9d:e4:50:c5:
bc:9b:b0:0a:c8:ae:b0:30:5f:09:01:f2:9f:66:aa:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:35:89:1D:3A:17:83:26:77:1C:57:0A:95:75:39:7C:AE:79:2C:AF
X509v3 Authority Key Identifier:
keyid:23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/XTWJHToXgyZ3HFcKlXU5fK55LK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.6.136.0/24
Signature Algorithm: sha256WithRSAEncryption
02:8f:43:a6:87:40:8c:4d:e4:8f:a7:66:2f:88:7d:ab:d1:f2:
75:2a:a8:d4:ba:0a:ee:1c:45:94:f1:94:25:ae:1c:4d:6f:25:
fd:54:93:3c:c0:86:b7:b2:1a:c0:a1:d5:71:4c:fc:7e:09:6f:
ae:0d:d3:29:65:67:56:8b:d0:91:61:48:0f:4e:3f:97:7c:9b:
9e:50:3e:33:2f:e7:7f:59:20:00:70:a6:65:36:b2:d5:74:5b:
d9:4e:f6:59:6b:c3:f5:cc:94:91:59:59:d1:21:c6:2b:fe:f2:
6a:df:9d:6d:d1:df:18:85:77:60:d1:ec:58:cb:24:b5:c1:6e:
cc:ef:e2:43:8f:a4:c7:0b:06:bb:25:f2:df:2a:1f:ed:fe:40:
b7:c0:1a:b8:c0:a0:ee:1b:f1:cb:9b:67:63:eb:52:8f:35:58:
b1:27:7c:ba:7a:1f:b5:9b:2c:1e:b9:13:2a:f8:49:f2:c5:c2:
90:74:71:6d:e6:ba:0c:ce:0f:4a:ee:50:2e:75:23:af:74:ca:
27:6a:bd:2e:45:8a:12:fe:ed:79:66:52:ee:2b:d5:e7:45:c1:
16:32:a7:3f:b2:d1:86:46:7f:c8:19:40:cc:a9:fb:88:0a:2b:
93:58:bc:02:3b:ad:b0:db:a5:a4:6b:cf:88:b1:47:05:2b:39:
75:2d:3b:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAtoGGord0cGTExUtj82pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDM0MGQyN2U0YjI0ZjkxMjQ5NzczMjJlZGIzNjk0MmUy
ZDE2MGMwHhcNMjMwMTAyMDU0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM1ODkxZDNhMTc4MzI2NzcxYzU3MGE5NTc1Mzk3Y2FlNzkyY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+Cuyz3ngtWFQsbEtaS8YwvxNG6Y
ZhcVQdMGCu0erlYfNOtHcQLTbVnG5vB+rnTdjstlonaLRMWXSKjpDAV7gYVaVGmK
JoQevC25KTRuTugv7Os6kXG4DpWoAU5y9277lQNj7rDT9jQwXjKe2deAJ060SIDX
rbLOEtTH+1DDTmYN/gh34Nd9dEeLT9u7OMhEFYZGLd3h8WKx5XACAMBdufxf55kf
VdqyH8XzP61neRT7ZhhA3TiAd0aLeOpRkCuQK8KbUEZI1rAtIhjuPavBJDdoKMgM
S0AoyuvXc1hg2prHQbkBDumMLkwFXJ3kUMW8m7AKyK6wMF8JAfKfZqqLrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF01iR06F4MmdxxXCpV1OXyueSyvMB8GA1UdIwQY
MBaAFCMDQNJ+SyT5Ekl3Mi7bNpQuLRYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAt
YjU3MDkwN2I1OWViLzEvWFRXSkhUb1hneVozSEZjS2xYVTVmSzU1TEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAtYjU3MDkwN2I1OWVi
LzEvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQaIMA0G
CSqGSIb3DQEBCwUAA4IBAQACj0Omh0CMTeSPp2YviH2r0fJ1KqjUugruHEWU8ZQl
rhxNbyX9VJM8wIa3shrAodVxTPx+CW+uDdMpZWdWi9CRYUgPTj+XfJueUD4zL+d/
WSAAcKZlNrLVdFvZTvZZa8P1zJSRWVnRIcYr/vJq351t0d8YhXdg0exYyyS1wW7M
7+JDj6THCwa7JfLfKh/t/kC3wBq4wKDuG/HLm2dj61KPNVixJ3y6eh+1myweuRMq
+EnyxcKQdHFt5roMzg9K7lAudSOvdMonar0uRYoS/u15ZlLuK9XnRcEWMqc/stGG
Rn/IGUDMqfuICiuTWLwCO62w26Wka8+IsUcFKzl1LTtZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:21 2024 by rpki-client on console-fra.rpki-client.org