Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/xhZhrKPR_1rj6jSQ8_C1Y2VREOg.roa
File: xhZhrKPR_1rj6jSQ8_C1Y2VREOg.roa (raw, json)
Hash identifier: YKKk+4jDFJUObSdWf9pOwYSySNtxR3QpUbBkn2YykZs=
Subject key identifier: C6:16:61:AC:A3:D1:FF:5A:E3:EA:34:90:F3:F0:B5:63:65:51:10:E8
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 018571BA09DC4CE304188A1A7DF2463E2883
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/xhZhrKPR_1rj6jSQ8_C1Y2VREOg.roa
Signing time: Mon 02 Jan 2023 09:04:55 +0000
ROA not before: Mon 02 Jan 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203875
IP address blocks: 2a00:4cc5::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:09:dc:4c:e3:04:18:8a:1a:7d:f2:46:3e:28:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jan 2 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c61661aca3d1ff5ae3ea3490f3f0b563655110e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:e1:e8:3e:a1:b4:ba:9e:af:fa:c7:bd:f0:
ad:06:e1:3d:bf:64:02:51:c2:54:74:7e:62:e9:78:
9c:c8:1b:c3:57:87:a3:20:8d:ad:93:e1:24:af:30:
ac:0b:ee:27:b9:0f:da:89:f0:9c:eb:82:3e:a2:29:
cf:c1:86:22:f5:dd:33:3b:c2:3a:1f:ea:50:1c:a9:
40:a7:ca:e5:be:4f:af:c7:35:b2:95:25:e4:0d:7f:
9b:40:20:ac:9f:61:00:71:e2:f7:70:76:0b:e8:00:
a9:9f:1a:26:1e:79:75:7c:ef:02:33:85:6a:0f:64:
6a:b2:0e:83:b8:63:3b:7d:f8:74:fb:2c:d0:fa:61:
5f:a8:ba:58:d4:3f:ef:ce:e0:30:b8:96:7c:ea:6a:
e1:92:b4:34:90:0a:11:8e:03:7d:03:f0:33:01:23:
24:39:ed:60:74:64:25:34:d5:2b:77:89:dd:50:61:
7d:c9:72:15:4f:46:ec:6d:c0:9d:57:e5:16:73:0d:
ea:66:a7:e8:be:c8:66:6e:7e:7c:47:38:7c:7b:64:
89:d6:b3:29:d1:6c:8a:d6:47:0c:6b:24:54:da:1c:
e6:04:e8:b0:90:30:02:d1:a9:77:d4:9c:6c:27:30:
6f:f9:4f:51:85:1a:65:90:3d:27:7d:23:2d:52:7a:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:16:61:AC:A3:D1:FF:5A:E3:EA:34:90:F3:F0:B5:63:65:51:10:E8
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/xhZhrKPR_1rj6jSQ8_C1Y2VREOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4cc5::/32
Signature Algorithm: sha256WithRSAEncryption
08:a5:89:97:a1:ad:44:64:53:c3:07:53:91:7a:ac:83:29:53:
d0:55:b9:28:13:f0:cf:3e:cf:7a:eb:da:a4:bc:96:fa:66:4a:
a2:85:f6:f7:50:f3:8b:97:f6:f2:01:b6:3f:c2:e5:e5:84:f8:
29:13:28:5b:a3:73:26:b5:d1:fb:f2:0b:aa:df:2f:3a:1e:64:
df:5a:d2:75:66:b1:ab:cd:1b:60:ad:ed:e9:a2:51:c5:a2:f1:
51:ac:23:1b:d7:5a:d3:41:8f:13:96:98:4c:21:47:61:33:5a:
af:da:58:31:f4:2f:c3:bc:36:21:14:e4:00:96:4b:fc:06:9f:
64:39:ef:f9:3c:e9:b0:42:91:07:9b:61:96:21:e4:ad:05:c5:
af:91:c1:fe:0d:9f:0a:36:d5:3c:fe:c2:b0:03:a7:b1:91:3b:
c1:e1:35:e3:4e:66:95:c0:2d:1e:54:0c:3b:57:44:10:91:7a:
02:56:9f:7e:69:1a:ab:50:4a:6f:fb:94:bd:f0:df:4a:75:86:
89:b4:a3:c6:6a:bc:d8:50:03:23:da:72:6f:e8:75:8f:e7:db:
6a:9e:e4:b1:90:3e:57:78:6c:ca:15:01:4d:21:b5:b4:64:09:
c3:76:c8:52:48:29:a5:c3:98:58:73:70:50:89:ae:a2:92:34:
3c:9e:fb:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxugncTOMEGIoaffJGPiiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjMwMTAyMDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE2NjFhY2EzZDFmZjVhZTNlYTM0OTBmM2YwYjU2MzY1NTExMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMXh6D6htLqer/rHvfCtBuE9v2QC
UcJUdH5i6XicyBvDV4ejII2tk+EkrzCsC+4nuQ/aifCc64I+oinPwYYi9d0zO8I6
H+pQHKlAp8rlvk+vxzWylSXkDX+bQCCsn2EAceL3cHYL6ACpnxomHnl1fO8CM4Vq
D2Rqsg6DuGM7ffh0+yzQ+mFfqLpY1D/vzuAwuJZ86mrhkrQ0kAoRjgN9A/AzASMk
Oe1gdGQlNNUrd4ndUGF9yXIVT0bsbcCdV+UWcw3qZqfovshmbn58Rzh8e2SJ1rMp
0WyK1kcMayRU2hzmBOiwkDAC0al31JxsJzBv+U9RhRplkD0nfSMtUnqDcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMYWYayj0f9a4+o0kPPwtWNlURDoMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEveGhaaHJLUFJfMXJqNmpTUThfQzFZMlZSRU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBMxTAN
BgkqhkiG9w0BAQsFAAOCAQEACKWJl6GtRGRTwwdTkXqsgylT0FW5KBPwzz7Peuva
pLyW+mZKooX291Dzi5f28gG2P8Ll5YT4KRMoW6NzJrXR+/ILqt8vOh5k31rSdWax
q80bYK3t6aJRxaLxUawjG9da00GPE5aYTCFHYTNar9pYMfQvw7w2IRTkAJZL/Aaf
ZDnv+TzpsEKRB5thliHkrQXFr5HB/g2fCjbVPP7CsAOnsZE7weE1405mlcAtHlQM
O1dEEJF6Alaffmkaq1BKb/uUvfDfSnWGibSjxmq82FADI9pyb+h1j+fbap7ksZA+
V3hsyhUBTSG1tGQJw3bIUkgppcOYWHNwUImuopI0PJ77DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org