Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/xgJCf-dT08RiE_KG4sHNlhfy-9A.roa
File: xgJCf-dT08RiE_KG4sHNlhfy-9A.roa (raw, json)
Hash identifier: 1fKvYkYWHUh8VRKn/WxEHRW9RwMt3S54bRyNxz0x0Wc=
Subject key identifier: C6:02:42:7F:E7:53:D3:C4:62:13:F2:86:E2:C1:CD:96:17:F2:FB:D0
Certificate issuer: /CN=d33b32e05d0a85dbd4450f37a73e7fa1f6100afc
Certificate serial: 018CCA99437951623E4DE5000D5C6E612C4C
Authority key identifier: D3:3B:32:E0:5D:0A:85:DB:D4:45:0F:37:A7:3E:7F:A1:F6:10:0A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zsy4F0KhdvURQ83pz5_ofYQCvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/xgJCf-dT08RiE_KG4sHNlhfy-9A.roa
Signing time: Tue 02 Jan 2024 14:34:51 +0000
ROA not before: Tue 02 Jan 2024 14:34:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57644
IP address blocks: 2a13:57c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 14 Feb 2024 06:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:43:79:51:62:3e:4d:e5:00:0d:5c:6e:61:2c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d33b32e05d0a85dbd4450f37a73e7fa1f6100afc
Validity
Not Before: Jan 2 14:34:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c602427fe753d3c46213f286e2c1cd9617f2fbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1b:1a:e9:f4:98:c2:d8:4b:01:6d:83:ae:49:
b5:f0:38:41:9a:36:75:04:21:a3:80:f1:d7:d0:88:
d7:98:19:57:ac:7a:01:01:36:ed:71:1c:a4:4d:38:
c0:f3:2a:55:64:fb:04:d7:34:37:2a:c5:7b:33:27:
d1:60:4a:43:19:be:eb:fe:aa:2d:0d:56:f7:d4:64:
a8:53:6c:41:18:73:f8:07:0e:ee:17:d3:01:db:40:
86:54:f8:9f:6f:04:46:ce:95:4b:a9:f6:ac:ac:b0:
14:d4:d7:71:64:9c:fd:a0:cb:d9:18:d2:7a:7c:3c:
42:f7:cc:68:b5:8e:2d:71:af:9f:77:33:e1:7d:ec:
ea:56:7a:fa:dd:73:68:af:98:9a:a6:2d:da:df:ab:
9b:01:06:2f:f9:41:a4:73:ff:5b:e0:b5:cb:0e:6d:
e5:8c:8f:2c:67:e7:0d:12:7e:e1:6e:d7:a7:4a:93:
94:ad:48:f3:f1:b3:c5:d3:07:16:b5:15:96:85:eb:
b4:fe:ce:56:4e:fc:c0:14:6f:df:f1:d7:c5:32:53:
9b:c7:55:46:04:04:af:dc:b2:f6:95:89:25:8f:a1:
1f:10:37:46:e7:21:40:06:a7:e9:d0:bc:9e:d3:f4:
4e:e2:80:27:da:da:a5:09:ac:1a:b3:fa:d9:f5:f2:
e9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:02:42:7F:E7:53:D3:C4:62:13:F2:86:E2:C1:CD:96:17:F2:FB:D0
X509v3 Authority Key Identifier:
keyid:D3:3B:32:E0:5D:0A:85:DB:D4:45:0F:37:A7:3E:7F:A1:F6:10:0A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zsy4F0KhdvURQ83pz5_ofYQCvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/xgJCf-dT08RiE_KG4sHNlhfy-9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/0zsy4F0KhdvURQ83pz5_ofYQCvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:57c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:70:60:93:af:05:16:34:12:f3:30:1f:c2:48:5f:84:2a:12:
