Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/XYo78zYPH_08aywF9bmWyp-29x4.roa
File: XYo78zYPH_08aywF9bmWyp-29x4.roa (raw, json)
Hash identifier: Pqla0iRDgJKnxc7kfDNb75Pb93r/qA0x+2VUSrQ8TzI=
Subject key identifier: 5D:8A:3B:F3:36:0F:1F:FD:3C:6B:2C:05:F5:B9:96:CA:9F:B6:F7:1E
Certificate issuer: /CN=af758e88feaf8d67059dc8787a2e5f31a06ac1e9
Certificate serial: 01856DDD4585BC7258748E85676B9F649ED1
Authority key identifier: AF:75:8E:88:FE:AF:8D:67:05:9D:C8:78:7A:2E:5F:31:A0:6A:C1:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3WOiP6vjWcFnch4ei5fMaBqwek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/XYo78zYPH_08aywF9bmWyp-29x4.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35413
IP address blocks: 91.195.181.0/24 maxlen: 24
91.195.180.0/24 maxlen: 24
193.239.253.0/24 maxlen: 24
193.239.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:45:85:bc:72:58:74:8e:85:67:6b:9f:64:9e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af758e88feaf8d67059dc8787a2e5f31a06ac1e9
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8a3bf3360f1ffd3c6b2c05f5b996ca9fb6f71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:60:42:8d:ea:17:45:18:9f:0f:52:30:b2:69:
c2:31:d8:5c:d1:10:29:45:e7:82:74:e4:ed:dc:3c:
34:cf:24:36:31:98:d2:4c:08:10:ba:15:04:78:e0:
bf:f7:96:15:bd:23:f6:f6:ba:7d:eb:d6:e9:04:89:
4a:f7:e2:d2:26:c6:92:4b:f6:af:36:a0:ae:a5:bd:
80:db:ce:eb:18:fc:c0:d7:4f:40:9a:22:7b:31:22:
4c:00:66:23:07:7f:26:c9:d0:67:e5:bc:4f:6b:be:
c9:ab:82:9e:26:11:06:3c:a2:dd:d8:09:66:ca:1f:
5a:db:5a:90:04:cc:c2:0c:cd:77:bd:34:a9:17:ff:
ca:dd:5d:8f:37:56:f5:5f:4f:bf:c7:b9:d6:72:9c:
ae:2b:93:40:f8:1e:23:1f:5e:27:a9:a5:11:42:35:
a8:b3:a6:4a:23:26:04:a8:56:91:c6:17:89:1f:ea:
db:8b:81:56:5e:0d:e5:38:ac:fc:86:16:74:40:59:
50:01:1f:f0:8d:56:b1:b5:bf:94:d2:e5:f2:d8:34:
6a:17:fb:73:29:60:b2:3e:98:7a:01:9f:6c:a3:b1:
24:44:82:c1:6c:a7:a4:e0:31:de:4a:cd:06:8e:2d:
fb:a7:63:26:97:21:88:d6:e9:aa:37:5d:17:bf:80:
70:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8A:3B:F3:36:0F:1F:FD:3C:6B:2C:05:F5:B9:96:CA:9F:B6:F7:1E
X509v3 Authority Key Identifier:
keyid:AF:75:8E:88:FE:AF:8D:67:05:9D:C8:78:7A:2E:5F:31:A0:6A:C1:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3WOiP6vjWcFnch4ei5fMaBqwek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/XYo78zYPH_08aywF9bmWyp-29x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/r3WOiP6vjWcFnch4ei5fMaBqwek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.180.0/23
