Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/XHJFXtpeXuncGRDcwBTp6-UqaU8.roa
File: XHJFXtpeXuncGRDcwBTp6-UqaU8.roa (raw, json)
Hash identifier: Heom+K8NHx/0mc2mMqxr8OsHF14Mkq44waLPd/50dAU=
Subject key identifier: 5C:72:45:5E:DA:5E:5E:E9:DC:19:10:DC:C0:14:E9:EB:E5:2A:69:4F
Certificate issuer: /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial: 018B4907E51BEFDE8818C805D6C7DD17E0DD
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/XHJFXtpeXuncGRDcwBTp6-UqaU8.roa
Signing time: Thu 19 Oct 2023 17:42:15 +0000
ROA not before: Thu 19 Oct 2023 17:42:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56655
IP address blocks: 2001:678:a90::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:07:e5:1b:ef:de:88:18:c8:05:d6:c7:dd:17:e0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Validity
Not Before: Oct 19 17:42:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c72455eda5e5ee9dc1910dcc014e9ebe52a694f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:80:82:40:24:9a:99:9d:1e:19:27:ea:04:82:
4a:ae:af:ab:99:08:fe:af:fc:73:fe:8d:73:5d:e7:
f7:fa:ed:fb:37:da:39:28:12:32:74:c8:7a:7a:ff:
55:c3:a3:66:ab:f3:7c:3a:31:cf:f1:8c:9b:f1:be:
44:ed:e0:b4:4e:ba:9d:92:11:78:c0:b4:ac:88:27:
29:7c:57:08:fb:37:bc:cc:34:d0:46:84:cc:e1:e5:
d6:c4:e1:de:01:e3:a7:94:f4:24:34:f3:b7:73:fb:
64:2e:1c:c6:b3:1d:d8:72:1b:92:27:13:7e:ae:cc:
ae:5b:ce:a1:0a:fe:c2:49:58:0a:74:b4:17:10:2c:
33:b6:3d:cc:3a:80:4c:35:71:3a:6d:5e:83:f0:0f:
16:43:ee:f2:71:cd:30:21:f9:fb:9e:55:3e:d6:5b:
26:3a:38:63:71:93:d1:d2:4f:2b:d2:29:31:ae:87:
98:36:dd:6c:ac:ec:0b:cc:75:98:d8:f4:b5:5a:6f:
a2:c1:3e:7a:cc:1a:ff:70:a5:40:37:b3:88:d0:10:
a9:4d:c4:27:8c:04:22:bc:8c:a9:56:28:28:ab:87:
78:3b:e4:eb:38:16:ba:83:e2:32:52:cb:da:21:c2:
57:ab:19:87:8a:f8:75:17:b6:cd:b7:23:dd:ec:25:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:72:45:5E:DA:5E:5E:E9:DC:19:10:DC:C0:14:E9:EB:E5:2A:69:4F
X509v3 Authority Key Identifier:
keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/XHJFXtpeXuncGRDcwBTp6-UqaU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a90::/48
Signature Algorithm: sha256WithRSAEncryption
92:a2:7d:d1:9e:04:be:28:92:88:91:e4:e2:a9:96:e5:d1:3e:
db:4b:25:a9:21:bd:a2:51:62:5c:0f:a7:31:5e:c3:4f:06:9b:
b4:f4:56:dc:25:1c:04:55:ba:2a:27:93:0d:6f:62:37:08:3a:
6d:35:7a:f0:49:45:0d:54:c5:45:90:09:27:9c:24:69:c2:fc:
5b:c2:0c:e7:90:68:84:c7:d6:99:b9:79:ea:ab:90:41:00:09:
72:2c:2e:d7:45:5b:85:89:75:f2:2e:21:ae:37:d5:bc:6c:e2:
89:18:b8:ab:7b:a5:3a:80:c5:59:c7:88:fe:a3:71:35:f9:0f:
3b:a5:f8:a1:1a:5d:5b:bf:11:94:60:6c:8f:10:04:9c:d2:d6:
7e:76:53:03:cb:3f:d6:13:9b:22:d4:05:20:d0:bf:49:1f:d7:
b8:d6:89:05:c2:a0:25:bc:5d:5a:a8:fc:be:fb:ca:f0:d5:e6:
11:84:7c:c0:28:1f:dd:fd:58:f6:84:a6:79:3e:93:6e:00:03:
19:ba:2b:88:69:5e:f1:9f:d0:e6:21:66:db:c1:96:12:89:e3:
f6:ca:8d:e2:72:4e:a6:2d:5d:a6:5d:b3:b2:11:e6:ad:ac:66:
2d:27:87:5d:02:3a:d1:1a:11:19:e6:42:ee:d5:e3:f3:75:61:
c9:d1:d0:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtJB+Ub796IGMgF1sfdF+DdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjRlZTg4NTg0ZDZkZmQ5ZTNhYTliYzIwMWM1MGY0NGUz
NTNkOWMwHhcNMjMxMDE5MTc0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzcyNDU1ZWRhNWU1ZWU5ZGMxOTEwZGNjMDE0ZTllYmU1MmE2OTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54CCQCSamZ0eGSfqBIJKrq+rmQj+
r/xz/o1zXef3+u37N9o5KBIydMh6ev9Vw6Nmq/N8OjHP8Yyb8b5E7eC0TrqdkhF4
wLSsiCcpfFcI+ze8zDTQRoTM4eXWxOHeAeOnlPQkNPO3c/tkLhzGsx3YchuSJxN+
rsyuW86hCv7CSVgKdLQXECwztj3MOoBMNXE6bV6D8A8WQ+7ycc0wIfn7nlU+1lsm
OjhjcZPR0k8r0ikxroeYNt1srOwLzHWY2PS1Wm+iwT56zBr/cKVAN7OI0BCpTcQn
jAQivIypVigoq4d4O+TrOBa6g+IyUsvaIcJXqxmHivh1F7bNtyPd7CXisQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFxyRV7aXl7p3BkQ3MAU6evlKmlPMB8GA1UdIwQY
MBaAFBj07ohYTW39njqpvCAcUPRONT2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMt
MGI5ODg1ODYzZWJmLzEvWEhKRlh0cGVYdW5jR1JEY3dCVHA2LVVxYVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMtMGI5ODg1ODYzZWJm
LzEvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCSon3RngS+KJKIkeTiqZbl0T7bSyWpIb2iUWJc
D6cxXsNPBpu09FbcJRwEVboqJ5MNb2I3CDptNXrwSUUNVMVFkAknnCRpwvxbwgzn
kGiEx9aZuXnqq5BBAAlyLC7XRVuFiXXyLiGuN9W8bOKJGLire6U6gMVZx4j+o3E1
+Q87pfihGl1bvxGUYGyPEASc0tZ+dlMDyz/WE5si1AUg0L9JH9e41okFwqAlvF1a
qPy++8rw1eYRhHzAKB/d/Vj2hKZ5PpNuAAMZuiuIaV7xn9DmIWbbwZYSieP2yo3i
ck6mLV2mXbOyEeatrGYtJ4ddAjrRGhEZ5kLu1ePzdWHJ0dAh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org