Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/XmCP3NyMFRpx2pDjAupR9kso7Pw.roa
File: XmCP3NyMFRpx2pDjAupR9kso7Pw.roa (raw, json)
Hash identifier: 3xdav7eW7cnIsmbh81+PVUV2qALfZw+qCPqO9sLG6ok=
Subject key identifier: 5E:60:8F:DC:DC:8C:15:1A:71:DA:90:E3:02:EA:51:F6:4B:28:EC:FC
Certificate issuer: /CN=e8393bd1305f6cc4439192119c605f44bbf09bc9
Certificate serial: 01872DD250EF5CE54BDCE5E4A1D9F4512E2C
Authority key identifier: E8:39:3B:D1:30:5F:6C:C4:43:91:92:11:9C:60:5F:44:BB:F0:9B:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Dk70TBfbMRDkZIRnGBfRLvwm8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/XmCP3NyMFRpx2pDjAupR9kso7Pw.roa
Signing time: Wed 29 Mar 2023 14:42:50 +0000
ROA not before: Wed 29 Mar 2023 14:42:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 185.135.12.0/23 maxlen: 24
2a06:efc0::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:d2:50:ef:5c:e5:4b:dc:e5:e4:a1:d9:f4:51:2e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8393bd1305f6cc4439192119c605f44bbf09bc9
Validity
Not Before: Mar 29 14:42:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e608fdcdc8c151a71da90e302ea51f64b28ecfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:72:98:78:ee:1d:e2:e1:05:e3:8c:46:20:
bb:2c:3e:32:34:b6:0e:10:0c:e2:b6:48:4c:43:3c:
4e:a1:66:a5:3e:ee:a2:b5:c0:36:2e:1d:23:99:70:
9b:80:77:a5:2c:b3:96:01:ee:b5:b6:9b:48:16:4d:
36:11:22:91:d4:71:e3:1d:ad:d0:93:d1:47:ce:e7:
85:f6:2b:4e:67:c9:89:ce:7a:63:77:48:25:d0:1f:
f9:39:ad:66:a7:c8:5d:17:96:44:c5:97:70:6e:5e:
76:c8:8d:2d:ca:5a:1a:9c:7c:94:b5:08:64:4d:30:
e5:2e:c5:f5:e8:b2:e5:8e:e9:a2:b1:e1:b7:51:cc:
ed:47:63:81:cf:be:65:37:05:a3:b6:e7:b0:db:4f:
62:65:9a:36:5c:02:ee:ec:d8:85:ee:68:38:36:f9:
a8:84:a2:bc:5c:ae:0f:50:0c:4d:61:98:b8:a5:6c:
5c:59:b3:6f:d6:49:f7:6b:de:36:b3:26:46:8d:2f:
6d:0c:de:93:37:81:fc:c3:5e:20:0f:da:4a:96:e0:
07:a3:24:3f:c1:fd:9b:1c:a1:b3:db:59:dd:bc:32:
0f:40:0b:d2:ea:0b:f3:16:47:c7:bc:5e:49:33:12:
c2:2d:5a:45:a5:39:27:fc:e7:1e:ef:a7:b8:6e:13:
5c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:60:8F:DC:DC:8C:15:1A:71:DA:90:E3:02:EA:51:F6:4B:28:EC:FC
X509v3 Authority Key Identifier:
keyid:E8:39:3B:D1:30:5F:6C:C4:43:91:92:11:9C:60:5F:44:BB:F0:9B:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Dk70TBfbMRDkZIRnGBfRLvwm8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/XmCP3NyMFRpx2pDjAupR9kso7Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/6Dk70TBfbMRDkZIRnGBfRLvwm8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.12.0/23
IPv6:
