Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/xk4ESFrzr6XwY0LvUONEfn0J338.roa
File: xk4ESFrzr6XwY0LvUONEfn0J338.roa (raw, json)
Hash identifier: SA2kBMz5IuemFemkCGOjfoKJ6CjtaGpKhnoZ4p+KM7o=
Subject key identifier: C6:4E:04:48:5A:F3:AF:A5:F0:63:42:EF:50:E3:44:7E:7D:09:DF:7F
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 018C3FEDBF665084A8C5E19890DD0380D6D6
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/xk4ESFrzr6XwY0LvUONEfn0J338.roa
Signing time: Wed 06 Dec 2023 16:19:54 +0000
ROA not before: Wed 06 Dec 2023 16:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211804
IP address blocks: 82.129.14.0/23 maxlen: 24
82.129.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:ed:bf:66:50:84:a8:c5:e1:98:90:dd:03:80:d6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Dec 6 16:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64e04485af3afa5f06342ef50e3447e7d09df7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:37:fb:7b:6b:05:2c:a7:70:a2:93:08:56:ba:
10:c2:ba:0a:47:d1:06:f9:9b:d2:49:61:3f:ad:52:
9d:dd:a1:7a:aa:2b:8b:26:ca:8d:a8:4b:1e:a9:54:
9f:d3:31:75:34:b3:8c:8e:28:35:e0:81:c6:da:bd:
cb:4c:64:cc:65:f0:d4:30:dd:a3:18:11:77:df:20:
3d:6d:93:e3:2f:59:21:3a:9f:cf:a8:16:7a:16:7c:
42:29:4b:55:0a:60:bd:be:f2:65:09:4e:8f:f3:6a:
4d:c2:22:c6:49:0e:f1:a4:11:bf:72:2d:ee:fc:11:
ad:26:33:3f:b7:c4:63:eb:21:34:ed:23:f7:a2:98:
63:c3:24:53:4e:70:8b:ed:fa:2d:00:e9:f1:4f:3b:
01:f5:2d:43:d1:2f:1c:37:7e:c1:38:b4:47:7a:f6:
82:78:2c:a4:bb:b1:48:cd:19:20:fd:0d:de:51:a6:
cd:bd:15:d9:de:8c:60:54:a9:be:64:a8:be:0d:d7:
09:6f:d9:d9:cb:39:d6:65:ff:c1:ff:ea:34:47:57:
a1:fd:1f:25:65:9a:84:16:97:da:71:24:09:39:13:
c8:b8:99:8a:5f:0a:b6:fc:84:cc:9d:b9:78:5f:18:
47:c3:b2:07:62:af:cc:78:9f:35:ce:3e:c4:84:46:
9f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4E:04:48:5A:F3:AF:A5:F0:63:42:EF:50:E3:44:7E:7D:09:DF:7F
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/xk4ESFrzr6XwY0LvUONEfn0J338.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.129.14.0/23
82.129.24.0/23
Signature Algorithm: sha256WithRSAEncryption
09:de:b0:d7:14:5b:c1:70:b4:ab:98:48:e4:45:35:eb:5a:b1:
e3:70:e5:ff:ca:c8:fa:2c:5d:63:b5:80:a3:c1:73:0a:b0:05:
40:54:ad:ec:5d:c4:d3:b0:2c:7d:1f:20:8e:67:8c:bc:61:d4:
2d:73:0a:ec:5e:69:bc:7b:e3:26:c2:4f:0a:97:2b:da:24:29:
02:d8:70:20:ee:52:c8:41:e4:ff:fe:ad:e8:89:cc:90:f4:88:
8d:98:76:37:d3:d2:cd:c0:91:46:ca:a8:0e:3a:16:05:02:c4:
34:a7:ca:d5:69:86:6e:ff:4b:e2:5b:7c:0d:4e:2d:44:9b:f7:
f8:9f:75:4a:db:4e:79:c7:20:ba:88:06:b5:b3:14:a7:84:36:
83:10:32:78:eb:e6:a0:8d:8e:71:6e:6d:92:a8:18:4c:83:c2:
b1:4f:c6:32:e7:46:4d:23:89:74:ac:d7:c1:da:6e:6a:a1:37:
92:d2:70:ab:b9:26:ae:c0:2f:f7:e9:4a:4a:25:be:50:eb:18:
c7:e1:df:a9:3d:96:a1:74:b6:63:35:bc:79:fa:2a:f9:d1:d6:
80:34:29:5f:a2:a4:92:dc:35:57:5a:3b:1a:87:7c:24:12:8c:
2d:da:f3:6e:c3:33:04:bb:64:ba:55:b8:4e:67:2b:53:d8:39:
8a:a2:71:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw/7b9mUISoxeGYkN0DgNbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjMxMjA2MTYxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRlMDQ0ODVhZjNhZmE1ZjA2MzQyZWY1MGUzNDQ3ZTdkMDlkZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDf7e2sFLKdwopMIVroQwroKR9EG
+ZvSSWE/rVKd3aF6qiuLJsqNqEseqVSf0zF1NLOMjig14IHG2r3LTGTMZfDUMN2j
GBF33yA9bZPjL1khOp/PqBZ6FnxCKUtVCmC9vvJlCU6P82pNwiLGSQ7xpBG/ci3u
/BGtJjM/t8Rj6yE07SP3ophjwyRTTnCL7fotAOnxTzsB9S1D0S8cN37BOLRHevaC
eCyku7FIzRkg/Q3eUabNvRXZ3oxgVKm+ZKi+DdcJb9nZyznWZf/B/+o0R1eh/R8l
ZZqEFpfacSQJORPIuJmKXwq2/ITMnbl4XxhHw7IHYq/MeJ81zj7EhEafQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZOBEha86+l8GNC71DjRH59Cd9/MB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEveGs0RVNGcnpyNlh3WTBMdlVPTkVmbjBKMzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUoEOAwQB
UoEYMA0GCSqGSIb3DQEBCwUAA4IBAQAJ3rDXFFvBcLSrmEjkRTXrWrHjcOX/ysj6
LF1jtYCjwXMKsAVAVK3sXcTTsCx9HyCOZ4y8YdQtcwrsXmm8e+Mmwk8KlyvaJCkC
2HAg7lLIQeT//q3oicyQ9IiNmHY309LNwJFGyqgOOhYFAsQ0p8rVaYZu/0viW3wN
Ti1Em/f4n3VK2055xyC6iAa1sxSnhDaDEDJ46+agjY5xbm2SqBhMg8KxT8Yy50ZN
I4l0rNfB2m5qoTeS0nCruSauwC/36UpKJb5Q6xjH4d+pPZahdLZjNbx5+ir50daA
NClfoqSS3DVXWjsah3wkEowt2vNuwzMEu2S6VbhOZytT2DmKonE9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org