Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/XCqRH6KgnuObiyFErv6ozuR3wDM.roa
File: XCqRH6KgnuObiyFErv6ozuR3wDM.roa (raw, json)
Hash identifier: w3cIHN+Hr9ij9Kf7C3WO7wzpiq1BvVDJ29GwikE28zY=
Subject key identifier: 5C:2A:91:1F:A2:A0:9E:E3:9B:8B:21:44:AE:FE:A8:CE:E4:77:C0:33
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0185719E9354EF5EEF91DE25ADD57138EAAE
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/XCqRH6KgnuObiyFErv6ozuR3wDM.roa
Signing time: Mon 02 Jan 2023 08:34:55 +0000
ROA not before: Mon 02 Jan 2023 08:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25473
IP address blocks: 82.196.160.0/19 maxlen: 19
2a01:e8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:93:54:ef:5e:ef:91:de:25:ad:d5:71:38:ea:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 2 08:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c2a911fa2a09ee39b8b2144aefea8cee477c033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:97:d3:13:19:f6:8f:7b:d8:1a:38:fb:21:
03:7d:60:9d:29:46:e2:f0:46:f1:32:f3:a4:e8:1f:
c4:86:96:3e:5c:bd:5c:8d:bb:73:46:28:b2:38:23:
86:10:cc:8e:94:44:3a:92:a1:2f:22:8f:17:2d:16:
65:fa:62:19:61:38:fd:d4:46:d0:03:6b:0f:e8:71:
cc:60:a3:7a:3b:68:82:74:5d:f2:89:0c:36:77:97:
9f:57:da:f3:09:9e:d3:39:13:a9:93:81:c7:f3:75:
b2:e5:b8:a3:7f:ba:e0:12:c4:57:4b:6b:d4:0f:2f:
fc:01:64:90:04:60:60:ca:57:73:49:e1:b6:d3:86:
d1:69:2c:76:2f:fe:96:b4:23:d4:34:eb:6a:55:bf:
84:2e:e2:8a:60:60:c1:c8:5a:df:cb:cd:7d:ec:a7:
f4:15:49:84:2b:b5:e3:2e:3a:b9:18:7b:43:27:f2:
5b:d3:58:e0:0c:93:39:81:bd:08:b8:ec:62:b1:40:
18:5f:b6:48:14:fa:b7:98:ef:3a:a1:de:9a:ff:43:
78:a9:6a:aa:d7:1a:3a:67:c0:5e:4c:14:aa:48:71:
ab:47:e1:2d:83:c3:e4:73:d3:78:4b:c8:cb:3c:1a:
1d:6d:b2:c0:0d:98:bb:09:5e:b4:47:67:6d:49:8c:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2A:91:1F:A2:A0:9E:E3:9B:8B:21:44:AE:FE:A8:CE:E4:77:C0:33
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/XCqRH6KgnuObiyFErv6ozuR3wDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.160.0/19
IPv6:
2a01:e8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:7b:ed:fc:06:49:73:77:68:8d:17:1e:9e:23:00:1b:1f:02:
cd:94:79:af:a1:09:e8:7a:b3:cd:02:33:27:91:cf:c5:0c:18:
b9:d3:86:61:a3:6c:84:45:c9:05:98:44:1b:67:9c:b7:50:a0:
0c:95:cd:51:2e:48:df:89:42:e8:d0:74:8e:bb:cf:8d:b2:1d:
b9:3b:74:fb:d0:ee:b2:d1:10:39:33:8a:62:45:8e:96:5f:43:
f6:a6:73:cd:d4:7a:ff:e0:ab:f7:5d:43:0b:0b:d7:c9:69:c4:
86:9a:92:cf:c2:eb:2b:9a:3b:f7:6f:15:fb:24:1f:af:68:bb:
27:20:4e:5a:14:71:38:79:9c:e7:31:32:e2:3a:c7:91:1e:37:
9d:26:c8:a9:43:14:32:db:67:ea:c0:7b:3b:cd:78:64:9e:1b:
b4:6a:af:67:5f:71:56:96:92:07:3c:69:de:b7:d6:cb:7b:19:
49:70:6b:98:66:f7:9a:f6:f9:94:f3:a9:df:87:fa:6a:67:a9:
f2:5d:10:18:c7:48:c0:79:08:78:80:67:f2:0a:a5:1d:14:4a:
4e:20:1d:db:3d:fe:d5:e9:f9:f3:73:73:48:69:b1:5e:ff:e8:
ed:19:a6:d8:cb:6d:bd:74:81:8c:34:a7:35:fd:1a:eb:0d:22:
9c:bc:c5:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxnpNU717vkd4lrdVxOOquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjMwMTAyMDgzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJhOTExZmEyYTA5ZWUzOWI4YjIxNDRhZWZlYThjZWU0NzdjMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKeX0xMZ9o972Bo4+yEDfWCdKUbi
8EbxMvOk6B/EhpY+XL1cjbtzRiiyOCOGEMyOlEQ6kqEvIo8XLRZl+mIZYTj91EbQ
A2sP6HHMYKN6O2iCdF3yiQw2d5efV9rzCZ7TOROpk4HH83Wy5bijf7rgEsRXS2vU
Dy/8AWSQBGBgyldzSeG204bRaSx2L/6WtCPUNOtqVb+ELuKKYGDByFrfy8197Kf0
FUmEK7XjLjq5GHtDJ/Jb01jgDJM5gb0IuOxisUAYX7ZIFPq3mO86od6a/0N4qWqq
1xo6Z8BeTBSqSHGrR+Etg8Pkc9N4S8jLPBodbbLADZi7CV60R2dtSYy0vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwqkR+ioJ7jm4shRK7+qM7kd8AzMB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvWENxUkg2S2dudU9iaXlGRXJ2Nm96dVIzd0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFUsSgMA0E
AgACMAcDBQAqAQDoMA0GCSqGSIb3DQEBCwUAA4IBAQCfe+38Bklzd2iNFx6eIwAb
HwLNlHmvoQnoerPNAjMnkc/FDBi504Zho2yERckFmEQbZ5y3UKAMlc1RLkjfiULo
0HSOu8+Nsh25O3T70O6y0RA5M4piRY6WX0P2pnPN1Hr/4Kv3XUMLC9fJacSGmpLP
wusrmjv3bxX7JB+vaLsnIE5aFHE4eZznMTLiOseRHjedJsipQxQy22fqwHs7zXhk
nhu0aq9nX3FWlpIHPGnet9bLexlJcGuYZvea9vmU86nfh/pqZ6nyXRAYx0jAeQh4
gGfyCqUdFEpOIB3bPf7V6fnzc3NIabFe/+jtGabYy229dIGMNKc1/RrrDSKcvMWF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:23 2024 by rpki-client on console-ams.rpki-client.org