Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/XKC4KyDERx_UsItbKllB5XfhzDU.roa
File: XKC4KyDERx_UsItbKllB5XfhzDU.roa (raw, json)
Hash identifier: OdJjjIpLX/bJOrlSipXiSRl6TkhJcFBye+0SsHG/Cdc=
Subject key identifier: 5C:A0:B8:2B:20:C4:47:1F:D4:B0:8B:5B:2A:59:41:E5:77:E1:CC:35
Certificate issuer: /CN=d9ad0d738c7af0359a0630365416440d01985ba2
Certificate serial: 01870468630C4F3EDCADC6CF34C543E6B696
Authority key identifier: D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/XKC4KyDERx_UsItbKllB5XfhzDU.roa
Signing time: Tue 21 Mar 2023 13:42:42 +0000
ROA not before: Tue 21 Mar 2023 13:42:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202877
IP address blocks: 185.251.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:68:63:0c:4f:3e:dc:ad:c6:cf:34:c5:43:e6:b6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ad0d738c7af0359a0630365416440d01985ba2
Validity
Not Before: Mar 21 13:42:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca0b82b20c4471fd4b08b5b2a5941e577e1cc35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:94:32:fc:6a:d9:ab:1b:75:65:c9:14:a6:
e1:b2:d7:6a:1b:46:d1:45:0d:7c:b3:2b:78:9d:5b:
21:a7:4d:9b:4b:9a:00:d2:1b:a6:09:67:74:94:b5:
96:2f:2a:ee:c4:d8:90:69:fe:a0:6a:f5:47:dd:26:
65:e4:0e:b6:83:96:fc:bb:ad:7b:e1:9a:a5:24:7c:
bf:52:46:ef:e1:6b:bf:29:2f:d8:9e:d7:ff:10:88:
cb:f9:51:e7:76:c7:3f:4c:cd:3b:69:dd:c3:c3:da:
66:0b:ca:31:0c:aa:00:74:e5:20:39:35:60:6f:13:
a5:cf:3c:7d:38:37:63:79:0c:50:71:08:18:0b:40:
76:d6:60:3a:31:27:63:c7:a2:98:4d:49:a6:68:81:
9f:22:1e:37:12:be:50:6b:dc:d8:9f:39:d4:27:51:
30:a5:09:bd:b4:2a:f1:2a:9b:c0:83:9c:7e:b2:51:
ae:b1:89:d6:ea:12:79:2a:bb:c8:51:bf:4a:7e:87:
7a:04:bc:cd:b4:7a:1a:35:6c:ab:71:1f:44:86:55:
3d:95:7f:53:6c:ba:03:f3:0a:17:ca:2c:55:cc:df:
98:52:b9:19:f3:56:19:a5:45:12:71:9f:7e:ae:fa:
18:47:c3:1e:4e:36:5f:3b:ff:aa:99:7c:5b:a3:6d:
8e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:B8:2B:20:C4:47:1F:D4:B0:8B:5B:2A:59:41:E5:77:E1:CC:35
X509v3 Authority Key Identifier:
keyid:D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/XKC4KyDERx_UsItbKllB5XfhzDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/2a0Nc4x68DWaBjA2VBZEDQGYW6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.14.0/24
Signature Algorithm: sha256WithRSAEncryption
91:52:e2:3a:e6:cd:0b:4f:c1:68:c7:d6:c8:93:66:ed:e8:7a:
12:91:e9:81:83:c9:52:2e:b2:fe:87:52:c3:05:33:d0:96:4c:
f1:37:fd:07:92:3b:e1:f1:61:0d:5d:e3:ec:d7:65:df:33:a5:
72:b8:84:7c:e1:df:ce:dd:62:59:c6:63:1d:65:8f:8f:c7:6d:
86:d9:aa:fc:bc:e0:9b:c6:87:2e:fc:c8:d1:99:00:48:6c:e2:
e9:0e:03:aa:11:a5:2d:a7:8c:d9:ba:d3:e8:9f:ef:3a:7c:39:
a0:dc:7e:7f:46:2a:e3:5b:c6:a6:f2:28:56:62:be:17:23:8c:
a9:be:97:20:22:16:06:fb:8c:ee:8a:4a:92:8e:a4:56:6d:f5:
99:a3:7f:53:59:9e:74:f9:a8:51:83:0a:55:b1:d2:1d:53:e0:
6e:9f:5e:a9:80:9f:4c:9a:86:02:97:18:a8:d3:bf:88:8c:18:
e4:9e:14:80:b9:b0:f9:71:79:0f:66:92:d8:5a:ed:dd:05:aa:
99:76:bd:18:f0:d2:e3:d9:7f:32:11:8b:ef:ee:e9:08:e3:ad:
40:00:db:1d:7b:2f:bc:a6:0d:65:d4:23:08:83:02:ff:ce:2a:
c8:3f:9e:1d:73:b1:61:c5:01:47:e3:9f:50:b2:57:92:9f:7d:
0b:e0:ac:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcEaGMMTz7crcbPNMVD5raWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWQwZDczOGM3YWYwMzU5YTA2MzAzNjU0MTY0NDBkMDE5
ODViYTIwHhcNMjMwMzIxMTM0MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EwYjgyYjIwYzQ0NzFmZDRiMDhiNWIyYTU5NDFlNTc3ZTFjYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqCUMvxq2asbdWXJFKbhstdqG0bR
RQ18syt4nVshp02bS5oA0humCWd0lLWWLyruxNiQaf6gavVH3SZl5A62g5b8u617
4ZqlJHy/Ukbv4Wu/KS/Yntf/EIjL+VHndsc/TM07ad3Dw9pmC8oxDKoAdOUgOTVg
bxOlzzx9ODdjeQxQcQgYC0B21mA6MSdjx6KYTUmmaIGfIh43Er5Qa9zYnznUJ1Ew
pQm9tCrxKpvAg5x+slGusYnW6hJ5KrvIUb9Kfod6BLzNtHoaNWyrcR9EhlU9lX9T
bLoD8woXyixVzN+YUrkZ81YZpUUScZ9+rvoYR8MeTjZfO/+qmXxbo22OmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyguCsgxEcf1LCLWypZQeV34cw1MB8GA1UdIwQY
MBaAFNmtDXOMevA1mgYwNlQWRA0BmFuiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUt
YjEzN2NmYjM3NDYzLzEvWEtDNEt5REVSeF9Vc0l0YktsbEI1WGZoekRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUtYjEzN2NmYjM3NDYz
LzEvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsOMA0G
CSqGSIb3DQEBCwUAA4IBAQCRUuI65s0LT8Fox9bIk2bt6HoSkemBg8lSLrL+h1LD
BTPQlkzxN/0Hkjvh8WENXePs12XfM6VyuIR84d/O3WJZxmMdZY+Px22G2ar8vOCb
xocu/MjRmQBIbOLpDgOqEaUtp4zZutPon+86fDmg3H5/RirjW8am8ihWYr4XI4yp
vpcgIhYG+4zuikqSjqRWbfWZo39TWZ50+ahRgwpVsdIdU+Bun16pgJ9MmoYClxio
07+IjBjknhSAubD5cXkPZpLYWu3dBaqZdr0Y8NLj2X8yEYvv7ukI461AANsdey+8
pg1l1CMIgwL/zirIP54dc7FhxQFH459QsleSn30L4Kyv
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:43 2024 by rpki-client on console-ams.rpki-client.org