2b:fe:95:69:1a:97:0d:b2:5b:d7:d5:18:f9:bc:b1:ea:ee:dd:
38:cd:23:c6:d4:2d:8d:9b:68:88:e4:4e:58:de:3a:c2:d5:84:
2b:b8:56:35:ec:0e:f1:3b:c5:a0:2c:96:d6:90:cb:e5:85:49:
e9:14:60:1b:94:d8:0c:6e:d9:b5:f8:09:ff:ec:27:91:3a:6f:
c6:c7:3a:d1:76:9a:83:ee:83:12:f0:1b:a0:92:d0:58:ca:fd:
8c:f1:01:96:07:cb:3e:9c:c5:c4:10:e7:4a:c9:cb:f2:02:9e:
c2:1f:22:3a:fa:cf:d4:28:c5:3d:01:c2:5d:e1:6d:8e:24:f5:
2d:09:f3:ff:5e:13:3f:74:d7:ab:e2:07:11:13:e4:57:08:0b:
11:4e:b7:bd:d6:fc:20:7c:cd:c0:38:0f:f9:8a:48:f4:5d:d1:
68:af:81:9a:37:56:5d:02:d0:9b:31:3e:41:8f:c7:98:6a:31:
30:8b:08:80:80:5e:99:f9:e1:44:2d:3f:64:3f:6b:2b:a8:69:
28:ae:33:71:2f:db:63:98:35:26:2a:83:04:b1:72:ab:1c:63:
fb:eb:44:81:61:ed:37:96:e0:47:6a:47:2d:5b:51:0a:cc:01:
9b:59:b5:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKmUN5UWI+TeUADVxuYSxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzM2IzMmUwNWQwYTg1ZGJkNDQ1MGYzN2E3M2U3ZmExZjYx
MDBhZmMwHhcNMjQwMTAyMTQzNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAyNDI3ZmU3NTNkM2M0NjIxM2YyODZlMmMxY2Q5NjE3ZjJmYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhsa6fSYwthLAW2Drkm18DhBmjZ1
BCGjgPHX0IjXmBlXrHoBATbtcRykTTjA8ypVZPsE1zQ3KsV7MyfRYEpDGb7r/qot
DVb31GSoU2xBGHP4Bw7uF9MB20CGVPifbwRGzpVLqfasrLAU1NdxZJz9oMvZGNJ6
fDxC98xotY4tca+fdzPhfezqVnr63XNor5iapi3a36ubAQYv+UGkc/9b4LXLDm3l
jI8sZ+cNEn7hbtenSpOUrUjz8bPF0wcWtRWWheu0/s5WTvzAFG/f8dfFMlObx1VG
BASv3LL2lYklj6EfEDdG5yFABqfp0Lye0/RO4oAn2tqlCawas/rZ9fLpDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMYCQn/nU9PEYhPyhuLBzZYX8vvQMB8GA1UdIwQY
MBaAFNM7MuBdCoXb1EUPN6c+f6H2EAr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpzeTRGMEtoZHZVUlE4M3B6NV9vZllRQ3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jZjg3OTEtOTk4MC00Yzc5LTljMjgt
MGUxNmJhZWY3MTEzLzEveGdKQ2YtZFQwOFJpRV9LRzRzSE5saGZ5LTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jZjg3OTEtOTk4MC00Yzc5LTljMjgtMGUxNmJhZWY3MTEz
LzEvMHpzeTRGMEtoZHZVUlE4M3B6NV9vZllRQ3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNXwDAN
BgkqhkiG9w0BAQsFAAOCAQEACXBgk68FFjQS8zAfwkhfhCoSK/6VaRqXDbJb19UY
+byx6u7dOM0jxtQtjZtoiOROWN46wtWEK7hWNewO8TvFoCyW1pDL5YVJ6RRgG5TY
DG7ZtfgJ/+wnkTpvxsc60Xaag+6DEvAboJLQWMr9jPEBlgfLPpzFxBDnSsnL8gKe
wh8iOvrP1CjFPQHCXeFtjiT1LQnz/14TP3TXq+IHERPkVwgLEU63vdb8IHzNwDgP
+YpI9F3RaK+BmjdWXQLQmzE+QY/HmGoxMIsIgIBemfnhRC0/ZD9rK6hpKK4zcS/b
Y5g1JiqDBLFyqxxj++tEgWHtN5bgR2pHLVtRCswBm1m1ig==
-----END CERTIFICATE-----
Generated at Wed Feb 14 09:35:29 2024 by rpki-client on console-fra.rpki-client.org