Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XBNZmD_1-AM-6Xx-HvLno2m_Kdo.roa
File: XBNZmD_1-AM-6Xx-HvLno2m_Kdo.roa (raw, json)
Hash identifier: RRWW+fn0v+vn4gaDoidDxcmsjwdbCC7XemUNvC1KocI=
Subject key identifier: 5C:13:59:98:3F:F5:F8:03:3E:E9:7C:7E:1E:F2:E7:A3:69:BF:29:DA
Certificate issuer: /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial: 018570D512E4CC71CF07258F7225DE213883
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XBNZmD_1-AM-6Xx-HvLno2m_Kdo.roa
Signing time: Mon 02 Jan 2023 04:54:50 +0000
ROA not before: Mon 02 Jan 2023 04:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35297
IP address blocks: 91.209.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:12:e4:cc:71:cf:07:25:8f:72:25:de:21:38:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Validity
Not Before: Jan 2 04:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c1359983ff5f8033ee97c7e1ef2e7a369bf29da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:ce:df:d6:74:78:1c:68:b4:3c:0e:64:8f:
d7:f0:de:99:0c:e1:15:a5:bd:19:54:ae:1f:c6:62:
60:0b:bc:c0:a3:af:be:21:72:7e:f4:8c:88:88:5a:
d3:e4:1d:fd:e9:22:f2:48:ae:b8:0e:db:d1:d7:61:
c7:f9:27:65:a6:52:4d:53:0d:d7:bb:ca:ae:ce:01:
b5:79:55:5e:ac:8e:f0:44:df:bd:62:38:11:bc:5f:
ab:98:a3:39:9e:98:86:d0:aa:c7:8f:15:07:1e:73:
92:c5:65:88:a0:d3:54:0b:0f:37:bb:24:0c:82:fc:
cd:52:f7:86:f0:99:57:aa:2f:9c:03:56:49:8c:bf:
a8:94:b9:da:d5:6e:d8:01:e4:4a:27:5a:53:9a:67:
82:ba:98:35:5a:30:da:f4:50:9a:41:ca:3d:49:63:
34:8f:2d:28:82:5d:31:8d:50:cd:4d:3d:bc:93:c8:
e1:dd:0f:51:c5:d9:dd:26:19:7e:20:6e:35:b1:78:
cc:67:6e:48:18:1b:cc:df:fd:24:de:b6:e9:21:f6:
d7:7c:2e:fc:b6:e2:1c:5f:3f:ad:48:4f:b6:e3:bf:
ae:71:74:ef:d0:3d:12:d4:97:b5:db:5c:d0:60:f7:
11:89:72:2d:9a:ce:a1:55:ab:e6:36:34:f7:e6:f4:
d6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:13:59:98:3F:F5:F8:03:3E:E9:7C:7E:1E:F2:E7:A3:69:BF:29:DA
X509v3 Authority Key Identifier:
keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XBNZmD_1-AM-6Xx-HvLno2m_Kdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.73.0/24
Signature Algorithm: sha256WithRSAEncryption
84:78:cc:df:72:62:22:ee:88:61:1c:4f:3a:f6:45:82:e3:65:
7f:af:2a:6d:5b:c1:27:7b:0d:c4:f3:58:de:0c:46:de:5a:77:
c1:b4:7a:bd:88:59:41:f8:b8:fe:d5:6b:41:56:4e:69:fd:ce:
5f:9d:d4:a2:5f:6b:d3:5c:d9:cc:ee:fd:1a:ef:08:70:3c:17:
ce:28:23:86:74:10:1b:f1:98:fa:4b:2f:50:a1:bb:8b:a3:d6:
57:90:7f:74:48:76:7f:6a:3d:a9:47:ab:88:72:af:ef:1e:6b:
4a:30:bc:bc:e2:a2:4c:18:73:e5:a3:07:38:ef:5a:b7:74:37:
d3:9f:f7:2c:43:cc:35:24:58:f7:98:5e:f2:db:eb:ab:15:7e:
6e:12:fb:04:7c:04:0a:54:0a:3f:9b:93:96:a7:c1:88:11:c5:
14:48:3e:81:39:c6:b9:36:40:6f:d6:24:fd:00:87:98:86:57:
ab:27:01:b6:94:a8:ed:16:4e:1f:70:af:9a:16:a3:50:a8:b9:
a3:a7:2b:da:41:7d:53:42:d2:4a:32:12:d3:4b:f7:d3:08:b9:
57:85:82:0f:24:dc:f6:07:ab:b3:b7:b8:19:ee:b0:74:96:f8:
ca:c8:07:9d:0e:02:fd:b1:cf:14:e6:1a:ae:83:de:84:0b:ac:
1b:2e:36:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1RLkzHHPByWPciXeITiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjMwMTAyMDQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEzNTk5ODNmZjVmODAzM2VlOTdjN2UxZWYyZTdhMzY5YmYyOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpfO39Z0eBxotDwOZI/X8N6ZDOEV
pb0ZVK4fxmJgC7zAo6++IXJ+9IyIiFrT5B396SLySK64DtvR12HH+SdlplJNUw3X
u8quzgG1eVVerI7wRN+9YjgRvF+rmKM5npiG0KrHjxUHHnOSxWWIoNNUCw83uyQM
gvzNUveG8JlXqi+cA1ZJjL+olLna1W7YAeRKJ1pTmmeCupg1WjDa9FCaQco9SWM0
jy0ogl0xjVDNTT28k8jh3Q9RxdndJhl+IG41sXjMZ25IGBvM3/0k3rbpIfbXfC78
tuIcXz+tSE+247+ucXTv0D0S1Je121zQYPcRiXItms6hVavmNjT35vTWTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwTWZg/9fgDPul8fh7y56NpvynaMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvWEJOWm1EXzEtQU0tNlh4LUh2TG5vMm1fS2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FJMA0G
CSqGSIb3DQEBCwUAA4IBAQCEeMzfcmIi7ohhHE869kWC42V/ryptW8Enew3E81je
DEbeWnfBtHq9iFlB+Lj+1WtBVk5p/c5fndSiX2vTXNnM7v0a7whwPBfOKCOGdBAb
8Zj6Sy9QobuLo9ZXkH90SHZ/aj2pR6uIcq/vHmtKMLy84qJMGHPlowc471q3dDfT
n/csQ8w1JFj3mF7y2+urFX5uEvsEfAQKVAo/m5OWp8GIEcUUSD6BOca5NkBv1iT9
AIeYhlerJwG2lKjtFk4fcK+aFqNQqLmjpyvaQX1TQtJKMhLTS/fTCLlXhYIPJNz2
B6uzt7gZ7rB0lvjKyAedDgL9sc8U5hqug96EC6wbLjYh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org