Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa
File: XZXjMGJYhXyc2uhUJmWsNkADmqA.roa (raw, json)
Hash identifier: jZwdjihLfiw6YIOZpS3R3m+wDwlWPfIcIeFU5RpgGAc=
Subject key identifier: 5D:95:E3:30:62:58:85:7C:9C:DA:E8:54:26:65:AC:36:40:03:9A:A0
Certificate issuer: /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial: 018A65BEF4E3ECA28DF8D7D52164EAF84748
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa
Signing time: Tue 05 Sep 2023 14:28:47 +0000
ROA not before: Tue 05 Sep 2023 14:28:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.155.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:be:f4:e3:ec:a2:8d:f8:d7:d5:21:64:ea:f8:47:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Validity
Not Before: Sep 5 14:28:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d95e3306258857c9cdae8542665ac3640039aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:32:32:40:4c:ba:e4:f5:e9:f9:59:71:ab:f8:
ad:e5:cd:bd:b7:e4:1f:5a:5e:f4:8e:65:64:48:64:
6e:0b:4e:8b:75:bc:73:2a:84:90:d1:36:f8:f2:2d:
9e:ee:5a:ed:8c:09:d6:0c:fc:c0:5c:ed:89:6d:96:
c3:49:d3:e9:42:f6:e7:7c:ef:af:2b:bd:f3:61:cc:
35:6c:85:ef:46:56:69:b5:81:27:04:f1:82:51:46:
de:c3:7b:88:3e:3d:5b:2c:b7:4a:7f:ff:0d:97:6b:
26:3a:16:b3:b1:7e:16:ee:2b:65:c2:15:3f:b8:e3:
32:06:c6:9c:88:aa:2a:fb:d6:e1:cd:c4:dd:c3:ab:
2a:6c:9c:45:ed:59:5b:0d:94:b1:d7:f4:52:20:a7:
63:8b:eb:87:be:c9:c7:fe:44:4d:2f:27:c9:0d:b2:
00:f2:e5:10:a3:e1:1b:45:70:d0:32:27:c5:08:66:
cd:9d:cf:4f:da:10:ee:c2:69:0c:ab:f0:2f:ce:1b:
dd:fa:74:8e:1d:2a:d1:fb:1c:fe:d0:ef:50:e2:6f:
1a:70:b0:06:03:d4:47:32:2f:3b:c9:ec:7d:46:72:
c0:fb:41:44:4d:44:89:4a:46:d2:51:9d:39:9d:56:
58:09:96:12:f6:ea:bf:1c:97:9e:6a:79:bb:c0:c8:
ad:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:95:E3:30:62:58:85:7C:9C:DA:E8:54:26:65:AC:36:40:03:9A:A0
X509v3 Authority Key Identifier:
keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.235.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:82:41:44:9d:26:b1:a2:6a:c8:d8:57:c3:ca:18:7d:0a:0d:
9a:3d:05:b3:ab:26:31:ff:31:56:e1:5e:34:f0:d7:88:72:81:
ec:d3:74:d2:a5:01:e0:e1:48:b4:a8:a3:30:64:37:d7:57:da:
e9:50:58:ec:39:c2:97:09:cd:ee:f9:6c:5d:9b:4c:07:07:51:
0b:dc:a9:1f:52:d3:91:0f:d6:c3:45:f2:f6:26:7c:b7:a5:15:
31:7a:bf:ff:c7:c3:9d:28:e6:f3:f3:79:f8:8d:74:85:f4:18:
fb:9f:e8:28:bd:8e:94:e7:b1:28:b5:52:ce:30:3c:b3:5a:a1:
43:18:6e:e1:5a:2b:4e:d2:ba:df:79:3b:e3:f2:f2:05:48:1d:
35:de:36:16:9e:72:42:43:48:ac:6d:15:c6:95:23:bb:c4:85:
6c:89:30:e1:07:bc:07:69:b9:03:de:c4:b8:6e:9c:b0:2f:72:
8c:08:0c:ce:f5:76:7c:ab:29:da:b6:7d:3a:56:24:a5:06:63:
14:3f:0b:95:a7:c3:98:3e:ba:7d:73:cf:37:90:c3:95:9f:05:
2f:e7:0f:9b:a2:a9:0c:89:e1:7b:4b:e7:d4:3c:35:43:c5:21:
3c:22:de:68:ed:a8:56:ef:ee:8c:cb:b1:11:c5:ee:1c:d1:e1:
ed:50:39:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYplvvTj7KKN+NfVIWTq+EdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjMwOTA1MTQyODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk1ZTMzMDYyNTg4NTdjOWNkYWU4NTQyNjY1YWMzNjQwMDM5YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jIyQEy65PXp+Vlxq/it5c29t+Qf
Wl70jmVkSGRuC06LdbxzKoSQ0Tb48i2e7lrtjAnWDPzAXO2JbZbDSdPpQvbnfO+v
K73zYcw1bIXvRlZptYEnBPGCUUbew3uIPj1bLLdKf/8Nl2smOhazsX4W7itlwhU/
uOMyBsaciKoq+9bhzcTdw6sqbJxF7VlbDZSx1/RSIKdji+uHvsnH/kRNLyfJDbIA
8uUQo+EbRXDQMifFCGbNnc9P2hDuwmkMq/Avzhvd+nSOHSrR+xz+0O9Q4m8acLAG
A9RHMi87yex9RnLA+0FETUSJSkbSUZ05nVZYCZYS9uq/HJeeanm7wMit+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2V4zBiWIV8nNroVCZlrDZAA5qgMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvWFpYak1HSlloWHljMnVoVUptV3NOa0FEbXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvrMA0G
CSqGSIb3DQEBCwUAA4IBAQAagkFEnSaxomrI2FfDyhh9Cg2aPQWzqyYx/zFW4V40
8NeIcoHs03TSpQHg4Ui0qKMwZDfXV9rpUFjsOcKXCc3u+Wxdm0wHB1EL3KkfUtOR
D9bDRfL2Jny3pRUxer//x8OdKObz83n4jXSF9Bj7n+govY6U57EotVLOMDyzWqFD
GG7hWitO0rrfeTvj8vIFSB013jYWnnJCQ0isbRXGlSO7xIVsiTDhB7wHabkD3sS4
bpywL3KMCAzO9XZ8qynatn06ViSlBmMUPwuVp8OYPrp9c883kMOVnwUv5w+boqkM
ieF7S+fUPDVDxSE8It5o7ahW7+6My7ERxe4c0eHtUDlq
-----END CERTIFICATE-----
Generated at Tue Sep 12 15:47:18 2023 by rpki-client on console-ams.rpki-client.org