Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XIkvY8wGjXHW5rbZjMlkyPtK-RA.roa
File: XIkvY8wGjXHW5rbZjMlkyPtK-RA.roa (raw, json)
Hash identifier: iSowN0ZAncSuhA1BqQ6sLJSUerUikB1+WYvdt0UD2eo=
Subject key identifier: 5C:89:2F:63:CC:06:8D:71:D6:E6:B6:D9:8C:C9:64:C8:FB:4A:F9:10
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0185711555F9CE87B52D813619D6B123CB6B
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XIkvY8wGjXHW5rbZjMlkyPtK-RA.roa
Signing time: Mon 02 Jan 2023 06:05:01 +0000
ROA not before: Mon 02 Jan 2023 06:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199410
IP address blocks: 217.153.154.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:55:f9:ce:87:b5:2d:81:36:19:d6:b1:23:cb:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c892f63cc068d71d6e6b6d98cc964c8fb4af910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:14:f6:95:12:81:92:0e:4b:8b:3c:ac:1f:21:
63:3b:07:d6:6c:26:a7:fe:09:66:c3:59:1a:cf:f8:
dc:23:a0:c0:8c:11:b1:d6:45:47:f0:79:6e:36:17:
7a:d7:7b:6c:c6:a0:0b:26:7e:82:7f:68:4f:e7:43:
89:84:bd:a3:ff:5c:aa:d0:3b:76:32:bc:81:46:eb:
5d:3d:93:cd:55:8e:c8:a8:9f:68:e5:2d:58:3d:ef:
a3:5a:d5:4e:8f:6d:f1:6b:b6:21:c9:dd:98:0a:e5:
34:73:cb:cf:c5:21:77:6c:04:bd:57:b9:65:9d:ff:
dd:7a:fc:c8:76:8c:c4:6a:ce:82:cd:0e:4f:82:ec:
c5:44:07:6e:c5:43:db:44:3d:b0:51:28:49:63:c6:
ff:7a:6f:92:7c:26:b0:9a:d7:3d:53:c8:d6:fb:ec:
68:da:62:31:68:79:e5:09:bb:f0:18:92:44:ae:01:
97:e7:c4:17:5b:89:ef:56:79:16:93:b6:de:7e:8d:
0a:21:3e:84:7f:d0:0d:87:72:8d:11:85:d6:c1:20:
f6:2d:e4:af:89:6a:e5:57:28:21:b4:2e:87:93:98:
d6:37:a8:bd:bc:ae:9d:c4:cd:0d:3c:9d:a2:6e:90:
a1:47:0f:62:5f:8a:c0:8a:cd:28:9b:7a:bb:e6:a7:
ab:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:89:2F:63:CC:06:8D:71:D6:E6:B6:D9:8C:C9:64:C8:FB:4A:F9:10
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XIkvY8wGjXHW5rbZjMlkyPtK-RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.153.154.0/23
Signature Algorithm: sha256WithRSAEncryption
18:37:b3:b4:d8:c9:54:2e:35:2a:98:0a:6f:af:94:02:b7:fe:
c5:8b:3d:0f:c7:e9:c1:69:b4:47:5c:3a:85:f4:b2:01:ad:f3:
c0:b8:62:f1:70:2f:47:62:4d:f5:62:b8:b7:ed:77:86:b6:71:
41:ab:83:94:bf:40:8f:a0:ab:ea:5b:a9:4c:3b:82:26:d4:bc:
74:f9:47:cd:be:9f:0b:27:8e:47:c7:df:28:85:f5:12:33:64:
c5:e5:6e:4d:d3:af:4a:ac:ab:28:c0:88:2a:9a:54:24:86:d2:
3d:8f:07:46:17:d4:02:67:a3:b5:a0:10:0f:ba:f3:ea:6f:53:
04:9e:a8:49:ae:c8:c3:a9:bc:a5:e5:66:69:ae:90:72:c9:09:
8c:8d:db:ad:33:f9:90:44:ff:1a:16:c9:8a:22:ca:93:9d:65:
70:c0:f0:e9:10:90:9b:09:ac:1f:7c:fe:0c:9b:96:fe:88:4d:
41:38:ce:82:51:a3:a0:6a:f9:dd:a7:2e:6a:3d:d6:d7:3f:bf:
e0:1b:07:5b:1c:7d:e7:e3:a1:57:f0:18:0a:44:df:f9:75:b0:
28:1c:3e:61:ee:32:38:70:bd:76:81:72:0c:d7:22:2d:0f:48:
77:01:1d:aa:4a:c5:fb:76:43:14:65:0c:d8:5a:08:4f:21:eb:
dd:2a:49:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVX5zoe1LYE2GdaxI8trMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg5MmY2M2NjMDY4ZDcxZDZlNmI2ZDk4Y2M5NjRjOGZiNGFmOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhT2lRKBkg5LizysHyFjOwfWbCan
/glmw1kaz/jcI6DAjBGx1kVH8HluNhd613tsxqALJn6Cf2hP50OJhL2j/1yq0Dt2
MryBRutdPZPNVY7IqJ9o5S1YPe+jWtVOj23xa7Yhyd2YCuU0c8vPxSF3bAS9V7ll
nf/devzIdozEas6CzQ5PguzFRAduxUPbRD2wUShJY8b/em+SfCawmtc9U8jW++xo
2mIxaHnlCbvwGJJErgGX58QXW4nvVnkWk7befo0KIT6Ef9ANh3KNEYXWwSD2LeSv
iWrlVyghtC6Hk5jWN6i9vK6dxM0NPJ2ibpChRw9iX4rAis0om3q75qerBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyJL2PMBo1x1ua22YzJZMj7SvkQMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvWElrdlk4d0dqWEhXNXJiWmpNbGt5UHRLLVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZmaMA0G
CSqGSIb3DQEBCwUAA4IBAQAYN7O02MlULjUqmApvr5QCt/7Fiz0Px+nBabRHXDqF
9LIBrfPAuGLxcC9HYk31Yri37XeGtnFBq4OUv0CPoKvqW6lMO4Im1Lx0+UfNvp8L
J45Hx98ohfUSM2TF5W5N069KrKsowIgqmlQkhtI9jwdGF9QCZ6O1oBAPuvPqb1ME
nqhJrsjDqbyl5WZprpByyQmMjdutM/mQRP8aFsmKIsqTnWVwwPDpEJCbCawffP4M
m5b+iE1BOM6CUaOgavndpy5qPdbXP7/gGwdbHH3n46FX8BgKRN/5dbAoHD5h7jI4
cL12gXIM1yItD0h3AR2qSsX7dkMUZQzYWghPIevdKkn4
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org