193.239.252.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:8b:b9:45:1a:1c:fe:a1:d3:fe:eb:99:7e:b1:1f:6a:9b:59:
76:41:1d:0d:f4:51:58:d0:0e:79:71:98:4a:89:00:f0:f6:10:
33:3f:53:35:87:5f:3a:e3:4b:34:de:8a:91:5e:0c:5a:fb:4c:
52:74:9b:6c:bc:28:70:bc:72:8f:35:ea:68:c2:09:71:02:dc:
72:1e:0e:d7:46:72:fb:98:73:a5:da:27:ce:d9:24:2a:de:a6:
59:ee:7f:ea:33:d0:fd:6c:da:01:2a:ae:8f:32:bb:c4:70:78:
ae:ed:34:cd:3d:36:dd:81:67:7f:87:52:7f:c5:50:69:75:20:
ea:e8:be:48:9e:76:5e:58:c4:3c:a4:87:e2:4c:89:d0:a9:2d:
c3:3e:72:62:10:65:94:58:2a:53:9f:4e:34:a4:80:d8:a8:76:
ae:5b:82:71:80:cc:6c:60:aa:f7:1f:f2:fe:7f:11:c9:10:07:
af:08:3e:e1:5a:45:d4:96:99:e5:3d:d2:ad:13:98:1a:c0:f0:
9a:8e:84:48:f2:7d:56:94:45:a0:dd:85:c0:a3:b9:14:24:7d:
f4:b4:0e:fc:23:8d:2e:20:59:64:66:89:15:f4:c3:22:7a:0a:
a7:f9:7c:dc:af:9a:a1:2a:f0:44:38:c4:5f:bf:c9:e6:b7:e6:
e2:a2:c2:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3UWFvHJYdI6FZ2ufZJ7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzU4ZTg4ZmVhZjhkNjcwNTlkYzg3ODdhMmU1ZjMxYTA2
YWMxZTkwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhhM2JmMzM2MGYxZmZkM2M2YjJjMDVmNWI5OTZjYTlmYjZmNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2BCjeoXRRifD1IwsmnCMdhc0RAp
ReeCdOTt3Dw0zyQ2MZjSTAgQuhUEeOC/95YVvSP29rp969bpBIlK9+LSJsaSS/av
NqCupb2A287rGPzA109AmiJ7MSJMAGYjB38mydBn5bxPa77Jq4KeJhEGPKLd2Alm
yh9a21qQBMzCDM13vTSpF//K3V2PN1b1X0+/x7nWcpyuK5NA+B4jH14nqaURQjWo
s6ZKIyYEqFaRxheJH+rbi4FWXg3lOKz8hhZ0QFlQAR/wjVaxtb+U0uXy2DRqF/tz
KWCyPph6AZ9so7EkRILBbKek4DHeSs0Gji37p2MmlyGI1umqN10Xv4BwjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF2KO/M2Dx/9PGssBfW5lsqftvceMB8GA1UdIwQY
MBaAFK91joj+r41nBZ3IeHouXzGgasHpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNXT2lQNnZqV2NGbmNoNGVpNWZNYUJxd2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81NThjMzktNzUxMC00YjYzLWFhNTct
MWUyMjMwZGYwNzQ2LzEvWFlvNzh6WVBIXzA4YXl3RjlibVd5cC0yOXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81NThjMzktNzUxMC00YjYzLWFhNTctMWUyMjMwZGYwNzQ2
LzEvcjNXT2lQNnZqV2NGbmNoNGVpNWZNYUJxd2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8O0AwQB
we/8MA0GCSqGSIb3DQEBCwUAA4IBAQA7i7lFGhz+odP+65l+sR9qm1l2QR0N9FFY
0A55cZhKiQDw9hAzP1M1h18640s03oqRXgxa+0xSdJtsvChwvHKPNepowglxAtxy
Hg7XRnL7mHOl2ifO2SQq3qZZ7n/qM9D9bNoBKq6PMrvEcHiu7TTNPTbdgWd/h1J/
xVBpdSDq6L5InnZeWMQ8pIfiTInQqS3DPnJiEGWUWCpTn040pIDYqHauW4JxgMxs
YKr3H/L+fxHJEAevCD7hWkXUlpnlPdKtE5gawPCajoRI8n1WlEWg3YXAo7kUJH30
tA78I40uIFlkZokV9MMiegqn+Xzcr5qhKvBEOMRfv8nmt+biosIU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:34 2024 by rpki-client on console-fra.rpki-client.org