Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eaf6ed-baf4-41bf-9f22-7d972e1d2e61/1/XC7hZHOp_gFJENxcomyyrgD3mDg.roa
File: XC7hZHOp_gFJENxcomyyrgD3mDg.roa (raw, json)
Hash identifier: Xad7CAE2t4Ra6jWoU2w0u+Ni3sX/ErN5WmEaMK0XBjQ=
Subject key identifier: 5C:2E:E1:64:73:A9:FE:01:49:10:DC:5C:A2:6C:B2:AE:00:F7:98:38
Certificate issuer: /CN=c5e3f7f40c100dffdb18121c726199e85804c585
Certificate serial: 01856B77B32277FB8497CAB7783C70A5EAB4
Authority key identifier: C5:E3:F7:F4:0C:10:0D:FF:DB:18:12:1C:72:61:99:E8:58:04:C5:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xeP39AwQDf_bGBIccmGZ6FgExYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eaf6ed-baf4-41bf-9f22-7d972e1d2e61/1/XC7hZHOp_gFJENxcomyyrgD3mDg.roa
Signing time: Sun 01 Jan 2023 03:54:44 +0000
ROA not before: Sun 01 Jan 2023 03:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41838
IP address blocks: 93.90.68.0/22 maxlen: 24
2a0d:3a40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:b3:22:77:fb:84:97:ca:b7:78:3c:70:a5:ea:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5e3f7f40c100dffdb18121c726199e85804c585
Validity
Not Before: Jan 1 03:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c2ee16473a9fe014910dc5ca26cb2ae00f79838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:71:30:74:27:f9:3f:e2:01:9a:bf:f4:ee:63:
54:02:e9:a9:fa:3a:97:ad:1b:f2:b5:fb:9d:30:75:
67:ab:2b:db:71:bf:ff:75:d3:ca:a0:3d:ae:f4:95:
6a:12:a2:4e:0b:b8:3c:79:9e:04:9d:e2:c1:0f:09:
1c:1e:7a:7c:ba:9c:83:ed:72:63:31:5a:8f:4a:64:
ec:23:d1:8e:1d:df:26:e8:df:ea:36:16:a3:35:0b:
be:97:38:b8:4a:7c:16:4e:99:62:70:bc:3b:f1:62:
5d:02:0c:f5:cd:e4:fd:5f:fd:c0:36:40:dc:e3:0d:
90:1b:15:4a:a5:27:ce:72:d0:fd:a6:21:bd:f7:d7:
00:2d:ab:e0:66:1f:69:91:7c:d5:79:1f:70:e9:56:
a8:3b:f3:b0:f9:a7:db:9a:16:a2:72:c0:3e:74:c9:
31:39:b5:02:13:9a:7c:15:38:af:e0:75:3b:2d:5b:
d0:2d:8a:62:a8:e2:8f:c6:7d:f9:d0:eb:35:fe:cd:
26:77:8d:ef:52:14:e2:2a:d3:29:0a:4e:47:eb:4f:
3e:0f:43:c4:e7:31:b4:ee:72:ac:d7:ac:92:39:e9:
1e:e5:72:36:29:45:6a:97:bd:ce:02:da:91:b5:26:
00:e8:6c:f5:be:57:2f:d3:8a:da:a0:c8:8a:92:76:
c3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2E:E1:64:73:A9:FE:01:49:10:DC:5C:A2:6C:B2:AE:00:F7:98:38
X509v3 Authority Key Identifier:
keyid:C5:E3:F7:F4:0C:10:0D:FF:DB:18:12:1C:72:61:99:E8:58:04:C5:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xeP39AwQDf_bGBIccmGZ6FgExYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eaf6ed-baf4-41bf-9f22-7d972e1d2e61/1/XC7hZHOp_gFJENxcomyyrgD3mDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eaf6ed-baf4-41bf-9f22-7d972e1d2e61/1/xeP39AwQDf_bGBIccmGZ6FgExYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.68.0/22
