Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xXK_c1ZH16u8eNOUUb1Y-0lqT3o.roa
File: xXK_c1ZH16u8eNOUUb1Y-0lqT3o.roa (raw, json)
Hash identifier: IoNqp0PXj7QEP6NyuZeUHB9rtrI4GupUBSnk5ljzrto=
Subject key identifier: C5:72:BF:73:56:47:D7:AB:BC:78:D3:94:51:BD:58:FB:49:6A:4F:7A
Certificate issuer: /CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
Certificate serial: 01856EEFE05A19289D222C0905FA60A46FFE
Authority key identifier: C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xXK_c1ZH16u8eNOUUb1Y-0lqT3o.roa
Signing time: Sun 01 Jan 2023 20:04:52 +0000
ROA not before: Sun 01 Jan 2023 20:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1715
IP address blocks: 141.115.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e0:5a:19:28:9d:22:2c:09:05:fa:60:a4:6f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
Validity
Not Before: Jan 1 20:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c572bf735647d7abbc78d39451bd58fb496a4f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:96:86:28:b3:ab:d2:12:05:56:a2:e7:fd:7c:
02:d7:2c:52:45:c2:96:45:a9:68:68:f2:44:b2:df:
e1:8a:5d:56:31:74:bc:ab:02:56:4d:c8:37:10:97:
e9:90:f7:6e:a4:72:3f:72:da:a1:a6:98:fa:fd:85:
49:66:aa:70:a2:71:fa:7a:9e:08:36:a6:5b:b5:a0:
78:e4:1b:94:a4:bf:44:6b:07:c9:bb:a2:20:fe:18:
91:20:dc:5e:17:39:87:42:8b:ff:2d:c6:c4:be:2e:
fb:8b:ba:d4:91:91:9e:b5:6e:a4:c8:2d:7b:71:86:
f4:bc:bf:7e:80:d4:10:87:6c:a3:ca:1e:3e:87:ba:
4a:44:5f:e7:05:ce:f6:cc:50:6c:00:84:e1:35:31:
9e:5e:9b:68:1d:a1:c2:aa:4d:83:db:bc:aa:6f:a2:
5a:d0:a7:87:ed:dc:b3:b7:aa:a4:89:fa:67:53:f4:
c8:16:fc:21:23:35:0f:c8:68:d1:b7:54:96:4f:66:
e7:7a:cc:06:98:f8:50:ee:b8:87:41:82:52:5e:b7:
ab:95:9a:2e:de:d2:e5:f3:16:c4:9d:8e:e8:e0:83:
58:ee:fe:ea:b1:f7:33:9d:ae:6e:de:88:47:73:df:
7a:1e:2c:5d:9a:7c:ec:63:7b:b6:2e:3a:49:d3:82:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:72:BF:73:56:47:D7:AB:BC:78:D3:94:51:BD:58:FB:49:6A:4F:7A
X509v3 Authority Key Identifier:
keyid:C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xXK_c1ZH16u8eNOUUb1Y-0lqT3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xaH7W7wvqFcePV-MrkGWqNfpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.115.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:e6:57:16:7d:2b:74:3f:d6:5f:85:d8:e3:44:07:5e:b3:10:
81:97:f7:da:32:06:25:b2:bd:08:42:71:c7:07:aa:1a:20:63:
d9:9e:6f:28:32:51:3b:db:fd:66:2a:df:86:c6:17:89:e1:16:
15:f5:fc:72:a9:5e:f9:e8:17:a1:b6:c0:24:2e:f0:b9:2e:c8:
22:dc:d5:aa:54:a9:dc:82:20:55:d3:f0:ae:69:9c:6e:c2:4a:
e7:4a:0d:a0:7c:77:98:3e:d3:73:7e:9d:1a:04:40:7e:f0:d0:
ab:25:94:c5:13:16:58:00:b7:16:45:eb:ae:4f:e5:f9:5e:ab:
06:3e:d4:0a:51:33:c6:a1:fb:c9:0c:1f:49:e6:33:0e:38:4d:
40:82:28:ae:2b:75:4e:7d:c3:89:66:a9:4a:fd:c1:6c:4d:03:
41:c7:f1:72:c1:6e:2d:35:b4:68:80:b8:f8:2d:8f:d1:4e:b8:
80:4c:ac:ab:28:ed:13:d6:4a:5e:34:62:b0:d7:68:5a:eb:9d:
86:e8:98:85:22:bf:33:97:97:54:d2:69:4a:a5:50:8b:ed:89:
40:3d:00:ba:d3:75:fc:f5:b1:bd:b6:e9:5a:22:e1:17:a5:09:
28:5a:13:a4:11:c4:17:fb:bf:ed:3c:fd:9c:27:53:e0:09:8a:
8a:d3:17:7b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVu7+BaGSidIiwJBfpgpG/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTFmYjViYmMyZmE4NTcxZTNkNWY4Y2FlNDE5NmE4ZDdl
OTZjMzUwHhcNMjMwMTAxMjAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTcyYmY3MzU2NDdkN2FiYmM3OGQzOTQ1MWJkNThmYjQ5NmE0ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZaGKLOr0hIFVqLn/XwC1yxSRcKW
RaloaPJEst/hil1WMXS8qwJWTcg3EJfpkPdupHI/ctqhppj6/YVJZqpwonH6ep4I
NqZbtaB45BuUpL9EawfJu6Ig/hiRINxeFzmHQov/LcbEvi77i7rUkZGetW6kyC17
cYb0vL9+gNQQh2yjyh4+h7pKRF/nBc72zFBsAIThNTGeXptoHaHCqk2D27yqb6Ja
0KeH7dyzt6qkifpnU/TIFvwhIzUPyGjRt1SWT2bneswGmPhQ7riHQYJSXrerlZou
3tLl8xbEnY7o4INY7v7qsfczna5u3ohHc996HixdmnzsY3u2LjpJ04KH9wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMVyv3NWR9ervHjTlFG9WPtJak96MB8GA1UdIwQY
MBaAFMWh+1u8L6hXHj1fjK5BlqjX6Ww1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFIN1c3d3ZxRmNlUFYtTXJrR1dxTmZwYkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kZWI3MGQtMWZmZC00ZGEwLWEwOTct
ZDhhMGI0MWY0NmU4LzEveFhLX2MxWkgxNnU4ZU5PVVViMVktMGxxVDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kZWI3MGQtMWZmZC00ZGEwLWEwOTctZDhhMGI0MWY0NmU4
LzEveGFIN1c3d3ZxRmNlUFYtTXJrR1dxTmZwYkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjXMwDQYJ
KoZIhvcNAQELBQADggEBAJXmVxZ9K3Q/1l+F2ONEB16zEIGX99oyBiWyvQhCcccH
qhogY9mebygyUTvb/WYq34bGF4nhFhX1/HKpXvnoF6G2wCQu8LkuyCLc1apUqdyC
IFXT8K5pnG7CSudKDaB8d5g+03N+nRoEQH7w0KsllMUTFlgAtxZF665P5fleqwY+
1ApRM8ah+8kMH0nmMw44TUCCKK4rdU59w4lmqUr9wWxNA0HH8XLBbi01tGiAuPgt
j9FOuIBMrKso7RPWSl40YrDXaFrrnYbomIUivzOXl1TSaUqlUIvtiUA9ALrTdfz1
sb226Voi4RelCShaE6QRxBf7v+08/ZwnU+AJiorTF3s=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:24 2024 by rpki-client on console-ams.rpki-client.org