Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/XUEy_1DPEacQ4vLdbFley0erldg.roa
File: XUEy_1DPEacQ4vLdbFley0erldg.roa (raw, json)
Hash identifier: 9D4O1K/VVFO7iqWRWgffgb+wC3JIMKEfeezrJy6TewU=
Subject key identifier: 5D:41:32:FF:50:CF:11:A7:10:E2:F2:DD:6C:59:5E:CB:47:AB:95:D8
Certificate issuer: /CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
Certificate serial: 01856E8B587C99335A77457A619A28627CD4
Authority key identifier: B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/XUEy_1DPEacQ4vLdbFley0erldg.roa
Signing time: Sun 01 Jan 2023 18:15:04 +0000
ROA not before: Sun 01 Jan 2023 18:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1133
IP address blocks: 130.89.0.0/16 maxlen: 16
2001:67c:2564::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:58:7c:99:33:5a:77:45:7a:61:9a:28:62:7c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
Validity
Not Before: Jan 1 18:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d4132ff50cf11a710e2f2dd6c595ecb47ab95d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cc:0d:5d:c0:c8:62:21:7b:54:6c:9a:79:24:
ce:e7:32:0d:17:f2:36:21:1c:46:a6:d5:a8:47:04:
e0:5e:4d:57:8d:44:56:78:7e:01:a7:05:37:5c:88:
c2:0d:9d:7c:f8:b9:15:b3:44:f0:23:95:72:0b:38:
bb:69:9b:c9:49:21:c2:05:2e:f9:a8:11:95:23:f3:
96:31:b9:99:dd:39:bb:36:34:e5:7d:11:3d:2a:81:
ed:bb:f4:32:d7:cb:be:9d:db:5e:73:43:69:01:37:
6d:e6:ea:72:30:85:33:c1:aa:1f:46:02:60:d8:e6:
4f:bc:2c:fd:d9:b7:f0:10:03:9c:38:82:47:01:05:
f7:0d:16:0c:ae:4c:27:15:a7:ba:b1:dc:d0:8a:b4:
f6:1c:3b:4b:78:62:84:fd:ee:b8:9c:1b:51:d5:e5:
f3:36:bd:b2:69:e0:76:3a:7c:b6:40:54:27:cc:ed:
04:19:bf:99:f6:85:48:81:eb:d8:68:c2:bf:82:79:
ea:76:6e:00:6c:8c:99:57:1c:ae:b8:73:e1:12:a4:
ef:f2:35:d6:02:20:5d:bc:f4:e3:1d:3a:71:be:67:
90:c8:19:be:c5:2c:fc:93:48:48:fd:a2:15:82:3d:
f7:b5:aa:09:94:73:68:09:26:2f:61:3d:ba:a2:e0:
e8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:41:32:FF:50:CF:11:A7:10:E2:F2:DD:6C:59:5E:CB:47:AB:95:D8
X509v3 Authority Key Identifier:
keyid:B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/XUEy_1DPEacQ4vLdbFley0erldg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/s-98dqs-aXHY-HMC3fksxgmISeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.89.0.0/16
IPv6:
2001:67c:2564::/48
Signature Algorithm: sha256WithRSAEncryption
bb:3a:0e:55:7f:c8:13:1c:75:89:b1:78:6b:35:21:8e:7c:2b:
a9:d9:04:a5:65:4b:8c:19:39:c9:2c:0a:6d:e1:db:67:26:e2:
