Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/xUOvCDvodjv4ffPF8VHuUsjDBcs.roa
File: xUOvCDvodjv4ffPF8VHuUsjDBcs.roa (raw, json)
Hash identifier: rRh7DtXpK67aheD8gzxdBWtN/dPrlfzjcwBQ+WvkTTk=
Subject key identifier: C5:43:AF:08:3B:E8:76:3B:F8:7D:F3:C5:F1:51:EE:52:C8:C3:05:CB
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: 01856C6EE13E1720A4C74C5EAA8347AB8F5F
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/xUOvCDvodjv4ffPF8VHuUsjDBcs.roa
Signing time: Sun 01 Jan 2023 08:24:44 +0000
ROA not before: Sun 01 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35548
IP address blocks: 93.89.12.0/24 maxlen: 24
2a02:17f9::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Jan 2023 08:10:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e1:3e:17:20:a4:c7:4c:5e:aa:83:47:ab:8f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jan 1 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c543af083be8763bf87df3c5f151ee52c8c305cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d2:37:96:51:d3:98:2c:64:11:2b:b1:15:b4:
68:55:ad:a4:26:eb:84:6c:eb:36:1f:d2:74:ad:e3:
73:e4:42:d2:4c:3e:c8:65:39:b3:14:34:8c:e0:f9:
aa:7a:db:1a:6e:9a:48:01:a6:c3:00:c2:2a:4e:71:
c3:47:91:fa:65:e3:aa:6f:37:80:15:11:10:f8:61:
b8:34:2a:2d:fe:5d:62:f8:e3:e6:4a:69:0b:11:89:
d7:e1:f7:24:16:28:7f:c4:2b:ce:4a:e8:06:5f:f6:
69:17:08:76:6e:39:17:72:9c:26:e8:49:1e:5a:02:
03:8a:72:bc:51:af:b2:ff:65:e7:19:5c:0f:f6:2f:
7b:59:27:e0:ae:cd:13:55:59:66:66:d8:c3:2c:6f:
01:41:df:66:88:40:50:c5:ce:26:e6:c8:0b:56:72:
f6:70:f3:dd:e0:d3:fc:62:0e:09:9b:9f:f1:5d:bc:
38:bd:54:e8:9c:d3:7c:77:43:2a:e5:c1:46:b7:d5:
53:9e:00:38:ea:41:f8:59:15:27:7e:ab:5e:35:9b:
52:a8:fc:f6:56:b4:07:b7:8f:51:3e:10:2a:ab:b7:
f0:11:26:21:1e:20:3b:03:09:97:84:f2:b5:4b:4f:
f8:6c:c4:7c:d7:a0:d2:d4:d0:de:89:41:11:09:d0:
0e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:43:AF:08:3B:E8:76:3B:F8:7D:F3:C5:F1:51:EE:52:C8:C3:05:CB
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/xUOvCDvodjv4ffPF8VHuUsjDBcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.12.0/24
IPv6:
2a02:17f9::/32
Signature Algorithm: sha256WithRSAEncryption
7a:53:69:1c:c5:02:81:48:dc:e0:e1:47:af:9c:eb:25:8e:51:
0f:1c:4f:47:ec:03:5d:e2:95:0a:f0:8c:9d:66:3d:7f:49:11:
0a:10:4c:a4:97:9d:c6:38:e9:2b:54:a5:9e:6a:6d:11:58:aa:
a3:7e:84:6c:fa:f9:f6:f9:50:de:14:8f:39:fa:1f:ce:76:7e:
d9:d2:17:56:c7:8a:1a:33:49:07:11:03:ce:c6:a7:a3:85:2d:
94:08:b9:67:69:2b:58:da:2e:be:0f:9c:40:c0:c9:71:90:10:
fd:4e:cc:88:ab:43:16:ec:bc:fa:76:2c:7a:54:3b:e8:d9:bf:
1a:04:54:6d:b3:0b:0c:cb:c0:df:31:3d:27:a5:03:1b:f0:45:
05:2f:91:a4:70:b8:aa:a1:16:98:ee:39:a1:d1:e2:b7:ae:e7:
95:a9:98:74:08:0a:1b:3d:a1:ec:fe:8f:e1:40:c1:d7:37:75:
d7:dd:01:d5:4c:4d:f7:55:ca:50:84:66:92:8e:de:03:a1:4e:
52:e0:e6:80:49:3b:c0:ce:b7:6a:b9:2f:62:6d:06:ee:b5:70:
41:6f:e2:c4:ee:72:c4:54:07:4d:d5:bc:2b:e0:af:35:99:cd:
52:66:c0:c3:c7:be:ee:da:d8:c8:7c:ca:ab:53:12:3b:5d:65:
56:b2:bf:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsbuE+FyCkx0xeqoNHq49fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZWIwZWJkODc4Yjc3ZDQyZjJjYTlkZDA4ZjcwYzMyM2M1
ZDAzZGIwHhcNMjMwMTAxMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQzYWYwODNiZTg3NjNiZjg3ZGYzYzVmMTUxZWU1MmM4YzMwNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtI3llHTmCxkESuxFbRoVa2kJuuE
bOs2H9J0reNz5ELSTD7IZTmzFDSM4PmqetsabppIAabDAMIqTnHDR5H6ZeOqbzeA
FREQ+GG4NCot/l1i+OPmSmkLEYnX4fckFih/xCvOSugGX/ZpFwh2bjkXcpwm6Eke
WgIDinK8Ua+y/2XnGVwP9i97WSfgrs0TVVlmZtjDLG8BQd9miEBQxc4m5sgLVnL2
cPPd4NP8Yg4Jm5/xXbw4vVTonNN8d0Mq5cFGt9VTngA46kH4WRUnfqteNZtSqPz2
VrQHt49RPhAqq7fwESYhHiA7AwmXhPK1S0/4bMR816DS1NDeiUERCdAOPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVDrwg76HY7+H3zxfFR7lLIwwXLMB8GA1UdIwQY
MBaAFFzrDr2Hi3fULyyp3Qj3DDI8XQPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEt
OWMzNzQ3OGE1OTNmLzEveFVPdkNEdm9kanY0ZmZQRjhWSHVVc2pEQmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEtOWMzNzQ3OGE1OTNm
LzEvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXVkMMA0E
AgACMAcDBQAqAhf5MA0GCSqGSIb3DQEBCwUAA4IBAQB6U2kcxQKBSNzg4UevnOsl
jlEPHE9H7ANd4pUK8IydZj1/SREKEEykl53GOOkrVKWeam0RWKqjfoRs+vn2+VDe
FI85+h/Odn7Z0hdWx4oaM0kHEQPOxqejhS2UCLlnaStY2i6+D5xAwMlxkBD9TsyI
q0MW7Lz6dix6VDvo2b8aBFRtswsMy8DfMT0npQMb8EUFL5GkcLiqoRaY7jmh0eK3
rueVqZh0CAobPaHs/o/hQMHXN3XX3QHVTE33VcpQhGaSjt4DoU5S4OaASTvAzrdq
uS9ibQbutXBBb+LE7nLEVAdN1bwr4K81mc1SZsDDx77u2tjIfMqrUxI7XWVWsr9W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org