Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XGt96oxeZFJFskvRkvCDCnCDCqA.roa
File: XGt96oxeZFJFskvRkvCDCnCDCqA.roa (raw, json)
Hash identifier: MUFU43aNMJO4v1U0K/LbJqUyVNJELBJs4C1/wXvkEU4=
Subject key identifier: 5C:6B:7D:EA:8C:5E:64:52:45:B2:4B:D1:92:F0:83:0A:70:83:0A:A0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BC7EB6FF7EF6848CA37CB80598BC2B877
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XGt96oxeZFJFskvRkvCDCnCDCqA.roa
Signing time: Mon 13 Nov 2023 09:02:57 +0000
ROA not before: Mon 13 Nov 2023 09:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.82.0/24 maxlen: 24
2a0b:64c6::/32 maxlen: 32
2a10:7400::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:eb:6f:f7:ef:68:48:ca:37:cb:80:59:8b:c2:b8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 13 09:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c6b7dea8c5e645245b24bd192f0830a70830aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:62:70:29:5b:a3:72:31:a5:6e:f7:30:4d:01:
fd:a1:c8:eb:01:b7:91:c3:b1:9d:6c:b7:2d:91:c8:
cf:28:76:eb:d4:24:77:83:ea:ae:13:0f:f8:6d:8a:
a4:d5:eb:f2:bd:4e:7d:b0:07:34:fd:b9:1c:1e:43:
b6:7c:6f:8d:25:90:2c:47:e3:d1:e2:bf:e0:62:15:
b6:a3:76:dc:f3:7a:17:d2:07:04:47:42:53:62:67:
b7:b5:c5:da:f4:8b:e5:cc:c9:75:4f:34:0b:f9:64:
de:4c:99:24:e9:7f:05:42:36:61:98:1c:fd:28:a6:
15:c2:c4:22:ca:8d:bb:61:e9:45:1a:98:a1:5b:53:
bf:63:50:90:8a:f7:4f:40:84:f4:6a:bf:14:8d:94:
a2:42:ff:96:65:4c:b4:30:13:56:d1:8f:52:02:28:
8b:75:46:d2:71:4e:91:bd:48:e3:26:88:50:cc:8d:
64:f8:24:3b:8f:f2:30:dc:27:31:1a:e0:c9:a2:3c:
18:a7:34:d0:d9:57:e7:71:25:83:06:e5:c7:7e:1c:
4d:40:e9:31:74:8c:f7:7a:4d:c2:e9:63:3b:4d:5a:
f4:7a:c8:c1:8c:a1:07:e4:f4:1c:e8:c5:02:25:1c:
04:07:70:ad:a9:4f:6d:e5:2f:90:d7:c5:1f:57:83:
a9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6B:7D:EA:8C:5E:64:52:45:B2:4B:D1:92:F0:83:0A:70:83:0A:A0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XGt96oxeZFJFskvRkvCDCnCDCqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.82.0/24
IPv6:
2a0b:64c6::/32
2a10:7400::/32
Signature Algorithm: sha256WithRSAEncryption
5b:c7:83:8e:49:96:5a:f6:4e:da:c1:92:61:62:24:37:fc:a1:
97:5b:1e:4e:ec:49:fb:2f:ff:1c:d8:77:19:a3:5d:d7:54:a1:
f1:87:ad:b3:97:32:d4:ae:5f:97:15:53:f0:74:2e:18:22:f0:
29:e4:f2:6d:45:71:c9:9c:88:79:99:27:e3:ca:9a:3d:69:3a:
04:35:8a:11:a7:3a:c2:7f:b3:25:02:f4:b6:ce:81:06:59:f1:
fc:3f:90:66:8e:84:30:1b:e2:ad:0b:0c:20:a7:87:16:f0:da:
12:d7:52:24:e2:27:7d:88:f7:e7:fd:e2:cb:e8:50:9f:1a:7a:
7a:09:f8:c8:f8:d0:0d:80:b1:ce:0d:20:04:02:db:d9:92:a2:
fd:eb:00:93:79:e4:bc:4b:bd:b2:6e:e2:8b:b6:b4:67:29:5d:
ad:b5:01:31:4b:2a:e7:dd:e0:4f:36:b0:60:3a:df:ea:2d:5d:
57:d1:9f:2c:f1:c9:7b:58:55:37:9d:f0:1b:33:97:62:e7:cd:
36:5c:6c:e8:9f:32:72:31:3f:21:90:40:80:ab:d8:09:cf:6c:
9b:69:56:a2:55:43:21:6f:3f:d1:20:58:1b:23:6a:c4:39:63:
61:12:3b:b7:96:37:6b:cf:2d:e3:0f:14:f6:db:70:dc:22:f0:
8e:88:82:dd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYvH62/372hIyjfLgFmLwrh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTEzMDkwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZiN2RlYThjNWU2NDUyNDViMjRiZDE5MmYwODMwYTcwODMwYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GJwKVujcjGlbvcwTQH9ocjrAbeR
w7GdbLctkcjPKHbr1CR3g+quEw/4bYqk1evyvU59sAc0/bkcHkO2fG+NJZAsR+PR
4r/gYhW2o3bc83oX0gcER0JTYme3tcXa9IvlzMl1TzQL+WTeTJkk6X8FQjZhmBz9
KKYVwsQiyo27YelFGpihW1O/Y1CQivdPQIT0ar8UjZSiQv+WZUy0MBNW0Y9SAiiL
dUbScU6RvUjjJohQzI1k+CQ7j/Iw3CcxGuDJojwYpzTQ2VfncSWDBuXHfhxNQOkx
dIz3ek3C6WM7TVr0esjBjKEH5PQc6MUCJRwEB3CtqU9t5S+Q18UfV4OpmQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFxrfeqMXmRSRbJL0ZLwgwpwgwqgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWEd0OTZveGVaRkpGc2t2Umt2Q0RDbkNEQ3FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQALYJSMBQE
AgACMA4DBQAqC2TGAwUAKhB0ADANBgkqhkiG9w0BAQsFAAOCAQEAW8eDjkmWWvZO
2sGSYWIkN/yhl1seTuxJ+y//HNh3GaNd11Sh8Yets5cy1K5flxVT8HQuGCLwKeTy
bUVxyZyIeZkn48qaPWk6BDWKEac6wn+zJQL0ts6BBlnx/D+QZo6EMBvirQsMIKeH
FvDaEtdSJOInfYj35/3iy+hQnxp6egn4yPjQDYCxzg0gBALb2ZKi/esAk3nkvEu9
sm7ii7a0ZyldrbUBMUsq593gTzawYDrf6i1dV9GfLPHJe1hVN53wGzOXYufNNlxs
6J8ycjE/IZBAgKvYCc9sm2lWolVDIW8/0SBYGyNqxDljYRI7t5Y3a88t4w8U9ttw
3CLwjoiC3Q==
-----END CERTIFICATE-----
Generated at Fri Dec 29 08:55:16 2023 by rpki-client on console-ams.rpki-client.org