Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XORKwMqdbNTlkGZy7I6OcF1sy6E.roa
File: XORKwMqdbNTlkGZy7I6OcF1sy6E.roa (raw, json)
Hash identifier: 8J59VdIVBJrcjXH0fL+NRGVZc5aiXHoLFYNFUw1ilUo=
Subject key identifier: 5C:E4:4A:C0:CA:9D:6C:D4:E5:90:66:72:EC:8E:8E:70:5D:6C:CB:A1
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 018EA5838AD0D7B33E0434529AE9A00922C3
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XORKwMqdbNTlkGZy7I6OcF1sy6E.roa
Signing time: Wed 03 Apr 2024 19:50:45 +0000
ROA not before: Wed 03 Apr 2024 19:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:bcc0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Apr 2024 09:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:83:8a:d0:d7:b3:3e:04:34:52:9a:e9:a0:09:22:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Apr 3 19:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ce44ac0ca9d6cd4e5906672ec8e8e705d6ccba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c3:14:12:b3:94:17:a8:d2:a8:26:33:14:58:
66:3a:2d:a6:d9:4d:0d:42:8b:44:25:58:b6:88:dc:
b3:c9:94:f6:4b:4f:74:5d:87:b0:0b:fa:ca:4a:e6:
fd:bd:3a:86:17:6d:7f:24:c2:7a:a6:42:da:54:62:
d4:72:8f:90:37:54:c2:ee:18:f8:32:77:cd:84:b8:
6b:d0:28:aa:33:d1:b4:38:0d:01:fd:3c:f9:a4:c0:
23:f6:dd:f9:9a:9d:1e:d9:c1:3d:55:eb:5c:48:70:
74:fb:bb:f1:87:e8:92:ef:b5:69:b3:8e:68:70:1f:
be:59:34:5f:de:65:61:bb:9f:32:0a:32:0d:38:77:
e9:ee:8b:49:53:23:8b:2a:66:7a:e5:1a:f9:2c:39:
aa:e4:f7:e8:e7:de:51:87:4b:bd:99:f2:b1:51:ce:
c8:6e:60:86:3f:f4:0f:34:d5:f9:89:9e:7c:0d:99:
a1:89:a9:63:df:c7:c7:22:34:42:7f:37:8b:6f:2f:
b8:38:ff:45:f7:3a:01:4e:83:29:e6:8c:3d:c7:bb:
7b:b5:b7:19:ce:db:c7:bd:c5:4b:db:65:08:ef:7b:
e0:2d:a1:dd:f3:bb:59:7f:3e:11:aa:04:9d:d4:8d:
d3:90:2d:2a:4c:85:b9:1d:8a:85:73:45:0b:3a:50:
0f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E4:4A:C0:CA:9D:6C:D4:E5:90:66:72:EC:8E:8E:70:5D:6C:CB:A1
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/XORKwMqdbNTlkGZy7I6OcF1sy6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bcc0::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:56:3c:b5:65:23:0e:da:4c:72:54:d4:4d:26:22:fd:82:1a:
78:10:ee:73:ab:c4:02:2e:b8:75:c0:41:04:16:05:e9:f0:67:
3c:09:71:11:6f:c9:39:e2:02:6f:d6:a8:5a:55:31:e3:9d:c9:
9c:bd:49:20:8e:70:9e:c0:c8:f1:3d:f4:38:6b:6a:5f:9c:b8:
64:84:01:e0:53:ed:5a:bf:cb:ed:33:bf:a2:39:e7:5a:fb:c2:
51:e4:58:54:47:ab:b4:76:54:98:d3:d2:29:bf:8c:6c:cf:7d:
a3:4f:4b:ec:b2:27:3b:64:c4:3d:23:31:82:b4:58:a5:7d:3c:
59:e6:1b:19:a2:50:80:5b:05:8f:93:40:f4:13:c3:c9:36:80:
bc:46:79:8f:c3:e5:99:a2:00:ad:91:fc:a7:f0:bd:60:66:ac:
b7:68:7c:53:37:b2:27:f7:07:8e:6c:69:43:56:ad:3f:38:b6:
fb:1e:93:04:7b:0a:bc:18:6e:4a:26:e8:2b:ed:8a:af:39:b6:
8c:08:e1:59:be:97:39:3c:4b:ce:62:4f:41:77:e1:7f:01:6e:
d4:95:cb:0c:cf:44:25:b7:ff:1b:3b:6e:cc:7b:f7:ff:53:7e:
d9:45:34:6f:47:60:25:9b:ee:2a:54:0c:44:f9:e0:18:2d:c7:
32:f9:92:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6lg4rQ17M+BDRSmumgCSLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwNDAzMTk1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U0NGFjMGNhOWQ2Y2Q0ZTU5MDY2NzJlYzhlOGU3MDVkNmNjYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMMUErOUF6jSqCYzFFhmOi2m2U0N
QotEJVi2iNyzyZT2S090XYewC/rKSub9vTqGF21/JMJ6pkLaVGLUco+QN1TC7hj4
MnfNhLhr0CiqM9G0OA0B/Tz5pMAj9t35mp0e2cE9VetcSHB0+7vxh+iS77Vps45o
cB++WTRf3mVhu58yCjINOHfp7otJUyOLKmZ65Rr5LDmq5Pfo595Rh0u9mfKxUc7I
bmCGP/QPNNX5iZ58DZmhialj38fHIjRCfzeLby+4OP9F9zoBToMp5ow9x7t7tbcZ
ztvHvcVL22UI73vgLaHd87tZfz4RqgSd1I3TkC0qTIW5HYqFc0ULOlAPiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFzkSsDKnWzU5ZBmcuyOjnBdbMuhMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvWE9SS3dNcWRiTlRsa0daeTdJNk9jRjFzeTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhO8wAMF
AyoT3UAwDQYJKoZIhvcNAQELBQADggEBAF9WPLVlIw7aTHJU1E0mIv2CGngQ7nOr
xAIuuHXAQQQWBenwZzwJcRFvyTniAm/WqFpVMeOdyZy9SSCOcJ7AyPE99Dhral+c
uGSEAeBT7Vq/y+0zv6I551r7wlHkWFRHq7R2VJjT0im/jGzPfaNPS+yyJztkxD0j
MYK0WKV9PFnmGxmiUIBbBY+TQPQTw8k2gLxGeY/D5ZmiAK2R/KfwvWBmrLdofFM3
sif3B45saUNWrT84tvsekwR7CrwYbkom6Cvtiq85towI4Vm+lzk8S85iT0F34X8B
btSVywzPRCW3/xs7bsx79/9TftlFNG9HYCWb7ipUDET54BgtxzL5kro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org