Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/XyTXC6o1f0rEVpFtU7t2maKMrsI.roa
File: XyTXC6o1f0rEVpFtU7t2maKMrsI.roa (raw, json)
Hash identifier: uBz6IAUK0EDELpHA/3ESOM+OhxvkXe5X0DImxsw9h38=
Subject key identifier: 5F:24:D7:0B:AA:35:7F:4A:C4:56:91:6D:53:BB:76:99:A2:8C:AE:C2
Certificate issuer: /CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Certificate serial: 01856E78D610AA5E707AB6016B6B9953B8D9
Authority key identifier: 91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/XyTXC6o1f0rEVpFtU7t2maKMrsI.roa
Signing time: Sun 01 Jan 2023 17:54:50 +0000
ROA not before: Sun 01 Jan 2023 17:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209835
IP address blocks: 2.59.232.0/24 maxlen: 24
2.59.232.0/22 maxlen: 22
2.59.233.0/24 maxlen: 24
2.59.234.0/24 maxlen: 24
2.59.235.0/24 maxlen: 24
2a09:fc40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d6:10:aa:5e:70:7a:b6:01:6b:6b:99:53:b8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Validity
Not Before: Jan 1 17:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f24d70baa357f4ac456916d53bb7699a28caec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:8c:d8:db:fc:9a:79:76:a0:a1:38:7b:38:
0b:a1:b0:f8:7f:10:1d:60:8e:c4:4b:c5:4f:ea:d7:
dc:b1:69:0a:ae:2e:2d:de:19:fd:d8:97:7e:61:94:
f5:74:d2:cc:77:18:78:7c:00:7b:3a:99:cd:fb:64:
84:ff:92:bb:64:38:e9:5a:c3:58:f1:01:8d:36:3d:
83:f1:cc:83:58:46:80:ed:e0:b8:e7:8e:78:ac:2f:
47:be:ec:79:39:79:96:e7:ba:07:31:ba:71:e7:4d:
34:f8:f5:09:2d:cc:78:2e:d1:45:b1:70:c9:5b:16:
f8:f3:8c:7f:76:07:56:a0:d4:5f:57:d1:b0:e4:7f:
58:74:18:ef:b7:db:61:0d:a0:15:59:bf:ac:42:e5:
27:92:f2:f4:45:ee:25:fc:55:11:86:da:2d:4d:b4:
91:cc:d2:cf:94:d1:e5:b1:a3:06:c1:3b:53:4f:8d:
79:65:f9:d9:53:6c:a4:ac:74:77:3f:ce:3a:65:14:
43:f9:65:47:24:8e:b1:6c:f9:53:89:bb:d8:93:2c:
1a:f9:b9:32:00:19:20:24:c1:62:c1:33:34:e2:d1:
04:f7:28:27:c9:c6:47:36:56:8a:61:fb:af:4d:28:
7b:ea:8b:a8:a6:97:08:3a:a5:64:0d:e1:56:9d:c8:
0b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:24:D7:0B:AA:35:7F:4A:C4:56:91:6D:53:BB:76:99:A2:8C:AE:C2
X509v3 Authority Key Identifier:
keyid:91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/XyTXC6o1f0rEVpFtU7t2maKMrsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.232.0/22
IPv6:
2a09:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
44:3a:71:7b:25:95:b0:6e:70:b3:5c:04:12:44:7a:9a:a8:74:
87:79:20:c5:2a:b9:76:3d:9f:c2:2e:c1:db:e0:43:d2:22:2b:
39:79:1c:ec:3a:e5:31:06:f3:49:6b:e8:0c:b3:33:ca:62:f8:
21:72:7d:b1:d9:75:62:02:4e:b5:c3:2e:f8:3e:18:7c:55:61:
35:26:ca:01:a8:d8:32:34:e1:26:ec:f7:f7:08:4e:c5:a3:40:
da:ec:73:02:c7:06:a5:bf:81:0a:e1:bc:c3:b8:8b:22:05:8c:
2a:08:c5:16:46:85:a6:c2:b0:78:61:06:c9:d1:0b:c0:a6:e5:
e9:ad:5f:cf:ec:40:9e:6f:ad:1e:a7:c3:6f:b5:06:98:dc:2e:
9e:7b:96:2a:7d:82:b9:e0:ca:b3:86:8d:39:b1:54:5e:17:f9:
b4:a9:db:83:9d:cd:f2:f5:ec:ed:78:99:78:91:36:4a:e5:05:
cf:09:66:c2:74:4c:ef:ee:dc:ea:dd:6b:ed:74:8f:85:c7:99:
39:a4:9d:a8:fe:63:6e:22:6b:d2:13:dc:6b:da:61:72:1f:7c:
df:ea:56:2b:fd:aa:03:4d:71:43:de:a4:17:c6:08:66:69:7d:
d6:5e:f2:af:b0:47:87:90:32:56:4d:a7:fa:d4:b1:a8:19:0e:
d9:1b:a0:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueNYQql5werYBa2uZU7jZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjNmNWQ2ZjQzZTgzMDcxZmE3N2U2ZDNlYmJiNzkzNTJm
OTYxYjUwHhcNMjMwMTAxMTc1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI0ZDcwYmFhMzU3ZjRhYzQ1NjkxNmQ1M2JiNzY5OWEyOGNhZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRWM2Nv8mnl2oKE4ezgLobD4fxAd
YI7ES8VP6tfcsWkKri4t3hn92Jd+YZT1dNLMdxh4fAB7OpnN+2SE/5K7ZDjpWsNY
8QGNNj2D8cyDWEaA7eC45454rC9Hvux5OXmW57oHMbpx5000+PUJLcx4LtFFsXDJ
Wxb484x/dgdWoNRfV9Gw5H9YdBjvt9thDaAVWb+sQuUnkvL0Re4l/FURhtotTbSR
zNLPlNHlsaMGwTtTT415ZfnZU2ykrHR3P846ZRRD+WVHJI6xbPlTibvYkywa+bky
ABkgJMFiwTM04tEE9ygnycZHNlaKYfuvTSh76ouoppcIOqVkDeFWncgLywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF8k1wuqNX9KxFaRbVO7dpmijK7CMB8GA1UdIwQY
MBaAFJGz9db0PoMHH6d+bT67t5NS+WG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgt
YjJjZDRlNTgxMDBlLzEvWHlUWEM2bzFmMHJFVnBGdFU3dDJtYUtNcnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgtYjJjZDRlNTgxMDBl
LzEva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjvoMA0E
AgACMAcDBQMqCfxAMA0GCSqGSIb3DQEBCwUAA4IBAQBEOnF7JZWwbnCzXAQSRHqa
qHSHeSDFKrl2PZ/CLsHb4EPSIis5eRzsOuUxBvNJa+gMszPKYvghcn2x2XViAk61
wy74Phh8VWE1JsoBqNgyNOEm7Pf3CE7Fo0Da7HMCxwalv4EK4bzDuIsiBYwqCMUW
RoWmwrB4YQbJ0QvApuXprV/P7ECeb60ep8NvtQaY3C6ee5YqfYK54Mqzho05sVRe
F/m0qduDnc3y9ezteJl4kTZK5QXPCWbCdEzv7tzq3WvtdI+Fx5k5pJ2o/mNuImvS
E9xr2mFyH3zf6lYr/aoDTXFD3qQXxghmaX3WXvKvsEeHkDJWTaf61LGoGQ7ZG6BI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:51 2024 by rpki-client on console-ams.rpki-client.org