57:b7:db:6a:eb:8a:c2:c9:fd:52:76:fb:21:ba:02:26:cf:5d:
f9:9e:ee:a0:d6:12:fc:e6:48:f4:95:65:f8:43:9d:c7:0c:26:
ba:78:ac:ae:52:a0:54:4e:94:18:09:f2:88:63:93:09:e7:88:
95:59:70:31:99:08:8d:b6:9e:0b:83:94:b3:af:9e:f2:3e:67:
d7:b1:54:35:25:e5:06:d7:4d:e6:8c:e7:3f:de:81:f0:b8:3b:
3f:e4:c3:f5:aa:01:66:e3:d1:2d:fa:49:c0:13:18:b8:68:46:
d8:57:3c:67:2f:72:f2:68:6e:d0:52:2e:92:54:5b:40:d3:88:
21:08:fb:65:2f:03:fa:94:f7:50:6e:e5:ff:70:32:ef:88:17:
0c:fe:9b:9e:d8:8b:11:c0:ca:55:d6:64:c6:ae:4e:79:ca:3d:
0b:d3:91:ac:f7:8b:a5:b2:4d:50:ef:81:65:11:9a:c1:f1:6d:
18:1a:72:88:6b:c7:65:17:bf:35:f1:5e:0d:56:60:3b:59:46:
26:59:c8:b4:c1:ff:62:78:d9:48:cc:f3:ca:2d:4e:4b:b2:2b:
2e:fd:4b:22
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVui1h8mTNad0V6YZooYnzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWY3Yzc2YWIzZTY5NzFkOGY4NzMwMmRkZjkyY2M2MDk4
ODQ5ZWEwHhcNMjMwMTAxMTgxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQxMzJmZjUwY2YxMWE3MTBlMmYyZGQ2YzU5NWVjYjQ3YWI5NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cwNXcDIYiF7VGyaeSTO5zINF/I2
IRxGptWoRwTgXk1XjURWeH4BpwU3XIjCDZ18+LkVs0TwI5VyCzi7aZvJSSHCBS75
qBGVI/OWMbmZ3Tm7NjTlfRE9KoHtu/Qy18u+ndtec0NpATdt5upyMIUzwaofRgJg
2OZPvCz92bfwEAOcOIJHAQX3DRYMrkwnFae6sdzQirT2HDtLeGKE/e64nBtR1eXz
Nr2yaeB2Ony2QFQnzO0EGb+Z9oVIgevYaMK/gnnqdm4AbIyZVxyuuHPhEqTv8jXW
AiBdvPTjHTpxvmeQyBm+xSz8k0hI/aIVgj33taoJlHNoCSYvYT26ouDoRQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF1BMv9QzxGnEOLy3WxZXstHq5XYMB8GA1UdIwQY
MBaAFLPvfHarPmlx2PhzAt35LMYJiEnqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy05OGRxcy1hWEhZLUhNQzNma3N4Z21JU2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS83NDk4MGUtNzRmOS00YjVlLTljZjIt
Njk3MTFmZTgzZDIzLzEvWFVFeV8xRFBFYWNRNHZMZGJGbGV5MGVybGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS83NDk4MGUtNzRmOS00YjVlLTljZjItNjk3MTFmZTgzZDIz
LzEvcy05OGRxcy1hWEhZLUhNQzNma3N4Z21JU2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAglkwDwQC
AAIwCQMHACABBnwlZDANBgkqhkiG9w0BAQsFAAOCAQEAuzoOVX/IExx1ibF4azUh
jnwrqdkEpWVLjBk5ySwKbeHbZybiV7fbauuKwsn9Unb7IboCJs9d+Z7uoNYS/OZI
9JVl+EOdxwwmunisrlKgVE6UGAnyiGOTCeeIlVlwMZkIjbaeC4OUs6+e8j5n17FU
NSXlBtdN5oznP96B8Lg7P+TD9aoBZuPRLfpJwBMYuGhG2Fc8Zy9y8mhu0FIuklRb
QNOIIQj7ZS8D+pT3UG7l/3Ay74gXDP6bntiLEcDKVdZkxq5Oeco9C9ORrPeLpbJN
UO+BZRGawfFtGBpyiGvHZRe/NfFeDVZgO1lGJlnItMH/YnjZSMzzyi1OS7IrLv1L
Ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:06 2024 by rpki-client on console-fra.rpki-client.org