Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Xzoh7wFXkFnF5eMv5NmHOSL4bN0.roa
File: Xzoh7wFXkFnF5eMv5NmHOSL4bN0.roa (raw, json)
Hash identifier: y5AgwdFz5CjihOUqXCfHidVfZwPwJo+jCA+QaCE6hwU=
Subject key identifier: 5F:3A:21:EF:01:57:90:59:C5:E5:E3:2F:E4:D9:87:39:22:F8:6C:DD
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 01856BD37A73F708AB9E681784A4D9ECEE24
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Xzoh7wFXkFnF5eMv5NmHOSL4bN0.roa
Signing time: Sun 01 Jan 2023 05:34:59 +0000
ROA not before: Sun 01 Jan 2023 05:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47292
IP address blocks: 217.23.98.0/24 maxlen: 24
217.23.96.0/24 maxlen: 24
217.23.97.0/24 maxlen: 24
217.23.102.0/24 maxlen: 24
217.23.100.0/24 maxlen: 24
217.23.101.0/24 maxlen: 24
217.23.105.0/24 maxlen: 24
217.23.99.0/24 maxlen: 24
217.23.103.0/24 maxlen: 24
217.23.104.0/24 maxlen: 24
217.23.108.0/24 maxlen: 24
217.23.109.0/24 maxlen: 24
217.23.107.0/24 maxlen: 24
217.23.106.0/24 maxlen: 24
217.23.110.0/24 maxlen: 24
217.23.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:7a:73:f7:08:ab:9e:68:17:84:a4:d9:ec:ee:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Jan 1 05:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f3a21ef01579059c5e5e32fe4d9873922f86cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:f3:2a:bd:46:63:b6:29:6b:e3:03:e5:f8:
9d:4b:9c:af:fc:3a:bc:94:15:13:76:eb:40:1c:10:
14:67:54:72:c9:4b:0f:a0:3a:e3:f3:a7:5a:c8:35:
2f:35:47:bf:a6:94:bf:84:b8:bd:18:83:ea:83:ac:
e7:76:12:48:99:2b:eb:f5:77:95:9e:5d:3c:95:a0:
8c:da:25:ab:78:c9:42:d2:e2:70:67:6c:6b:f2:71:
b9:b3:0a:83:6f:fb:15:c1:d0:1b:b7:bd:34:ab:93:
64:b5:8f:49:7c:35:25:82:63:47:f5:7d:71:af:a8:
26:19:5e:14:ff:38:89:a1:ad:4b:94:60:04:0c:b9:
a0:a6:21:1c:d7:cd:6e:71:79:61:cd:8b:28:18:9a:
fb:63:06:ab:1a:b6:b8:60:c0:89:e7:e4:5f:59:7e:
85:55:7f:17:8c:17:a6:67:c3:b8:a5:3f:a3:18:29:
06:11:41:8b:f7:01:36:70:b6:5d:1a:7f:c0:70:2b:
2d:ca:1c:e7:60:75:4a:1a:2f:58:56:46:d1:cf:c6:
a2:e2:59:61:0e:84:8f:f3:38:2f:a5:46:0a:77:52:
77:c2:58:8a:ea:c2:f4:92:63:84:7d:d5:b9:f7:bf:
f1:4f:04:a2:2e:41:76:f8:02:a8:dc:7a:04:3b:93:
cc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3A:21:EF:01:57:90:59:C5:E5:E3:2F:E4:D9:87:39:22:F8:6C:DD
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Xzoh7wFXkFnF5eMv5NmHOSL4bN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
56:5c:97:d7:cb:a2:6c:d8:26:f1:fc:c4:fc:3f:2e:da:3b:20:
c5:4e:3a:3b:6f:00:14:b1:8b:e1:e1:f5:da:85:23:08:12:99:
fb:ce:bb:a7:11:f0:7d:76:66:b3:bb:d4:71:79:e3:55:72:bb:
93:d9:69:c5:53:8f:39:03:fc:75:5a:aa:56:c7:12:a6:47:22:
43:93:74:98:81:40:6e:05:3f:fa:c8:f7:52:4f:e2:84:a1:0b:
ec:b5:95:1b:01:70:fc:2e:aa:0f:a7:d2:2b:4d:77:24:1b:a9:
61:1e:de:16:6b:c4:13:9e:ad:94:36:a8:fe:68:31:98:54:83:
b8:2e:00:c6:81:b2:aa:b3:ce:ca:0e:6d:33:9b:dc:b6:b1:b0:
52:57:c6:6e:49:5a:71:b8:9f:c7:db:fb:31:29:10:33:da:3f:
94:46:86:40:aa:64:47:34:7e:a0:be:6f:9a:6f:b0:ad:05:f5:
a0:d5:41:19:52:49:85:96:33:fe:84:f4:c9:1b:9a:9f:c6:9b:
14:47:cc:77:4d:08:42:b0:00:e5:ac:59:2e:9d:ab:03:36:3e:
81:db:ae:00:a1:52:cb:7a:27:59:75:d7:86:ae:5c:14:5c:d0:
8d:a2:b4:ba:fd:19:62:2a:2b:ff:32:b1:3d:51:bd:4a:f5:99:
d0:64:cb:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr03pz9wirnmgXhKTZ7O4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjMwMTAxMDUzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNhMjFlZjAxNTc5MDU5YzVlNWUzMmZlNGQ5ODczOTIyZjg2Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJLzKr1GY7Ypa+MD5fidS5yv/Dq8
lBUTdutAHBAUZ1RyyUsPoDrj86dayDUvNUe/ppS/hLi9GIPqg6zndhJImSvr9XeV
nl08laCM2iWreMlC0uJwZ2xr8nG5swqDb/sVwdAbt700q5NktY9JfDUlgmNH9X1x
r6gmGV4U/ziJoa1LlGAEDLmgpiEc181ucXlhzYsoGJr7YwarGra4YMCJ5+RfWX6F
VX8XjBemZ8O4pT+jGCkGEUGL9wE2cLZdGn/AcCstyhznYHVKGi9YVkbRz8ai4llh
DoSP8zgvpUYKd1J3wliK6sL0kmOEfdW597/xTwSiLkF2+AKo3HoEO5PMBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF86Ie8BV5BZxeXjL+TZhzki+GzdMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvWHpvaDd3RlhrRm5GNWVNdjVObUhPU0w0Yk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjItMTQ3MGJjY2VlYjFi
LzEvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBWXJfXy6Js2Cbx/MT8Py7aOyDFTjo7bwAUsYvh4fXa
hSMIEpn7zrunEfB9dmazu9RxeeNVcruT2WnFU485A/x1WqpWxxKmRyJDk3SYgUBu
BT/6yPdST+KEoQvstZUbAXD8LqoPp9IrTXckG6lhHt4Wa8QTnq2UNqj+aDGYVIO4
LgDGgbKqs87KDm0zm9y2sbBSV8ZuSVpxuJ/H2/sxKRAz2j+URoZAqmRHNH6gvm+a
b7CtBfWg1UEZUkmFljP+hPTJG5qfxpsUR8x3TQhCsADlrFkunasDNj6B264AoVLL
eidZddeGrlwUXNCNorS6/RliKiv/MrE9Ub1K9ZnQZMtt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:27 2024 by rpki-client on console-ams.rpki-client.org