2a06:efc0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:61:ce:15:5b:37:db:23:1a:a1:a9:fa:8b:90:b2:d0:06:a3:
98:6b:9f:2a:d9:84:45:c4:4c:88:d6:a6:33:29:92:7f:bb:a5:
9a:61:16:fa:54:73:65:d6:74:69:20:40:e6:d3:f9:77:05:20:
f4:1d:d7:30:80:57:d6:cc:69:37:1f:31:75:1f:c7:5a:3b:6b:
24:b4:a5:5c:b7:fa:78:a3:37:95:59:3f:6b:a9:bf:ad:c1:c9:
5f:9a:2d:d0:e5:1a:97:19:6a:1b:91:ae:b9:a5:24:95:2d:4f:
19:fc:fd:00:ce:f9:b0:3e:1d:82:19:81:62:a1:ba:8f:03:6e:
b0:30:f9:ed:47:8f:75:d8:3f:78:ee:f8:7a:cc:c3:fb:fa:d6:
c2:c1:bd:25:5c:1d:7d:bc:44:5f:49:9c:c4:8a:b2:c7:87:55:
aa:88:6f:84:f1:62:31:27:8e:a0:fe:09:1e:bd:87:ea:3f:54:
38:6e:8c:ba:f6:7f:15:88:41:8e:8c:1e:a9:33:b8:49:86:24:
5d:3e:70:2e:cc:15:08:81:6b:d6:f6:19:51:91:d0:55:c6:a7:
68:81:6b:8b:78:6c:b4:58:a1:b1:21:3d:f0:70:c0:d8:5d:3f:
77:a6:b4:35:c4:83:59:0f:31:0c:a9:b1:1e:8f:a9:66:a2:44:
46:58:bd:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYct0lDvXOVL3OXkodn0US4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MzkzYmQxMzA1ZjZjYzQ0MzkxOTIxMTljNjA1ZjQ0YmJm
MDliYzkwHhcNMjMwMzI5MTQ0MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTYwOGZkY2RjOGMxNTFhNzFkYTkwZTMwMmVhNTFmNjRiMjhlY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApURymHjuHeLhBeOMRiC7LD4yNLYO
EAzitkhMQzxOoWalPu6itcA2Lh0jmXCbgHelLLOWAe61tptIFk02ESKR1HHjHa3Q
k9FHzueF9itOZ8mJznpjd0gl0B/5Oa1mp8hdF5ZExZdwbl52yI0tyloanHyUtQhk
TTDlLsX16LLljumiseG3UcztR2OBz75lNwWjtuew209iZZo2XALu7NiF7mg4Nvmo
hKK8XK4PUAxNYZi4pWxcWbNv1kn3a942syZGjS9tDN6TN4H8w14gD9pKluAHoyQ/
wf2bHKGz21ndvDIPQAvS6gvzFkfHvF5JMxLCLVpFpTkn/Oce76e4bhNcMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF5gj9zcjBUacdqQ4wLqUfZLKOz8MB8GA1UdIwQY
MBaAFOg5O9EwX2zEQ5GSEZxgX0S78JvJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkRrNzBUQmZiTVJEa1pJUm5HQmZSTHZ3bThrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NTgwMTEtNWRlMS00NjgwLTgyNTUt
YjA2ZmRhMDFmNDZjLzEvWG1DUDNOeU1GUnB4MnBEakF1cFI5a3NvN1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NTgwMTEtNWRlMS00NjgwLTgyNTUtYjA2ZmRhMDFmNDZj
LzEvNkRrNzBUQmZiTVJEa1pJUm5HQmZSTHZ3bThrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuYcMMA0E
AgACMAcDBQAqBu/AMA0GCSqGSIb3DQEBCwUAA4IBAQCKYc4VWzfbIxqhqfqLkLLQ
BqOYa58q2YRFxEyI1qYzKZJ/u6WaYRb6VHNl1nRpIEDm0/l3BSD0HdcwgFfWzGk3
HzF1H8daO2sktKVct/p4ozeVWT9rqb+twclfmi3Q5RqXGWobka65pSSVLU8Z/P0A
zvmwPh2CGYFiobqPA26wMPntR4912D947vh6zMP7+tbCwb0lXB19vERfSZzEirLH
h1WqiG+E8WIxJ46g/gkevYfqP1Q4boy69n8ViEGOjB6pM7hJhiRdPnAuzBUIgWvW
9hlRkdBVxqdogWuLeGy0WKGxIT3wcMDYXT93prQ1xINZDzEMqbEej6lmokRGWL2y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:19 2024 by rpki-client on console-ams.rpki-client.org