Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/xU3fk473pud02rjVBRRcaxLIG7M.roa
File: xU3fk473pud02rjVBRRcaxLIG7M.roa (raw, json)
Hash identifier: IiyPSK9b831uqCrR4qWt4CKCdZwNXhLpjbdwkHsIM98=
Subject key identifier: C5:4D:DF:93:8E:F7:A6:E7:74:DA:B8:D5:05:14:5C:6B:12:C8:1B:B3
Certificate issuer: /CN=fdcd4516a27bb83848110cb32082bcfca9f36890
Certificate serial: 01856D0A8731658BFB6F91D0B54660D0141E
Authority key identifier: FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/xU3fk473pud02rjVBRRcaxLIG7M.roa
Signing time: Sun 01 Jan 2023 11:14:44 +0000
ROA not before: Sun 01 Jan 2023 11:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.205.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:87:31:65:8b:fb:6f:91:d0:b5:46:60:d0:14:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcd4516a27bb83848110cb32082bcfca9f36890
Validity
Not Before: Jan 1 11:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c54ddf938ef7a6e774dab8d505145c6b12c81bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:17:28:67:5b:aa:10:24:ef:30:c1:06:89:
55:7e:b3:15:b8:fa:0f:98:d6:16:b8:ad:4f:1f:98:
8e:a0:7c:1f:25:18:d8:f1:60:fd:1c:5b:50:52:31:
41:fe:0c:ec:3a:e5:83:59:7b:ca:8b:ad:6d:a1:a0:
2c:44:96:ed:81:e9:18:70:2f:00:f9:fa:f6:c1:61:
36:d8:4e:b0:25:31:a3:cd:50:87:7b:3d:2c:e1:fc:
fe:e2:db:9a:22:36:50:78:08:40:25:1c:49:9b:5c:
2f:dc:9c:5a:16:87:b3:ca:02:63:31:ea:cc:4c:e5:
e1:b6:ff:2a:cc:59:01:53:97:a9:b4:72:d6:f6:21:
2f:3f:13:20:80:9f:ad:fe:5c:f7:d8:df:b6:6b:6f:
16:bd:0f:d5:49:fb:3a:7e:bc:e5:a1:ef:c0:9a:ba:
6c:b3:96:30:65:c4:2a:0b:5d:64:1f:c0:1e:00:4a:
57:46:2a:84:31:34:9d:76:67:b8:9c:cb:ab:b5:0f:
c1:61:4e:08:e0:85:22:ce:f8:e8:a2:4f:12:8c:03:
06:f2:ed:35:3c:f9:5d:cd:96:88:76:e1:08:1e:ef:
48:50:e9:c8:3c:c6:53:cf:a6:2a:59:68:8b:8b:10:
b9:db:2a:61:f0:ce:40:17:53:c7:f1:99:63:2d:6b:
1e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4D:DF:93:8E:F7:A6:E7:74:DA:B8:D5:05:14:5C:6B:12:C8:1B:B3
X509v3 Authority Key Identifier:
keyid:FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/xU3fk473pud02rjVBRRcaxLIG7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:86:84:f8:f8:8b:ed:1a:75:9a:9b:51:f1:ec:ed:da:c9:f6:
89:de:25:4e:8c:e4:c0:e5:77:35:72:9f:3b:d4:7c:28:93:d1:
a8:0b:79:a9:c5:2c:65:67:88:fe:40:a9:0c:0a:03:fc:09:0a:
c3:bb:7d:be:dc:c3:bc:72:d9:7e:6e:16:71:90:07:e0:19:80:
6d:ce:d4:57:48:9e:6c:07:1d:ec:44:af:b4:bd:f9:0c:eb:da:
21:da:31:67:f2:8f:06:db:c0:2f:d6:76:74:32:db:41:83:ba:
c1:1c:22:54:a2:08:50:af:04:4f:22:e2:1e:94:9c:48:e1:44:
22:04:93:35:d9:38:c0:06:b3:60:63:2a:38:12:88:30:a8:15:
67:0f:cc:f5:93:29:08:9f:0a:15:4b:ad:32:49:83:7f:69:20:
ed:f5:74:93:46:cf:31:7f:72:63:e4:1e:5e:a1:b2:46:37:78:
be:4f:3f:bc:17:52:af:48:33:cd:db:c0:01:d3:32:68:ba:53:
48:2f:7d:29:95:30:a6:94:91:fc:c3:ad:cc:9e:10:df:12:6a:
5f:d3:9d:19:c8:1f:67:e0:a5:21:50:b2:4b:ef:4e:40:a4:28:
cb:2d:b8:2c:82:4c:87:fa:cf:08:2e:be:fa:88:98:31:cb:b5:
9f:b4:d9:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCocxZYv7b5HQtUZg0BQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkY2Q0NTE2YTI3YmI4Mzg0ODExMGNiMzIwODJiY2ZjYTlm
MzY4OTAwHhcNMjMwMTAxMTExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRkZGY5MzhlZjdhNmU3NzRkYWI4ZDUwNTE0NWM2YjEyYzgxYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzegXKGdbqhAk7zDBBolVfrMVuPoP
mNYWuK1PH5iOoHwfJRjY8WD9HFtQUjFB/gzsOuWDWXvKi61toaAsRJbtgekYcC8A
+fr2wWE22E6wJTGjzVCHez0s4fz+4tuaIjZQeAhAJRxJm1wv3JxaFoezygJjMerM
TOXhtv8qzFkBU5eptHLW9iEvPxMggJ+t/lz32N+2a28WvQ/VSfs6frzloe/Amrps
s5YwZcQqC11kH8AeAEpXRiqEMTSddme4nMurtQ/BYU4I4IUizvjook8SjAMG8u01
PPldzZaIduEIHu9IUOnIPMZTz6YqWWiLixC52yph8M5AF1PH8ZljLWseaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVN35OO96bndNq41QUUXGsSyBuzMB8GA1UdIwQY
MBaAFP3NRRaie7g4SBEMsyCCvPyp82iQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2MxRkZxSjd1RGhJRVF5eklJSzhfS256YUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80YjA5OTUtNjI3NC00MjU5LWJiNGUt
MzEwZDZjNzE1YzI0LzEveFUzZms0NzNwdWQwMnJqVkJSUmNheExJRzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80YjA5OTUtNjI3NC00MjU5LWJiNGUtMzEwZDZjNzE1YzI0
LzEvX2MxRkZxSjd1RGhJRVF5eklJSzhfS256YUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc07MA0G
CSqGSIb3DQEBCwUAA4IBAQAfhoT4+IvtGnWam1Hx7O3ayfaJ3iVOjOTA5Xc1cp87
1Hwok9GoC3mpxSxlZ4j+QKkMCgP8CQrDu32+3MO8ctl+bhZxkAfgGYBtztRXSJ5s
Bx3sRK+0vfkM69oh2jFn8o8G28Av1nZ0MttBg7rBHCJUoghQrwRPIuIelJxI4UQi
BJM12TjABrNgYyo4EogwqBVnD8z1kykInwoVS60ySYN/aSDt9XSTRs8xf3Jj5B5e
obJGN3i+Tz+8F1KvSDPN28AB0zJoulNIL30plTCmlJH8w63MnhDfEmpf050ZyB9n
4KUhULJL705ApCjLLbgsgkyH+s8ILr76iJgxy7WftNmE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:13 2023 by rpki-client on console-ams.rpki-client.org