Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/xZKPnBlN4RteBYEW1Iu7Sy27eP8.roa
File: xZKPnBlN4RteBYEW1Iu7Sy27eP8.roa (raw, json)
Hash identifier: m36jRTavE35NSkUFPHHo3bLeqgBJBtrffStwRjls8KI=
Subject key identifier: C5:92:8F:9C:19:4D:E1:1B:5E:05:81:16:D4:8B:BB:4B:2D:BB:78:FF
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A751DF0CFB38712CAC799E22DF605
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/xZKPnBlN4RteBYEW1Iu7Sy27eP8.roa
Signing time: Sun 01 Jan 2023 07:44:57 +0000
ROA not before: Sun 01 Jan 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1221
IP address blocks: 153.112.128.0/24 maxlen: 24
192.131.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:75:1d:f0:cf:b3:87:12:ca:c7:99:e2:2d:f6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5928f9c194de11b5e058116d48bbb4b2dbb78ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:40:83:76:61:9b:0b:bd:ab:11:24:e5:78:
ef:f5:29:47:f9:45:3e:6e:bd:29:52:ec:23:46:15:
e8:a1:ca:9c:0e:ad:b1:79:98:58:b9:4b:d7:5d:86:
32:c8:06:7f:22:e4:ab:d6:02:74:54:f0:b7:85:47:
d8:2f:e6:47:14:80:47:f0:99:47:e3:8b:6d:2d:91:
d9:b0:b7:29:a0:9e:e6:37:e6:14:74:d1:fa:8f:57:
88:b6:18:fb:58:df:a6:cc:27:65:49:79:51:4c:ed:
de:dc:51:98:cb:ff:71:c8:d8:35:a6:9c:10:a8:e0:
cb:7e:bb:53:c5:aa:71:b2:4d:ef:98:32:8a:9b:cc:
56:26:2f:f5:97:64:d5:05:87:4a:c9:73:b5:8e:5e:
e8:92:04:54:6f:fe:ce:a0:84:27:fd:c5:93:c6:28:
06:49:7b:46:ff:c9:ae:29:91:25:94:b8:30:d1:f9:
a9:37:84:01:68:b9:88:e2:59:5d:35:ca:26:20:98:
95:92:2f:75:aa:0a:0c:03:dc:f6:4d:94:5e:dc:e3:
7e:3c:32:5d:db:44:90:96:00:8d:e9:9a:53:63:c9:
ed:f6:a8:df:4b:0e:65:2a:e9:22:16:a7:1b:1d:64:
0a:2c:da:86:4b:a8:09:80:25:88:31:79:f5:eb:e7:
ac:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:92:8F:9C:19:4D:E1:1B:5E:05:81:16:D4:8B:BB:4B:2D:BB:78:FF
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/xZKPnBlN4RteBYEW1Iu7Sy27eP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.128.0/24
192.131.25.0/24
Signature Algorithm: sha256WithRSAEncryption
94:4f:ef:cb:0c:94:2e:73:1f:6a:86:1f:af:2c:90:83:4d:49:
5b:32:e0:4d:44:f0:0a:b0:a9:73:85:62:5f:66:12:7b:ad:0e:
76:1c:44:59:b0:1a:57:d6:24:e6:be:c1:d4:3e:53:48:2f:c9:
1a:82:22:23:6c:20:f6:72:f1:a9:dc:47:7b:60:b8:49:77:d1:
4c:d7:e9:05:ca:d1:23:54:22:49:f9:29:c2:54:76:da:df:9f:
a1:49:2e:99:80:ef:61:fd:02:64:9c:84:ff:34:23:79:ac:ee:
b1:7a:a0:c5:48:a2:a2:79:c8:f8:78:95:33:9a:7e:56:eb:e1:
00:f9:ae:44:97:50:81:aa:5e:15:0a:b9:43:f1:87:59:b5:58:
74:7c:2a:8c:c6:3f:f6:52:49:2e:d3:c8:7d:9c:4a:0f:60:40:
29:3d:e2:65:99:64:f9:e0:d9:3c:bc:ed:07:dd:db:ea:c7:3a:
2e:e2:26:f8:0c:7c:c9:07:64:ca:ad:c8:62:2c:06:58:32:31:
22:43:d0:a0:d5:f8:bc:8c:33:a9:b3:a4:42:34:2c:63:c3:26:
aa:a8:43:64:8d:77:0c:2f:66:99:5b:a5:7c:53:ee:ba:8e:f2:
9c:1b:5f:fa:64:a5:51:6b:27:d6:29:1f:20:d6:d3:34:fb:51:
e3:70:90:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsSnUd8M+zhxLKx5niLfYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkyOGY5YzE5NGRlMTFiNWUwNTgxMTZkNDhiYmI0YjJkYmI3OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqahAg3Zhmwu9qxEk5Xjv9SlH+UU+
br0pUuwjRhXoocqcDq2xeZhYuUvXXYYyyAZ/IuSr1gJ0VPC3hUfYL+ZHFIBH8JlH
44ttLZHZsLcpoJ7mN+YUdNH6j1eIthj7WN+mzCdlSXlRTO3e3FGYy/9xyNg1ppwQ
qODLfrtTxapxsk3vmDKKm8xWJi/1l2TVBYdKyXO1jl7okgRUb/7OoIQn/cWTxigG
SXtG/8muKZEllLgw0fmpN4QBaLmI4lldNcomIJiVki91qgoMA9z2TZRe3ON+PDJd
20SQlgCN6ZpTY8nt9qjfSw5lKukiFqcbHWQKLNqGS6gJgCWIMXn16+esEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMWSj5wZTeEbXgWBFtSLu0stu3j/MB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEveFpLUG5CbE40UnRlQllFVzFJdTdTeTI3ZVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmXCAAwQA
wIMZMA0GCSqGSIb3DQEBCwUAA4IBAQCUT+/LDJQucx9qhh+vLJCDTUlbMuBNRPAK
sKlzhWJfZhJ7rQ52HERZsBpX1iTmvsHUPlNIL8kagiIjbCD2cvGp3Ed7YLhJd9FM
1+kFytEjVCJJ+SnCVHba35+hSS6ZgO9h/QJknIT/NCN5rO6xeqDFSKKiecj4eJUz
mn5W6+EA+a5El1CBql4VCrlD8YdZtVh0fCqMxj/2Ukku08h9nEoPYEApPeJlmWT5
4Nk8vO0H3dvqxzou4ib4DHzJB2TKrchiLAZYMjEiQ9Cg1fi8jDOps6RCNCxjwyaq
qENkjXcML2aZW6V8U+66jvKcG1/6ZKVRayfWKR8g1tM0+1HjcJAa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:17 2024 by rpki-client on console-ams.rpki-client.org