Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/XFEx7CybrHdtHhMTL3hONew7znY.roa
File: XFEx7CybrHdtHhMTL3hONew7znY.roa (raw, json)
Hash identifier: Kg7gwADkO75GbUAQJHfxbi6N+mzvnLWeJXXDh4DGC9w=
Subject key identifier: 5C:51:31:EC:2C:9B:AC:77:6D:1E:13:13:2F:78:4E:35:EC:3B:CE:76
Certificate issuer: /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial: 018CC649F40775A16D704018916A8CB4D6C9
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/XFEx7CybrHdtHhMTL3hONew7znY.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61424
IP address blocks: 2.56.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f4:07:75:a1:6d:70:40:18:91:6a:8c:b4:d6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c5131ec2c9bac776d1e13132f784e35ec3bce76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:33:a3:35:b7:0c:07:ed:43:0c:b2:a0:ae:62:
19:07:12:58:4c:bc:4f:60:c0:71:bd:0f:56:a2:53:
08:29:8f:a1:4e:ac:2c:86:b7:1c:46:2a:de:3a:8a:
a1:88:30:d0:79:0f:d2:3d:b1:d5:5b:63:5a:44:62:
fc:d9:1a:86:32:48:2e:12:93:a6:c7:ea:dd:70:fb:
fd:b9:2d:32:fe:4e:76:90:b3:f9:fc:7d:d7:26:05:
49:81:ae:22:ba:20:22:56:a5:e0:04:aa:8c:c5:fc:
49:10:5a:b5:41:ef:b0:82:ea:a8:7e:c5:9f:e6:67:
24:5b:05:94:5c:37:a5:2f:a5:65:ad:72:13:25:8f:
56:35:31:b5:de:d1:e0:f3:0f:49:c9:ae:76:84:93:
ae:c0:f8:95:9a:07:0a:5a:5c:eb:a9:ab:77:6f:6d:
eb:29:c1:62:81:c1:19:c7:ce:bd:a5:26:12:7d:b3:
e3:53:f3:8a:36:68:37:03:1a:ef:6e:65:ea:11:3a:
35:95:ea:6d:14:38:74:ef:bc:aa:5d:39:7e:ac:76:
68:f2:86:96:3d:97:83:85:4a:dc:5b:2b:f6:2e:7f:
f0:11:7e:e9:e4:ea:e5:8a:0c:04:c8:c9:12:49:6b:
86:55:d8:7c:ad:ca:b9:9b:59:85:b4:bd:ef:60:51:
a3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:51:31:EC:2C:9B:AC:77:6D:1E:13:13:2F:78:4E:35:EC:3B:CE:76
X509v3 Authority Key Identifier:
keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/XFEx7CybrHdtHhMTL3hONew7znY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.89.0/24
Signature Algorithm: sha256WithRSAEncryption
37:39:a4:a1:71:e4:a9:8d:a3:cd:7a:d1:69:46:e4:3a:9a:3c:
cb:9f:fd:58:e8:6f:24:92:70:e2:19:06:8d:60:7c:db:98:ff:
3e:a8:94:34:98:15:cd:b4:4f:4f:82:04:53:78:75:8c:92:fd:
2f:f0:90:07:4c:0c:4f:b5:b8:26:39:e5:0e:7b:ae:31:ee:40:
61:39:d6:0e:f5:1e:ca:14:6a:8d:6a:03:50:af:43:8e:a0:5c:
18:9d:c0:ff:bf:5f:44:34:6f:64:43:09:ae:40:a3:fd:e9:c7:
fa:b3:12:63:a7:48:fd:f3:02:f7:ea:78:4f:81:5e:9e:5d:6d:
ac:16:13:4c:be:3a:5d:e4:ea:d1:31:1e:bf:b3:97:53:ec:74:
7a:1e:39:38:00:dd:04:8e:13:0c:f8:97:95:d5:9d:40:85:e0:
76:09:08:98:4b:84:1f:41:a0:cd:d3:e2:1d:cd:db:f9:c5:b6:
5d:f2:3a:cd:e0:55:ad:bf:18:f5:7d:75:15:05:88:a4:b6:d3:
82:10:a3:c4:59:9e:75:f3:a9:c9:03:f7:b1:39:0c:c3:0f:24:
62:13:79:7e:bd:49:34:16:dc:29:91:e2:7b:b8:64:e2:ed:58:
34:e6:cd:e2:23:2d:20:e1:65:f1:5d:11:f0:47:52:3c:ff:5d:
be:91:31:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSfQHdaFtcEAYkWqMtNbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzUxMzFlYzJjOWJhYzc3NmQxZTEzMTMyZjc4NGUzNWVjM2JjZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozOjNbcMB+1DDLKgrmIZBxJYTLxP
YMBxvQ9WolMIKY+hTqwshrccRireOoqhiDDQeQ/SPbHVW2NaRGL82RqGMkguEpOm
x+rdcPv9uS0y/k52kLP5/H3XJgVJga4iuiAiVqXgBKqMxfxJEFq1Qe+wguqofsWf
5mckWwWUXDelL6VlrXITJY9WNTG13tHg8w9Jya52hJOuwPiVmgcKWlzrqat3b23r
KcFigcEZx869pSYSfbPjU/OKNmg3AxrvbmXqETo1leptFDh077yqXTl+rHZo8oaW
PZeDhUrcWyv2Ln/wEX7p5OrligwEyMkSSWuGVdh8rcq5m1mFtL3vYFGjlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxRMewsm6x3bR4TEy94TjXsO852MB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvWEZFeDdDeWJySGR0SGhNVEwzaE9OZXc3em5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjhZMA0G
CSqGSIb3DQEBCwUAA4IBAQA3OaShceSpjaPNetFpRuQ6mjzLn/1Y6G8kknDiGQaN
YHzbmP8+qJQ0mBXNtE9PggRTeHWMkv0v8JAHTAxPtbgmOeUOe64x7kBhOdYO9R7K
FGqNagNQr0OOoFwYncD/v19ENG9kQwmuQKP96cf6sxJjp0j98wL36nhPgV6eXW2s
FhNMvjpd5OrRMR6/s5dT7HR6Hjk4AN0EjhMM+JeV1Z1AheB2CQiYS4QfQaDN0+Id
zdv5xbZd8jrN4FWtvxj1fXUVBYikttOCEKPEWZ5186nJA/exOQzDDyRiE3l+vUk0
FtwpkeJ7uGTi7Vg05s3iIy0g4WXxXRHwR1I8/12+kTFs
-----END CERTIFICATE-----
Generated at Wed Jan 10 13:54:59 2024 by rpki-client on console-ams.rpki-client.org