IPv6:
2a0d:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:bc:67:6e:04:8c:27:20:f9:56:f8:37:92:0d:8b:25:00:08:
b0:0e:79:2f:cf:c5:9f:23:75:45:ec:0e:6e:7c:f1:f2:2e:e5:
47:30:6b:b4:6b:98:8b:87:6c:8f:c3:e2:8f:30:5a:70:9c:ea:
b4:91:9d:03:d2:65:26:ff:9a:50:9e:67:b0:f3:a1:d1:56:29:
bb:a4:df:32:63:73:d3:c5:a2:56:76:28:ab:b4:bb:be:32:58:
5a:4b:5e:ec:6c:64:ed:d5:c5:a5:05:e9:89:d9:23:d2:e0:59:
80:3e:83:05:34:fd:60:fa:b8:c1:e8:b8:6a:3e:2a:d0:56:ad:
38:dc:3f:2d:f2:47:a3:d4:48:5c:e9:04:50:f3:3d:15:af:ac:
ff:9e:a0:38:95:3f:fb:c7:ca:ed:fc:9a:45:e1:03:53:f6:d2:
9c:8d:e5:55:60:a2:3a:fc:62:bd:5d:35:1a:85:7b:eb:93:97:
07:07:79:8a:61:b7:d0:36:ac:dd:2f:6b:41:26:cd:10:9a:c5:
71:5d:e7:a0:d8:af:9c:3c:a8:8a:f3:49:83:76:60:e4:14:ae:
a4:71:22:08:36:74:5f:0a:57:6a:42:b7:3c:e9:3c:6b:7e:a8:
cb:fc:19:60:db:88:1f:13:9a:bc:d1:4f:fe:54:53:f6:56:56:
a0:05:5e:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrd7Mid/uEl8q3eDxwpeq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZTNmN2Y0MGMxMDBkZmZkYjE4MTIxYzcyNjE5OWU4NTgw
NGM1ODUwHhcNMjMwMTAxMDM1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJlZTE2NDczYTlmZTAxNDkxMGRjNWNhMjZjYjJhZTAwZjc5ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXEwdCf5P+IBmr/07mNUAump+jqX
rRvytfudMHVnqyvbcb//ddPKoD2u9JVqEqJOC7g8eZ4EneLBDwkcHnp8upyD7XJj
MVqPSmTsI9GOHd8m6N/qNhajNQu+lzi4SnwWTplicLw78WJdAgz1zeT9X/3ANkDc
4w2QGxVKpSfOctD9piG999cALavgZh9pkXzVeR9w6VaoO/Ow+afbmhaicsA+dMkx
ObUCE5p8FTiv4HU7LVvQLYpiqOKPxn350Os1/s0md43vUhTiKtMpCk5H608+D0PE
5zG07nKs16ySOeke5XI2KUVql73OAtqRtSYA6Gz1vlcv04raoMiKknbDxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwu4WRzqf4BSRDcXKJssq4A95g4MB8GA1UdIwQY
MBaAFMXj9/QMEA3/2xgSHHJhmehYBMWFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGVQMzlBd1FEZl9iR0JJY2NtR1o2RmdFeFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYWY2ZWQtYmFmNC00MWJmLTlmMjIt
N2Q5NzJlMWQyZTYxLzEvWEM3aFpIT3BfZ0ZKRU54Y29teXlyZ0QzbURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYWY2ZWQtYmFmNC00MWJmLTlmMjItN2Q5NzJlMWQyZTYx
LzEveGVQMzlBd1FEZl9iR0JJY2NtR1o2RmdFeFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXVpEMA0E
AgACMAcDBQAqDTpAMA0GCSqGSIb3DQEBCwUAA4IBAQA6vGduBIwnIPlW+DeSDYsl
AAiwDnkvz8WfI3VF7A5ufPHyLuVHMGu0a5iLh2yPw+KPMFpwnOq0kZ0D0mUm/5pQ
nmew86HRVim7pN8yY3PTxaJWdiirtLu+MlhaS17sbGTt1cWlBemJ2SPS4FmAPoMF
NP1g+rjB6LhqPirQVq043D8t8kej1Ehc6QRQ8z0Vr6z/nqA4lT/7x8rt/JpF4QNT
9tKcjeVVYKI6/GK9XTUahXvrk5cHB3mKYbfQNqzdL2tBJs0QmsVxXeeg2K+cPKiK
80mDdmDkFK6kcSIINnRfCldqQrc86TxrfqjL/Blg24gfE5q80U/+VFP2VlagBV7E
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:27 2024 by rpki-client on console-ams.rpki-client.org