Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/XUqYW4CDRcnPa09vyEZrcwF2Vb4.roa
File: XUqYW4CDRcnPa09vyEZrcwF2Vb4.roa (raw, json)
Hash identifier: go2rQwzFJxU3vgCZTryVmOkLLG5Yl0C9ZyGxtbU8684=
Subject key identifier: 5D:4A:98:5B:80:83:45:C9:CF:6B:4F:6F:C8:46:6B:73:01:76:55:BE
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 01856D6F69BEDEE1643614A4E001DD368506
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/XUqYW4CDRcnPa09vyEZrcwF2Vb4.roa
Signing time: Sun 01 Jan 2023 13:04:55 +0000
ROA not before: Sun 01 Jan 2023 13:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 213.109.179.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.176.0/24 maxlen: 24
2a00:de61:300::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:69:be:de:e1:64:36:14:a4:e0:01:dd:36:85:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 1 13:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d4a985b808345c9cf6b4f6fc8466b73017655be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:90:b7:f0:59:a7:5a:4b:fd:fc:1b:85:9d:
12:7d:62:ae:35:f5:73:49:cf:43:ea:88:22:ef:22:
aa:9a:86:38:d5:51:a5:16:15:29:5f:95:87:06:b5:
9c:3c:fb:b4:c6:cb:61:f5:5c:5c:6a:15:23:4f:69:
f5:09:d2:95:d5:0a:bf:fc:ff:6e:b2:b4:33:95:fa:
ff:53:ab:2b:4f:95:ae:56:21:f3:88:7a:9d:f7:de:
67:b7:ac:e0:9c:d8:d6:28:46:0b:a7:49:19:93:1f:
42:c6:92:0d:da:e0:0c:c6:aa:e8:7d:65:fe:e5:9f:
ce:d8:6f:4b:c3:e1:d3:d9:dd:09:88:3c:f9:f7:c7:
23:07:d3:51:40:3e:70:9e:ce:ba:df:42:64:1d:97:
1a:56:33:55:3e:03:87:8d:30:b4:b6:02:3a:eb:7c:
6e:b6:9c:96:5a:d8:5e:d0:d0:77:0c:7b:5e:78:82:
ec:a4:41:98:ec:be:67:af:31:f0:6d:df:1b:95:dc:
c9:a1:11:c6:0d:7c:10:53:8b:f5:4b:d7:9d:2e:76:
4f:06:60:fc:e5:63:f6:a2:56:8f:40:d1:ce:9c:97:
7d:d5:9c:3e:e8:6d:96:f8:35:eb:e0:ba:52:f8:23:
b8:2b:45:c1:41:5a:2e:b5:e0:25:ec:92:f1:df:c2:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4A:98:5B:80:83:45:C9:CF:6B:4F:6F:C8:46:6B:73:01:76:55:BE
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/XUqYW4CDRcnPa09vyEZrcwF2Vb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
a0:95:c6:24:cb:d5:31:d3:2b:df:a6:bc:3b:45:4e:84:e3:a0:
16:0c:98:ef:f2:93:b9:f2:59:74:7f:b3:c0:97:55:ca:05:21:
c2:9c:8a:d0:a5:cc:b5:a0:f5:af:b3:db:61:60:a7:a4:dd:0f:
b0:01:7f:85:1c:0a:9e:39:7a:05:8e:56:67:0e:70:53:af:f1:
34:d6:6d:aa:ff:e7:60:d3:df:b6:e0:86:cb:7d:b6:50:20:47:
2c:e4:3c:ed:88:ff:7e:45:88:ba:30:ad:c2:f3:00:44:11:e0:
43:6b:01:ca:db:ab:d3:a6:5e:d8:43:3f:17:14:e3:eb:11:ec:
5c:55:fd:dd:7f:53:0e:fc:ca:04:08:92:35:7a:d2:21:9a:e1:
6d:5a:cd:81:33:12:37:8c:3a:ac:08:12:e6:aa:6f:d2:84:f7:
09:0d:81:0f:be:12:52:a2:4b:ba:ae:e3:cd:45:1d:a5:25:6f:
6d:36:fc:66:3d:b3:c6:5e:d7:0d:9c:02:21:e0:ae:e0:58:00:
ca:4d:ac:34:06:b5:30:60:ab:94:76:fb:d8:55:67:67:1b:8d:
2e:c8:96:b2:d1:de:cd:d4:fa:1e:64:e7:3c:3e:a2:df:c9:55:
01:e6:f3:95:c1:de:04:b7:1f:5b:b9:cd:c4:83:95:33:4e:e1:
22:4e:d6:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtb2m+3uFkNhSk4AHdNoUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjRhMWY3Y2E0MGI1ODExNmU2YmM4MzhlMDYyZjljNzEy
MjI4YTQwHhcNMjMwMTAxMTMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRhOTg1YjgwODM0NWM5Y2Y2YjRmNmZjODQ2NmI3MzAxNzY1NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2CQt/BZp1pL/fwbhZ0SfWKuNfVz
Sc9D6ogi7yKqmoY41VGlFhUpX5WHBrWcPPu0xsth9VxcahUjT2n1CdKV1Qq//P9u
srQzlfr/U6srT5WuViHziHqd995nt6zgnNjWKEYLp0kZkx9CxpIN2uAMxqrofWX+
5Z/O2G9Lw+HT2d0JiDz598cjB9NRQD5wns6630JkHZcaVjNVPgOHjTC0tgI663xu
tpyWWthe0NB3DHteeILspEGY7L5nrzHwbd8bldzJoRHGDXwQU4v1S9edLnZPBmD8
5WP2olaPQNHOnJd91Zw+6G2W+DXr4LpS+CO4K0XBQVouteAl7JLx38KuJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF1KmFuAg0XJz2tPb8hGa3MBdlW+MB8GA1UdIwQY
MBaAFPpkoffKQLWBFua8g44GL5xxIiikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tU2g5OHBBdFlFVzVyeURqZ1l2bkhFaUtLUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVm
LTViODNkMGU5NjAxMi8xL1hVcVlXNENEUmNuUGEwOXZ5RVpyY3dGMlZiNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVmLTViODNkMGU5NjAx
Mi8xLzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBALVbbAw
DgQCAAIwCAMGAioA3mEAMA0GCSqGSIb3DQEBCwUAA4IBAQCglcYky9Ux0yvfprw7
RU6E46AWDJjv8pO58ll0f7PAl1XKBSHCnIrQpcy1oPWvs9thYKek3Q+wAX+FHAqe
OXoFjlZnDnBTr/E01m2q/+dg09+24IbLfbZQIEcs5DztiP9+RYi6MK3C8wBEEeBD
awHK26vTpl7YQz8XFOPrEexcVf3df1MO/MoECJI1etIhmuFtWs2BMxI3jDqsCBLm
qm/ShPcJDYEPvhJSoku6ruPNRR2lJW9tNvxmPbPGXtcNnAIh4K7gWADKTaw0BrUw
YKuUdvvYVWdnG40uyJay0d7N1PoeZOc8PqLfyVUB5vOVwd4Etx9buc3Eg5UzTuEi
TtYp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:41 2024 by rpki-client on console-ams.rpki-client.org