Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/XemZ-vSYR9m2d11p_sUwS5-4N-E.roa
File: XemZ-vSYR9m2d11p_sUwS5-4N-E.roa (raw, json)
Hash identifier: iOQI1OKAoUedwPsU5YuBGkGyH0KWhwwynH7XHSLWWU8=
Subject key identifier: 5D:E9:99:FA:F4:98:47:D9:B6:77:5D:69:FE:C5:30:4B:9F:B8:37:E1
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018D64F904B70EC32F8304CBDFC043DCC8E5
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/XemZ-vSYR9m2d11p_sUwS5-4N-E.roa
Signing time: Thu 01 Feb 2024 14:00:57 +0000
ROA not before: Thu 01 Feb 2024 14:00:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8897
IP address blocks: 62.164.144.0/21 maxlen: 21
2001:15e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Feb 2024 15:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:f9:04:b7:0e:c3:2f:83:04:cb:df:c0:43:dc:c8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 1 14:00:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de999faf49847d9b6775d69fec5304b9fb837e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:26:e2:16:75:82:3d:1d:bf:5b:42:34:01:
c0:59:57:78:1c:59:d9:76:2d:44:be:16:4a:43:a0:
ac:26:35:6a:20:e1:4d:18:34:ab:a6:da:c9:34:85:
86:0c:31:7c:28:bc:dc:46:4a:0f:6f:a1:9f:e3:f6:
ee:ba:72:22:29:f5:7b:aa:99:59:98:b8:dd:96:df:
2d:1f:ce:d7:1c:79:50:cd:1d:4b:d7:96:54:7d:81:
f5:51:e2:35:6e:2a:eb:a3:b6:a6:b7:aa:8b:92:93:
dd:63:05:3e:b6:dd:99:ab:f9:a3:f1:d8:66:43:f6:
da:80:06:28:f8:9f:72:25:78:bb:ee:e9:a8:e0:61:
7e:11:4f:38:a1:07:de:73:14:f8:9d:c1:93:2a:1d:
b8:f8:b1:fe:3c:2e:ce:88:fc:4a:f7:bb:f6:5a:b7:
71:26:5e:5c:0b:81:a5:f4:1b:f1:ce:5d:75:29:13:
94:dd:7a:57:26:be:79:61:b2:24:e2:96:61:dd:12:
f7:79:9f:5b:ad:fd:2e:8d:e3:4c:5b:ec:e6:42:1d:
b2:3f:15:19:3b:b5:9d:6f:4f:a5:e0:6a:39:df:3e:
f5:7d:ca:d6:34:67:e6:27:29:16:bb:c7:52:dd:bb:
2b:df:1f:09:89:80:20:57:e0:a8:0a:0a:77:6e:ac:
19:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:99:FA:F4:98:47:D9:B6:77:5D:69:FE:C5:30:4B:9F:B8:37:E1
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/XemZ-vSYR9m2d11p_sUwS5-4N-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.144.0/21
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
19:e6:c4:ff:30:a5:8e:dd:53:a7:3d:75:f0:80:3a:5e:2d:4c:
20:1f:0c:3e:0c:ee:7d:1c:58:6d:11:1c:3a:7c:b6:f2:af:57:
d9:69:7f:32:f9:40:da:8a:6c:b2:ab:e3:a7:58:28:13:ae:04:
8e:44:0b:6d:99:5d:37:77:b9:6a:97:b0:3b:06:48:29:f5:06:
42:7b:dc:17:b5:0f:2c:4b:18:b2:db:23:99:06:52:63:b0:d4:
89:d5:4b:86:24:c5:b9:24:ab:8d:a3:08:8b:51:39:4b:d9:9d:
4c:63:30:b1:cf:78:03:88:23:d5:07:81:1b:05:7c:a6:ba:bc:
2d:c4:e0:2b:13:9f:f6:e6:b2:9e:fb:16:2f:8c:79:ad:c1:fc:
db:7c:27:fa:6b:67:a8:1c:ad:b7:68:41:e9:ec:3f:6b:25:34:
2f:1f:2c:d9:11:8c:f1:5e:62:ed:2e:a1:24:e3:84:95:93:b7:
88:e1:ff:b2:8c:72:03:c9:da:ee:f1:dd:53:33:b9:d6:cf:be:
2f:c8:c6:53:15:8a:f4:d3:1c:b7:2a:6a:80:a5:4d:a7:c1:15:
e6:ca:aa:6c:14:80:0b:5e:36:93:78:25:4c:9c:35:75:bc:b3:
0d:d8:7d:fc:07:20:69:0a:9b:d1:5f:94:33:5e:30:00:07:25:
3e:b9:2c:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1k+QS3DsMvgwTL38BD3MjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjAxMTQwMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU5OTlmYWY0OTg0N2Q5YjY3NzVkNjlmZWM1MzA0YjlmYjgzN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3Ym4hZ1gj0dv1tCNAHAWVd4HFnZ
di1EvhZKQ6CsJjVqIOFNGDSrptrJNIWGDDF8KLzcRkoPb6Gf4/buunIiKfV7qplZ
mLjdlt8tH87XHHlQzR1L15ZUfYH1UeI1birro7amt6qLkpPdYwU+tt2Zq/mj8dhm
Q/bagAYo+J9yJXi77umo4GF+EU84oQfecxT4ncGTKh24+LH+PC7OiPxK97v2Wrdx
Jl5cC4Gl9Bvxzl11KROU3XpXJr55YbIk4pZh3RL3eZ9brf0ujeNMW+zmQh2yPxUZ
O7Wdb0+l4Go53z71fcrWNGfmJykWu8dS3bsr3x8JiYAgV+CoCgp3bqwZZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF3pmfr0mEfZtnddaf7FMEufuDfhMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvWGVtWi12U1lSOW0yZDExcF9zVXdTNS00Ti1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDPqSQMA0E
AgACMAcDBQAgARXgMA0GCSqGSIb3DQEBCwUAA4IBAQAZ5sT/MKWO3VOnPXXwgDpe
LUwgHww+DO59HFhtERw6fLbyr1fZaX8y+UDaimyyq+OnWCgTrgSORAttmV03d7lq
l7A7Bkgp9QZCe9wXtQ8sSxiy2yOZBlJjsNSJ1UuGJMW5JKuNowiLUTlL2Z1MYzCx
z3gDiCPVB4EbBXymurwtxOArE5/25rKe+xYvjHmtwfzbfCf6a2eoHK23aEHp7D9r
JTQvHyzZEYzxXmLtLqEk44SVk7eI4f+yjHIDydru8d1TM7nWz74vyMZTFYr00xy3
KmqApU2nwRXmyqpsFIALXjaTeCVMnDV1vLMN2H38ByBpCpvRX5QzXjAAByU+uSyR
-----END CERTIFICATE-----
Generated at Tue Feb 13 20:23:47 2024 by rpki-client on console-ams.rpki-client.org