Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xBUvnMxWu1OCRtuE-1L1Fh3P5FE.roa
File: xBUvnMxWu1OCRtuE-1L1Fh3P5FE.roa (raw, json)
Hash identifier: Wl9/wWpXbtoecMRje4FsF+5mS3THCSfydJAunAQNOsI=
Subject key identifier: C4:15:2F:9C:CC:56:BB:53:82:46:DB:84:FB:52:F5:16:1D:CF:E4:51
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 01857335C427E161D528BB83AEBAE115722B
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xBUvnMxWu1OCRtuE-1L1Fh3P5FE.roa
Signing time: Mon 02 Jan 2023 15:59:41 +0000
ROA not before: Mon 02 Jan 2023 15:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.67.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
185.72.240.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Jan 2023 16:15:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:35:c4:27:e1:61:d5:28:bb:83:ae:ba:e1:15:72:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 2 15:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4152f9ccc56bb538246db84fb52f5161dcfe451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9e:d2:68:80:c5:f0:1f:fa:b2:19:26:12:97:
a8:77:06:2e:a1:cb:14:e2:d0:7f:3a:fa:a3:02:5c:
79:8f:22:9d:98:d9:8b:15:66:f2:f9:e9:ce:ba:72:
e0:56:a5:ba:7f:12:2e:b5:11:d0:28:8e:b5:ce:0a:
58:86:b0:d2:60:6d:02:96:36:76:e2:73:45:b7:2c:
dc:c2:ff:74:a1:aa:3e:6b:31:60:4a:b8:de:65:64:
2b:e1:b6:4d:77:ae:10:e9:93:93:9c:bf:2e:83:7b:
d2:7d:b8:89:18:a5:40:7a:8d:7e:c3:77:6f:c3:b9:
6d:33:e8:3a:89:3b:5c:a4:0b:53:be:81:93:5d:27:
5f:e5:92:5b:54:3e:70:9e:94:4d:d5:06:5f:55:7e:
e8:a2:38:14:79:0c:d1:a1:4f:5d:07:e1:6b:fd:c8:
61:0f:48:4f:50:eb:7b:95:57:7b:54:6d:24:5c:77:
4e:1d:cb:8a:b3:78:d6:d5:2f:ff:b8:2d:2c:92:9d:
13:f4:14:e8:95:0d:c5:82:e0:1b:89:c4:fa:4e:80:
01:03:f4:8f:27:5f:56:7e:67:a3:29:94:f8:bf:8e:
c9:85:de:fe:94:a2:32:4a:59:1a:de:4e:4e:37:00:
da:89:c4:c7:19:a5:1d:08:6b:66:d7:c9:45:19:44:
58:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:15:2F:9C:CC:56:BB:53:82:46:DB:84:FB:52:F5:16:1D:CF:E4:51
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xBUvnMxWu1OCRtuE-1L1Fh3P5FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
92.119.168.0/22
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:2f:15:b5:d9:6c:c1:ae:41:15:c5:d7:b1:8a:c5:50:ac:4e:
79:8b:b9:e2:54:3d:42:1d:da:e6:5d:0b:3b:dd:7f:f5:98:a4:
b0:44:07:70:fe:cf:a6:c7:4d:9f:c8:72:64:cf:9a:6c:05:b0:
4e:8d:9c:5c:5d:4a:8e:40:81:4e:c9:1a:c1:7b:de:36:4f:fd:
c6:78:0d:70:95:77:70:56:8f:2b:76:89:5b:b2:e1:28:b1:6e:
f8:ed:21:0d:7d:c6:b1:47:a5:cd:0b:91:05:8f:9a:c6:68:de:
1d:f7:d5:c3:b2:b0:9f:af:ea:73:06:bc:ad:03:65:5b:1a:b6:
fa:84:cd:0a:f6:24:cc:05:5f:ba:d5:16:53:a4:94:7e:97:9d:
05:8d:70:2c:56:4d:0c:33:19:a7:69:49:67:8b:18:7a:b7:5d:
cd:8c:d3:57:21:48:0f:07:ce:35:c6:c4:4d:a0:b4:0f:38:3d:
25:fb:47:d0:48:ab:68:b9:ca:b4:18:67:78:a2:72:3b:e9:fc:
45:eb:ac:16:b4:fb:49:07:d1:c6:90:13:a6:41:8b:48:bb:aa:
f2:0c:a4:67:26:d0:6b:65:38:c0:a3:43:b1:94:12:ae:e8:6a:
0f:9c:32:15:02:56:a0:20:e8:b9:34:bd:4c:bb:f2:de:95:d0:
e4:3e:fe:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVzNcQn4WHVKLuDrrrhFXIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwMTAyMTU1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE1MmY5Y2NjNTZiYjUzODI0NmRiODRmYjUyZjUxNjFkY2ZlNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ7SaIDF8B/6shkmEpeodwYuocsU
4tB/OvqjAlx5jyKdmNmLFWby+enOunLgVqW6fxIutRHQKI61zgpYhrDSYG0CljZ2
4nNFtyzcwv90oao+azFgSrjeZWQr4bZNd64Q6ZOTnL8ug3vSfbiJGKVAeo1+w3dv
w7ltM+g6iTtcpAtTvoGTXSdf5ZJbVD5wnpRN1QZfVX7oojgUeQzRoU9dB+Fr/chh
D0hPUOt7lVd7VG0kXHdOHcuKs3jW1S//uC0skp0T9BTolQ3FguAbicT6ToABA/SP
J19WfmejKZT4v47Jhd7+lKIySlka3k5ONwDaicTHGaUdCGtm18lFGURYfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMQVL5zMVrtTgkbbhPtS9RYdz+RRMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEveEJVdm5NeFd1MU9DUnR1RS0xTDFGaDNQNUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjpMAwQC
LUMEAwQCXHeoAwQCuUjwAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQClLxW12WzB
rkEVxdexisVQrE55i7niVD1CHdrmXQs73X/1mKSwRAdw/s+mx02fyHJkz5psBbBO
jZxcXUqOQIFOyRrBe942T/3GeA1wlXdwVo8rdolbsuEosW747SENfcaxR6XNC5EF
j5rGaN4d99XDsrCfr+pzBrytA2VbGrb6hM0K9iTMBV+61RZTpJR+l50FjXAsVk0M
MxmnaUlnixh6t13NjNNXIUgPB841xsRNoLQPOD0l+0fQSKtoucq0GGd4onI76fxF
66wWtPtJB9HGkBOmQYtIu6ryDKRnJtBrZTjAo0OxlBKu6GoPnDIVAlagIOi5NL1M
u/LeldDkPv6E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org