Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/XWHUVB_JBHxcWyQHl2XBW0Lk_S4.roa
File: XWHUVB_JBHxcWyQHl2XBW0Lk_S4.roa (raw, json)
Hash identifier: DqgiiT5mxh+XIYpkxFvubWdHZUQIKc9FbfAEUkiaSiE=
Subject key identifier: 5D:61:D4:54:1F:C9:04:7C:5C:5B:24:07:97:65:C1:5B:42:E4:FD:2E
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0185724C8D3DEA265253015D161EA348474B
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/XWHUVB_JBHxcWyQHl2XBW0Lk_S4.roa
Signing time: Mon 02 Jan 2023 11:44:57 +0000
ROA not before: Mon 02 Jan 2023 11:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 19:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:8d:3d:ea:26:52:53:01:5d:16:1e:a3:48:47:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 11:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d61d4541fc9047c5c5b24079765c15b42e4fd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a5:30:85:a1:e9:9b:36:b3:75:fc:d2:64:41:
d6:01:4b:5d:7e:9f:dd:60:58:d8:14:2f:e9:50:84:
8e:18:55:44:4b:b3:51:0a:54:bb:d8:16:79:ab:42:
fc:ca:61:31:0c:25:b2:e7:13:d1:5f:6a:f2:ac:48:
85:20:c6:c8:01:3f:af:f6:aa:55:47:42:45:0e:19:
e4:ec:5d:8b:86:19:12:07:c5:03:a1:85:a4:3b:5d:
9d:24:02:ca:66:d8:81:61:3c:a5:1d:e0:f3:50:b7:
4a:94:07:68:b7:dc:c0:55:5e:73:67:6f:dd:f6:83:
5b:74:95:ef:47:af:a0:3d:1c:7d:bc:59:dd:cb:4f:
e9:13:43:75:ac:dd:ab:58:f0:92:22:ec:ee:28:de:
95:9c:2f:da:83:ee:29:b8:19:06:a0:86:d2:50:dd:
e7:ae:37:9c:6e:dc:1a:f7:8c:dc:8d:11:37:01:2e:
de:91:9a:64:e4:58:ec:0e:8a:31:6e:33:86:33:57:
7b:cc:dc:6c:d6:02:d8:dd:fd:fa:6d:00:23:19:dc:
4d:68:f8:d1:47:55:9b:0e:97:44:2d:e3:7f:f1:76:
34:0c:24:21:76:02:69:86:b1:77:06:d5:fd:67:38:
e4:1a:6e:98:08:dc:ae:c1:dc:51:f8:c4:ca:62:63:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:61:D4:54:1F:C9:04:7C:5C:5B:24:07:97:65:C1:5B:42:E4:FD:2E
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/XWHUVB_JBHxcWyQHl2XBW0Lk_S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c9:69:a9:fe:2c:7d:a7:9a:9e:ad:1f:a5:94:d0:d1:19:5b:
a3:9a:76:32:db:61:37:96:47:e5:d7:08:f1:6d:f1:ea:0a:ba:
14:2a:00:62:bd:66:83:0c:5f:10:5f:04:2d:32:fb:1b:1d:f9:
24:d8:d5:ba:75:79:7f:71:da:8a:18:04:65:b6:8a:b5:46:13:
00:2f:13:d0:57:7c:02:0b:61:70:fd:84:60:6e:6c:00:ae:ff:
6b:fb:16:1d:07:ed:d0:4f:5b:50:51:96:ea:c8:25:37:24:db:
79:c4:4d:48:a5:cf:f8:d7:f5:b0:a3:7e:aa:d8:8b:5e:a5:1f:
f2:d2:00:05:14:f3:9c:4e:e3:d5:0e:a1:b3:61:a9:3e:ae:d2:
8c:32:9b:cf:d4:97:ce:a0:8c:7a:db:ba:12:d3:a3:d0:f1:79:
26:ec:52:aa:02:3f:a8:ec:27:22:e0:9c:8d:91:6d:5f:0d:0b:
3e:4e:ff:3d:2b:87:d9:53:22:b7:b9:92:3e:7c:fa:1b:65:9f:
d1:f5:d2:13:a1:0e:84:5a:c0:21:8b:48:da:7f:01:dc:0f:4e:
50:2f:a1:46:bf:07:94:bf:0e:d9:78:c9:66:30:58:31:9b:64:
3c:a0:ac:81:fd:98:6e:6b:01:67:8f:08:b6:0e:a1:84:ed:bd:
ce:a2:34:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTI096iZSUwFdFh6jSEdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwMTAyMTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYxZDQ1NDFmYzkwNDdjNWM1YjI0MDc5NzY1YzE1YjQyZTRmZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6UwhaHpmzazdfzSZEHWAUtdfp/d
YFjYFC/pUISOGFVES7NRClS72BZ5q0L8ymExDCWy5xPRX2ryrEiFIMbIAT+v9qpV
R0JFDhnk7F2LhhkSB8UDoYWkO12dJALKZtiBYTylHeDzULdKlAdot9zAVV5zZ2/d
9oNbdJXvR6+gPRx9vFndy0/pE0N1rN2rWPCSIuzuKN6VnC/ag+4puBkGoIbSUN3n
rjecbtwa94zcjRE3AS7ekZpk5FjsDooxbjOGM1d7zNxs1gLY3f36bQAjGdxNaPjR
R1WbDpdELeN/8XY0DCQhdgJphrF3BtX9ZzjkGm6YCNyuwdxR+MTKYmPgnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1h1FQfyQR8XFskB5dlwVtC5P0uMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvWFdIVVZCX0pCSHhjV3lRSGwyWEJXMExrX1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQA0yWmp/ix9p5qerR+llNDRGVujmnYy22E3lkfl1wjx
bfHqCroUKgBivWaDDF8QXwQtMvsbHfkk2NW6dXl/cdqKGARltoq1RhMALxPQV3wC
C2Fw/YRgbmwArv9r+xYdB+3QT1tQUZbqyCU3JNt5xE1Ipc/41/Wwo36q2ItepR/y
0gAFFPOcTuPVDqGzYak+rtKMMpvP1JfOoIx627oS06PQ8Xkm7FKqAj+o7Cci4JyN
kW1fDQs+Tv89K4fZUyK3uZI+fPobZZ/R9dIToQ6EWsAhi0jafwHcD05QL6FGvweU
vw7ZeMlmMFgxm2Q8oKyB/ZhuawFnjwi2DqGE7b3OojRD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org