Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/XZjgbiThEhaSx8VxnU2TUBxrmkc.roa
File: XZjgbiThEhaSx8VxnU2TUBxrmkc.roa (raw, json)
Hash identifier: KUvnQ6T3pLjR7z7cRKWtSeHQhcIe3TYvg1tToqXR6Lw=
Subject key identifier: 5D:98:E0:6E:24:E1:12:16:92:C7:C5:71:9D:4D:93:50:1C:6B:9A:47
Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Certificate serial: 01856DEF7AEE504406F4ABF5D2523D183C3D
Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/XZjgbiThEhaSx8VxnU2TUBxrmkc.roa
Signing time: Sun 01 Jan 2023 15:24:49 +0000
ROA not before: Sun 01 Jan 2023 15:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209907
IP address blocks: 2a0f:ca00:8002::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:7a:ee:50:44:06:f4:ab:f5:d2:52:3d:18:3c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Validity
Not Before: Jan 1 15:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d98e06e24e1121692c7c5719d4d93501c6b9a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:1c:22:ac:2f:fc:1b:1d:aa:24:f6:90:5c:
b6:ac:c4:22:20:75:8b:7a:40:60:72:6f:80:7b:23:
29:21:f7:22:4b:74:72:ff:2e:14:f0:30:89:ac:78:
78:2d:fb:91:99:a6:05:5b:44:d6:8b:a9:7a:73:b3:
d4:dd:ba:f6:41:bf:1b:fd:66:4f:0b:26:ab:7b:1d:
86:3b:b2:dc:a4:7f:5d:b5:d2:3b:d9:23:58:7d:b0:
af:0f:ff:06:46:16:85:66:a6:ec:8d:a0:5f:31:29:
40:c5:73:fe:3b:31:18:19:b9:fb:32:58:f4:55:4d:
2d:f7:d5:bf:e2:ee:b8:67:11:d6:0e:3b:45:24:83:
fb:f1:65:36:6d:ed:9f:c3:e8:30:2d:2f:d0:73:04:
f5:88:d4:08:5d:5c:ca:8a:31:1b:68:33:51:65:d8:
77:1f:92:e8:42:03:1c:58:ea:f5:dd:02:26:ff:52:
18:dc:b4:24:46:98:05:70:67:f4:3a:10:99:68:e8:
8e:b3:e8:29:89:d2:e7:0e:97:e0:67:6f:3c:10:52:
cc:25:c9:de:4b:d7:77:cd:c3:68:ae:22:0e:33:0a:
b8:9c:3f:ee:0d:5d:3a:d6:22:77:57:78:e5:f3:dd:
28:4c:60:2e:84:69:92:de:11:a3:ee:28:0c:f0:b4:
76:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:98:E0:6E:24:E1:12:16:92:C7:C5:71:9D:4D:93:50:1C:6B:9A:47
X509v3 Authority Key Identifier:
keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/XZjgbiThEhaSx8VxnU2TUBxrmkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca00:8002::/48
Signature Algorithm: sha256WithRSAEncryption
19:72:f8:77:25:47:44:d2:a1:d9:6c:70:b1:ff:d0:98:97:88:
78:28:e3:ba:65:a6:93:4d:d2:36:8c:33:04:91:bc:61:26:10:
99:35:09:80:4a:4d:b8:22:ab:27:27:41:62:48:42:dc:f5:9b:
7f:40:e5:58:58:8e:1f:22:ba:5a:58:c8:de:12:05:74:16:5f:
58:4d:bd:f0:71:8a:2f:a3:38:ce:43:e4:b3:49:b7:6d:50:c3:
fe:58:c5:f8:38:dc:f5:17:b0:db:bf:9b:b4:b2:58:7b:92:09:
29:f0:19:fe:db:04:2a:cf:79:20:9e:a7:9b:1d:a7:22:1c:7f:
5c:f9:48:f5:92:72:9e:45:b2:b1:6d:8c:eb:8a:29:d7:3d:96:
4f:95:64:e6:4a:31:d4:4c:cb:67:31:c7:a8:e0:a9:22:e2:6a:
59:c2:7d:51:66:2e:07:e0:10:57:2f:bb:37:14:9a:99:d6:85:
db:88:95:92:66:79:42:5a:8c:fd:9d:8f:82:0a:a9:fa:aa:9b:
1e:d0:f4:1e:b6:c0:71:5e:c0:25:8b:db:3f:b7:37:18:46:d4:
32:1a:a9:60:3c:5e:1b:e0:5f:c6:f8:4d:ea:d4:ff:8e:30:8f:
80:c4:6e:8f:68:fd:6e:71:a4:5a:c1:67:dc:a0:f1:5d:86:8b:
28:bd:cc:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt73ruUEQG9Kv10lI9GDw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4
ZmUzY2EwHhcNMjMwMTAxMTUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk4ZTA2ZTI0ZTExMjE2OTJjN2M1NzE5ZDRkOTM1MDFjNmI5YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRYcIqwv/BsdqiT2kFy2rMQiIHWL
ekBgcm+AeyMpIfciS3Ry/y4U8DCJrHh4LfuRmaYFW0TWi6l6c7PU3br2Qb8b/WZP
Cyarex2GO7LcpH9dtdI72SNYfbCvD/8GRhaFZqbsjaBfMSlAxXP+OzEYGbn7Mlj0
VU0t99W/4u64ZxHWDjtFJIP78WU2be2fw+gwLS/QcwT1iNQIXVzKijEbaDNRZdh3
H5LoQgMcWOr13QIm/1IY3LQkRpgFcGf0OhCZaOiOs+gpidLnDpfgZ288EFLMJcne
S9d3zcNoriIOMwq4nD/uDV061iJ3V3jl890oTGAuhGmS3hGj7igM8LR21QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF2Y4G4k4RIWksfFcZ1Nk1Aca5pHMB8GA1UdIwQY
MBaAFCrdQ4p848s3nyjPoFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUt
MjBhMGQxMzBjNDU2LzEvWFpqZ2JpVGhFaGFTeDhWeG5VMlRVQnhybWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2
LzEvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/KAIAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAZcvh3JUdE0qHZbHCx/9CYl4h4KOO6ZaaTTdI2
jDMEkbxhJhCZNQmASk24IqsnJ0FiSELc9Zt/QOVYWI4fIrpaWMjeEgV0Fl9YTb3w
cYovozjOQ+SzSbdtUMP+WMX4ONz1F7Dbv5u0slh7kgkp8Bn+2wQqz3kgnqebHaci
HH9c+Uj1knKeRbKxbYzriinXPZZPlWTmSjHUTMtnMceo4Kki4mpZwn1RZi4H4BBX
L7s3FJqZ1oXbiJWSZnlCWoz9nY+CCqn6qpse0PQetsBxXsAli9s/tzcYRtQyGqlg
PF4b4F/G+E3q1P+OMI+AxG6PaP1ucaRawWfcoPFdhosovcy7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:52 2024 by rpki-client on console-ams.rpki-client.org