Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/X5il5bRDZ6-lxLrNopKT_62E33c.roa
File: X5il5bRDZ6-lxLrNopKT_62E33c.roa (raw, json)
Hash identifier: 4Jc9gPSaYSNOpnqgvJve/2wElHVqaW+6vR1AmoSOUOU=
Subject key identifier: 5F:98:A5:E5:B4:43:67:AF:A5:C4:BA:CD:A2:92:93:FF:AD:84:DF:77
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 01863AFC76275133FDA7C8791A25E0B1982B
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/X5il5bRDZ6-lxLrNopKT_62E33c.roa
Signing time: Fri 10 Feb 2023 11:01:09 +0000
ROA not before: Fri 10 Feb 2023 11:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:fc:76:27:51:33:fd:a7:c8:79:1a:25:e0:b1:98:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Feb 10 11:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f98a5e5b44367afa5c4bacda29293ffad84df77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:78:a8:50:1a:16:13:bd:d2:30:0f:35:e7:
ce:fb:b9:cd:ff:e0:71:37:2f:58:bc:d6:20:da:cf:
da:f8:9f:1f:c6:8a:a7:b3:90:f9:0f:37:a4:68:97:
f4:cb:16:5c:33:36:e7:6b:b4:90:ae:62:b3:24:bf:
b0:2f:28:ff:e2:80:5a:5a:74:44:3e:bb:7b:32:4e:
f3:ae:cb:1c:1d:f2:5a:10:36:84:5d:aa:cd:52:0e:
74:a6:ea:51:e3:f7:b7:2e:3e:03:46:07:f5:48:d2:
d9:51:1d:b7:5f:34:70:3c:f7:8a:a7:22:ea:89:9e:
b6:77:26:4d:4a:32:80:83:01:0f:33:1f:da:f4:d5:
33:7d:78:63:24:12:b8:58:37:30:2d:d5:e5:1e:68:
d6:db:72:c9:63:da:41:84:d9:b5:ae:7a:a9:59:5e:
d4:99:11:e0:a6:49:04:aa:76:58:cf:f5:4a:76:fd:
a4:64:62:25:17:57:4f:36:5f:26:d2:64:33:a7:ea:
f5:69:bb:be:56:bc:7f:44:6d:6f:cb:c1:77:bd:c7:
dd:49:aa:34:79:c0:f1:af:98:1c:20:ae:b4:e2:c1:
d1:d6:8c:4b:fb:91:61:97:84:a4:72:38:5b:74:2b:
07:9b:0a:8f:0a:4f:f3:53:6f:ee:9c:69:5e:01:3d:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:98:A5:E5:B4:43:67:AF:A5:C4:BA:CD:A2:92:93:FF:AD:84:DF:77
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/X5il5bRDZ6-lxLrNopKT_62E33c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.58.0/23
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:da:4a:36:6f:1c:86:de:83:58:d8:37:4f:ad:6b:d3:82:9d:
e5:19:98:f1:39:64:3f:63:b1:ec:d5:e0:b4:e1:24:58:a5:cc:
7e:4c:6e:e7:e6:b5:51:90:42:1d:ef:8a:76:0b:ed:7f:3c:9a:
be:29:c0:fe:9b:25:6d:30:a9:8a:3a:c6:e9:99:fa:ee:ef:cb:
7a:15:34:01:46:3e:8b:e6:2b:e3:18:92:bb:18:0b:cb:e9:6f:
67:0f:d9:6b:99:28:dc:8c:31:44:29:b8:39:4a:16:c7:95:f2:
d9:ea:3d:74:77:ee:46:55:04:f5:05:b3:1c:94:f1:b3:4d:ed:
06:0c:29:b7:27:fb:56:52:42:ed:05:cf:6d:22:f7:4f:77:55:
e5:79:bc:57:17:7e:2c:f1:6c:9a:6a:a7:ed:67:61:ec:00:69:
79:d1:e6:93:d7:60:62:bf:cb:4b:4d:b5:5a:e3:a2:54:79:bd:
40:0f:53:01:c5:f5:64:ee:a0:29:a9:8a:ec:76:55:77:fa:8e:
ef:ce:74:15:c5:ab:1f:39:9c:21:4b:14:6d:1d:fb:b0:17:5f:
d4:01:e0:71:67:e2:54:d3:8c:23:af:21:b4:83:68:0a:23:0f:
d6:e4:56:03:b2:87:5d:ce:d6:5d:6e:40:6e:28:eb:70:60:42:
73:0d:4d:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYY6/HYnUTP9p8h5GiXgsZgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjMwMjEwMTEwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk4YTVlNWI0NDM2N2FmYTVjNGJhY2RhMjkyOTNmZmFkODRkZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3B4qFAaFhO90jAPNefO+7nN/+Bx
Ny9YvNYg2s/a+J8fxoqns5D5DzekaJf0yxZcMzbna7SQrmKzJL+wLyj/4oBaWnRE
Prt7Mk7zrsscHfJaEDaEXarNUg50pupR4/e3Lj4DRgf1SNLZUR23XzRwPPeKpyLq
iZ62dyZNSjKAgwEPMx/a9NUzfXhjJBK4WDcwLdXlHmjW23LJY9pBhNm1rnqpWV7U
mRHgpkkEqnZYz/VKdv2kZGIlF1dPNl8m0mQzp+r1abu+Vrx/RG1vy8F3vcfdSao0
ecDxr5gcIK604sHR1oxL+5Fhl4SkcjhbdCsHmwqPCk/zU2/unGleAT0tUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF+YpeW0Q2evpcS6zaKSk/+thN93MB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvWDVpbDViUkRaNi1seExyTm9wS1RfNjJFMzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudw6AwQA
wmvlAwQAwm4BAwQAwm4HAwQAwm4TMA0GCSqGSIb3DQEBCwUAA4IBAQDG2ko2bxyG
3oNY2DdPrWvTgp3lGZjxOWQ/Y7Hs1eC04SRYpcx+TG7n5rVRkEId74p2C+1/PJq+
KcD+myVtMKmKOsbpmfru78t6FTQBRj6L5ivjGJK7GAvL6W9nD9lrmSjcjDFEKbg5
ShbHlfLZ6j10d+5GVQT1BbMclPGzTe0GDCm3J/tWUkLtBc9tIvdPd1XlebxXF34s
8WyaaqftZ2HsAGl50eaT12Biv8tLTbVa46JUeb1AD1MBxfVk7qApqYrsdlV3+o7v
znQVxasfOZwhSxRtHfuwF1/UAeBxZ+JU04wjryG0g2gKIw/W5FYDsoddztZdbkBu
KOtwYEJzDU2w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org