Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/xK0a5u4yyY0uKyqLHaciq6TsYnI.roa
File: xK0a5u4yyY0uKyqLHaciq6TsYnI.roa (raw, json)
Hash identifier: DZugjsnjR71l9U8EU41VrVNKCjFR+/GO9ymMWr67Z3I=
Subject key identifier: C4:AD:1A:E6:EE:32:C9:8D:2E:2B:2A:8B:1D:A7:22:AB:A4:EC:62:72
Certificate issuer: /CN=b49eb50cb8bac92dc176e8a87cf25552822194fa
Certificate serial: 01856D5CEE4FB4FBAF97E1459747194E5F4A
Authority key identifier: B4:9E:B5:0C:B8:BA:C9:2D:C1:76:E8:A8:7C:F2:55:52:82:21:94:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJ61DLi6yS3BduiofPJVUoIhlPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/xK0a5u4yyY0uKyqLHaciq6TsYnI.roa
Signing time: Sun 01 Jan 2023 12:44:44 +0000
ROA not before: Sun 01 Jan 2023 12:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55081
IP address blocks: 185.117.196.0/22 maxlen: 22
2a06:8641::/32 maxlen: 32
2a06:8646::/32 maxlen: 32
2a06:8644::/32 maxlen: 32
2a06:8643::/32 maxlen: 32
2a06:8647::/32 maxlen: 32
2a06:8640::/32 maxlen: 32
2a06:8642::/32 maxlen: 32
2a06:8645::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:ee:4f:b4:fb:af:97:e1:45:97:47:19:4e:5f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49eb50cb8bac92dc176e8a87cf25552822194fa
Validity
Not Before: Jan 1 12:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4ad1ae6ee32c98d2e2b2a8b1da722aba4ec6272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:0f:8d:8f:29:b1:e1:e9:98:52:f4:f0:0d:
b8:8f:17:92:83:52:04:45:84:0b:94:e8:38:b4:09:
04:1f:c4:16:1f:bc:79:11:e5:27:b9:66:be:ac:19:
5b:3b:bb:ea:ad:0e:d0:d6:c8:3a:50:f3:e9:4f:78:
5a:8d:82:c3:59:d8:1f:e5:70:91:23:96:6c:aa:7c:
e0:d6:4e:28:bb:1d:c6:f2:2f:ed:4f:d1:7d:a9:dc:
5e:aa:04:5d:24:fb:ca:6d:ed:58:f0:b7:a2:a2:74:
bb:c0:0d:9c:53:1b:3b:44:c8:d1:b0:99:57:10:26:
6b:7b:c0:68:b0:65:f2:c3:d7:25:a2:6b:fd:f2:22:
e3:4b:3f:4d:f4:cc:0e:f6:3a:0f:ac:68:50:76:8d:
d9:d8:33:ff:38:c2:af:16:c2:f8:e4:d8:0b:f1:31:
db:36:35:51:f8:f3:9e:d4:e2:d0:3b:4a:90:43:d1:
da:75:0c:2c:cc:af:35:a1:c9:09:aa:e8:5c:51:0d:
81:36:24:17:6d:8a:f0:22:c1:ff:00:f3:cc:0d:bd:
ea:1a:42:cd:fb:e7:d0:b7:b3:53:48:af:25:c5:04:
bf:91:f0:62:2b:81:53:72:bb:d3:66:6c:ed:51:b4:
10:3f:dc:3e:11:6a:ae:8d:05:80:fb:ce:be:95:94:
01:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:1A:E6:EE:32:C9:8D:2E:2B:2A:8B:1D:A7:22:AB:A4:EC:62:72
X509v3 Authority Key Identifier:
keyid:B4:9E:B5:0C:B8:BA:C9:2D:C1:76:E8:A8:7C:F2:55:52:82:21:94:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJ61DLi6yS3BduiofPJVUoIhlPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/xK0a5u4yyY0uKyqLHaciq6TsYnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/tJ61DLi6yS3BduiofPJVUoIhlPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.196.0/22
