Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xOtWe0JIu5Z0VgcbN_WORjc_emI.roa
File: xOtWe0JIu5Z0VgcbN_WORjc_emI.roa (raw, json)
Hash identifier: bzeHahXFy0WKvcH5G6+l3fQDYfD5mjwd/9hfAdTP1V4=
Subject key identifier: C4:EB:56:7B:42:48:BB:96:74:56:07:1B:37:F5:8E:46:37:3F:7A:62
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C541C73B5716C868110E3C4A0D7255F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xOtWe0JIu5Z0VgcbN_WORjc_emI.roa
Signing time: Sun 01 Jan 2023 07:55:29 +0000
ROA not before: Sun 01 Jan 2023 07:55:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213018
IP address blocks: 2.57.253.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:1c:73:b5:71:6c:86:81:10:e3:c4:a0:d7:25:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4eb567b4248bb967456071b37f58e46373f7a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:f2:98:02:c1:bf:af:3a:fd:19:de:54:6d:
9d:de:b5:58:a0:43:b3:7a:ac:a5:fd:4f:10:24:1a:
40:73:cb:75:94:a9:d6:be:9c:60:ab:a2:0e:29:9b:
d3:b4:a6:77:8f:70:55:d5:36:75:c0:9e:72:5b:dd:
15:c3:e4:7d:fa:cb:7a:2b:bf:1b:a0:aa:39:2d:a4:
d6:4e:69:ed:4d:68:cf:89:ed:b1:9d:80:7e:e0:3f:
46:9e:f5:dd:ad:bb:61:fd:ae:bf:65:27:7a:18:1c:
5a:7a:b9:5f:b2:88:39:2c:9f:51:58:4c:c9:5e:59:
be:ca:51:62:89:a1:8a:a8:6a:e2:8c:0f:20:66:4e:
10:1a:97:bd:ca:cf:7a:06:2a:51:a1:98:5a:dc:68:
16:40:10:47:c8:10:61:af:c1:9b:63:52:80:8c:38:
c4:11:30:f2:91:d1:a4:07:ad:4b:96:15:73:57:22:
5f:a7:c2:f7:f2:2e:88:7b:3d:e4:23:1f:a6:06:bd:
71:eb:ec:c7:f7:44:f8:e4:87:3c:f9:c7:ab:27:07:
1f:71:57:c5:8a:25:ef:10:53:79:80:9e:22:84:13:
7b:4e:be:fc:07:ac:3f:f6:0a:f0:4c:2f:28:cc:ce:
b2:4f:d6:0d:c5:43:ac:37:55:64:a1:ed:77:ac:76:
2e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EB:56:7B:42:48:BB:96:74:56:07:1B:37:F5:8E:46:37:3F:7A:62
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xOtWe0JIu5Z0VgcbN_WORjc_emI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.253.0/24
Signature Algorithm: sha256WithRSAEncryption
66:70:07:fe:18:a4:73:9b:d8:6e:e7:77:f4:bf:2f:bd:ef:b4:
63:b0:db:8e:5f:ba:e7:94:59:0e:c9:35:74:43:ee:b9:26:6f:
67:0e:69:4e:99:5f:41:c2:c8:f1:67:2e:2f:5b:ba:ad:7d:43:
b2:9c:62:40:46:69:ba:d7:49:44:bd:36:75:f6:8d:bd:85:19:
d8:5b:77:c1:04:c3:6f:cb:b3:d0:ff:4f:dc:e7:45:1f:36:e9:
92:b8:e6:e0:6c:13:dd:cc:5f:a1:be:c8:85:af:91:40:04:00:
05:52:3f:7a:4f:54:08:1f:dc:81:03:91:1e:fb:5c:8e:2f:c8:
25:2a:ab:67:fa:35:b4:c9:78:f5:c1:54:e0:64:7e:19:c9:ac:
41:fb:a3:66:82:fe:73:89:46:ac:b2:6c:94:0e:67:3f:39:9f:
98:c9:24:ee:3b:fa:e7:eb:e0:ac:9d:de:20:78:41:da:84:38:
63:18:60:70:7a:0b:3c:87:d9:4c:f3:6f:d0:9e:51:fa:25:5d:
a3:96:0e:9b:96:98:70:41:c9:06:30:ef:3d:8f:29:6e:db:88:
5d:da:93:ec:1d:71:08:d4:de:ee:12:47:c3:a9:2b:7f:37:b2:
f5:ec:e6:36:d5:96:b1:08:eb:8a:75:65:fe:d4:6f:40:00:ae:
07:fa:d7:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVBxztXFshoEQ48Sg1yVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGViNTY3YjQyNDhiYjk2NzQ1NjA3MWIzN2Y1OGU0NjM3M2Y3YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5XymALBv686/RneVG2d3rVYoEOz
eqyl/U8QJBpAc8t1lKnWvpxgq6IOKZvTtKZ3j3BV1TZ1wJ5yW90Vw+R9+st6K78b
oKo5LaTWTmntTWjPie2xnYB+4D9GnvXdrbth/a6/ZSd6GBxaerlfsog5LJ9RWEzJ
Xlm+ylFiiaGKqGrijA8gZk4QGpe9ys96BipRoZha3GgWQBBHyBBhr8GbY1KAjDjE
ETDykdGkB61LlhVzVyJfp8L38i6Iez3kIx+mBr1x6+zH90T45Ic8+cerJwcfcVfF
iiXvEFN5gJ4ihBN7Tr78B6w/9grwTC8ozM6yT9YNxUOsN1Vkoe13rHYuYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTrVntCSLuWdFYHGzf1jkY3P3piMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveE90V2UwSkl1NVowVmdjYk5fV09SamNfZW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjn9MA0G
CSqGSIb3DQEBCwUAA4IBAQBmcAf+GKRzm9hu53f0vy+977RjsNuOX7rnlFkOyTV0
Q+65Jm9nDmlOmV9BwsjxZy4vW7qtfUOynGJARmm610lEvTZ19o29hRnYW3fBBMNv
y7PQ/0/c50UfNumSuObgbBPdzF+hvsiFr5FABAAFUj96T1QIH9yBA5Ee+1yOL8gl
Kqtn+jW0yXj1wVTgZH4ZyaxB+6Nmgv5ziUassmyUDmc/OZ+YySTuO/rn6+Csnd4g
eEHahDhjGGBwegs8h9lM82/QnlH6JV2jlg6blphwQckGMO89jylu24hd2pPsHXEI
1N7uEkfDqSt/N7L17OY21ZaxCOuKdWX+1G9AAK4H+tcF
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org