Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/XWQ8y939YNWWSdFWvYi-u2Bv8SE.roa
File: XWQ8y939YNWWSdFWvYi-u2Bv8SE.roa (raw, json)
Hash identifier: cdt6jFEacecXDsq4zbfGxG1qiCfOCeOPt8KZFLqjDIg=
Subject key identifier: 5D:64:3C:CB:DD:FD:60:D5:96:49:D1:56:BD:88:BE:BB:60:6F:F1:21
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 01856BAECC170B35510E473732B3CA76F12A
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/XWQ8y939YNWWSdFWvYi-u2Bv8SE.roa
Signing time: Sun 01 Jan 2023 04:54:55 +0000
ROA not before: Sun 01 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11588
IP address blocks: 2001:4de0:4202::/47 maxlen: 47
2001:4de0:2400::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:cc:17:0b:35:51:0e:47:37:32:b3:ca:76:f1:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d643ccbddfd60d59649d156bd88bebb606ff121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:37:88:e6:7d:0e:5e:4e:f5:46:58:87:9e:e5:
b9:5d:81:1b:04:bf:23:28:f5:8b:70:e7:50:77:b0:
63:da:fe:56:74:dc:b4:ba:3e:9f:ce:93:54:c8:81:
24:a2:28:5b:db:19:61:64:e7:b4:14:d0:d6:ce:5c:
b7:3d:7c:53:ce:02:28:2e:5b:58:84:46:c2:1b:c9:
19:15:48:80:c1:ca:7b:5a:1c:5e:b4:f8:ce:46:66:
d1:da:4e:2f:5e:87:db:b0:82:3a:46:6c:81:94:a9:
94:37:7a:98:18:3a:dc:22:74:9b:ca:67:25:1c:e7:
01:20:d9:f2:33:35:ec:1e:23:8f:18:44:22:c0:f1:
77:d9:d4:ca:42:78:3c:3f:46:75:ef:50:df:91:cf:
37:93:0f:48:d6:e0:da:04:ca:45:bc:a8:0b:9e:c4:
88:98:ee:f2:e8:25:bd:72:64:09:01:8d:02:d4:b4:
e0:37:9a:97:ce:67:e4:d6:d1:22:79:f9:3e:88:e5:
25:b0:52:f4:93:ec:8d:04:74:2b:ca:f7:0c:1a:54:
b3:ef:9f:c8:6c:53:a8:4e:f3:5c:d4:42:ae:c8:f5:
72:83:a4:98:03:80:01:3c:f5:ff:39:6a:42:87:c6:
f6:f5:59:17:66:a6:ad:c3:9f:04:44:8d:bd:78:08:
f0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:64:3C:CB:DD:FD:60:D5:96:49:D1:56:BD:88:BE:BB:60:6F:F1:21
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/XWQ8y939YNWWSdFWvYi-u2Bv8SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2400::/40
2001:4de0:4202::/47
Signature Algorithm: sha256WithRSAEncryption
a5:02:63:d6:5b:c0:03:0e:7b:3c:40:e3:db:55:f3:67:4a:8b:
67:42:b3:c6:76:87:75:93:35:b2:8b:e6:89:8d:e1:15:41:79:
5d:77:f5:1f:b4:57:91:bc:70:8d:f9:55:e0:07:d5:8e:af:64:
d9:a0:9b:58:62:78:17:c0:ee:20:fa:e1:dd:62:0f:7e:5c:a7:
0c:60:79:fb:b4:6d:41:31:09:1c:53:24:68:ba:51:b9:ba:e9:
40:62:69:d5:ed:b9:c0:ef:6d:65:49:24:54:3e:c1:4b:9a:bb:
1c:fa:36:cf:7e:9a:d3:3f:8d:1d:f2:39:42:51:db:4a:89:a8:
95:8e:3c:a5:12:41:ce:99:32:76:26:cb:3f:71:4a:fb:70:1e:
29:f7:e4:c5:14:3e:ad:ef:99:0b:96:23:36:b0:6b:a6:31:23:
65:2e:ad:fb:a3:19:a4:51:4d:f7:a2:00:28:ba:c6:c2:53:b8:
4e:2a:28:3d:86:28:61:ad:f0:72:ce:34:74:ec:94:20:3f:29:
bb:ef:55:4c:ef:57:10:ed:4d:1d:80:fd:9d:e8:a7:c1:90:39:
ae:6d:02:22:c6:96:4d:15:39:af:f9:af:f3:8a:9b:55:29:7f:
83:00:71:d7:ec:78:3f:e4:bf:d8:0d:1c:8c:99:71:23:e7:e6:
a9:b8:d4:da
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVrrswXCzVRDkc3MrPKdvEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjMwMTAxMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY0M2NjYmRkZmQ2MGQ1OTY0OWQxNTZiZDg4YmViYjYwNmZmMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDeI5n0OXk71RliHnuW5XYEbBL8j
KPWLcOdQd7Bj2v5WdNy0uj6fzpNUyIEkoihb2xlhZOe0FNDWzly3PXxTzgIoLltY
hEbCG8kZFUiAwcp7WhxetPjORmbR2k4vXofbsII6RmyBlKmUN3qYGDrcInSbymcl
HOcBINnyMzXsHiOPGEQiwPF32dTKQng8P0Z171Dfkc83kw9I1uDaBMpFvKgLnsSI
mO7y6CW9cmQJAY0C1LTgN5qXzmfk1tEiefk+iOUlsFL0k+yNBHQryvcMGlSz75/I
bFOoTvNc1EKuyPVyg6SYA4ABPPX/OWpCh8b29VkXZqatw58ERI29eAjwwQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFF1kPMvd/WDVlknRVr2Ivrtgb/EhMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvWFdROHk5MzlZTldXU2RGV3ZZaS11MkJ2OFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAIAFN4CQD
BwEgAU3gQgIwDQYJKoZIhvcNAQELBQADggEBAKUCY9ZbwAMOezxA49tV82dKi2dC
s8Z2h3WTNbKL5omN4RVBeV139R+0V5G8cI35VeAH1Y6vZNmgm1hieBfA7iD64d1i
D35cpwxgefu0bUExCRxTJGi6Ubm66UBiadXtucDvbWVJJFQ+wUuauxz6Ns9+mtM/
jR3yOUJR20qJqJWOPKUSQc6ZMnYmyz9xSvtwHin35MUUPq3vmQuWIzawa6YxI2Uu
rfujGaRRTfeiACi6xsJTuE4qKD2GKGGt8HLONHTslCA/KbvvVUzvVxDtTR2A/Z3o
p8GQOa5tAiLGlk0VOa/5r/OKm1Upf4MAcdfseD/kv9gNHIyZcSPn5qm41No=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org