IPv6:
2a06:8640::/29
Signature Algorithm: sha256WithRSAEncryption
34:18:51:fd:e2:a6:71:01:48:21:80:3a:39:dc:9d:8b:4d:8d:
d1:91:87:ea:0a:1d:5d:a8:c2:ff:6a:80:54:4a:bd:4c:84:6d:
f4:c8:ab:95:14:1e:7c:21:73:93:cd:7c:bb:c3:59:e3:9d:42:
30:c5:df:b4:e9:8a:b5:d1:be:26:4b:2f:90:db:7c:7a:cc:c6:
c6:2d:9f:cf:b4:f0:74:51:63:58:72:bd:6c:b3:af:9d:5a:50:
a0:18:ef:0c:9e:47:3f:e4:d7:3d:35:1f:8a:e7:cd:67:3d:5e:
8a:ec:7d:70:dd:8b:53:91:79:08:af:0a:e4:1c:b3:20:6c:13:
c3:af:9f:b9:65:c3:ba:36:17:68:4f:af:c0:41:d9:da:ca:f9:
dd:19:60:ce:fe:24:b2:70:8d:c7:25:c0:42:39:80:5b:1b:d5:
70:a9:91:88:63:d5:63:f9:4d:98:80:8c:f6:21:23:a3:2b:a0:
02:8e:85:23:88:56:61:5d:11:a9:4d:67:f6:13:e6:fb:a3:0d:
e2:70:0e:07:7f:fd:b6:1b:84:8e:29:a4:37:6e:16:73:e4:17:
c2:e5:c4:2e:cf:3e:38:b6:a7:c9:02:8e:cd:13:33:af:ed:84:
65:09:67:30:29:78:a9:bd:ef:bc:3c:d9:30:5a:36:02:6c:b9:
1c:9d:46:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXO5PtPuvl+FFl0cZTl9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWViNTBjYjhiYWM5MmRjMTc2ZThhODdjZjI1NTUyODIy
MTk0ZmEwHhcNMjMwMTAxMTI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGFkMWFlNmVlMzJjOThkMmUyYjJhOGIxZGE3MjJhYmE0ZWM2MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+oPjY8pseHpmFL08A24jxeSg1IE
RYQLlOg4tAkEH8QWH7x5EeUnuWa+rBlbO7vqrQ7Q1sg6UPPpT3hajYLDWdgf5XCR
I5Zsqnzg1k4oux3G8i/tT9F9qdxeqgRdJPvKbe1Y8LeionS7wA2cUxs7RMjRsJlX
ECZre8BosGXyw9clomv98iLjSz9N9MwO9joPrGhQdo3Z2DP/OMKvFsL45NgL8THb
NjVR+POe1OLQO0qQQ9HadQwszK81ockJquhcUQ2BNiQXbYrwIsH/APPMDb3qGkLN
++fQt7NTSK8lxQS/kfBiK4FTcrvTZmztUbQQP9w+EWqujQWA+86+lZQBQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMStGubuMsmNLisqix2nIquk7GJyMB8GA1UdIwQY
MBaAFLSetQy4usktwXboqHzyVVKCIZT6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEo2MURMaTZ5UzNCZHVpb2ZQSlZVb0lobFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zZWFhNzAtMDUyMC00NTU5LTg0MWEt
NGNhOTU2YjA4YTQxLzEveEswYTV1NHl5WTB1S3lxTEhhY2lxNlRzWW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zZWFhNzAtMDUyMC00NTU5LTg0MWEtNGNhOTU2YjA4YTQx
LzEvdEo2MURMaTZ5UzNCZHVpb2ZQSlZVb0lobFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXXEMA0E
AgACMAcDBQMqBoZAMA0GCSqGSIb3DQEBCwUAA4IBAQA0GFH94qZxAUghgDo53J2L
TY3RkYfqCh1dqML/aoBUSr1MhG30yKuVFB58IXOTzXy7w1njnUIwxd+06Yq10b4m
Sy+Q23x6zMbGLZ/PtPB0UWNYcr1ss6+dWlCgGO8Mnkc/5Nc9NR+K581nPV6K7H1w
3YtTkXkIrwrkHLMgbBPDr5+5ZcO6NhdoT6/AQdnayvndGWDO/iSycI3HJcBCOYBb
G9VwqZGIY9Vj+U2YgIz2ISOjK6ACjoUjiFZhXRGpTWf2E+b7ow3icA4Hf/22G4SO
KaQ3bhZz5BfC5cQuzz44tqfJAo7NEzOv7YRlCWcwKXipve+8PNkwWjYCbLkcnUZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:57 2024 by rpki-client on console-ams.rpki-client.org