Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/XOR49x9SKDGixPRQV7pEXBiFckU.roa
File: XOR49x9SKDGixPRQV7pEXBiFckU.roa (raw, json)
Hash identifier: NYkp/+hEwug8S9bYVa2AMe2tVLVaa1YCdAanCXO5VcA=
Subject key identifier: 5C:E4:78:F7:1F:52:28:31:A2:C4:F4:50:57:BA:44:5C:18:85:72:45
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 01856F4B49A4025995C711FDB7F022F63D99
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/XOR49x9SKDGixPRQV7pEXBiFckU.roa
Signing time: Sun 01 Jan 2023 21:44:43 +0000
ROA not before: Sun 01 Jan 2023 21:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43366
IP address blocks: 192.145.24.0/22 maxlen: 24
5.133.84.0/22 maxlen: 24
185.197.188.0/22 maxlen: 24
185.205.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:49:a4:02:59:95:c7:11:fd:b7:f0:22:f6:3d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Jan 1 21:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ce478f71f522831a2c4f45057ba445c18857245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:e6:17:8d:f8:7f:31:41:de:12:ba:f3:86:
e5:e9:e3:a7:81:ef:49:4b:b8:5c:c0:e3:3b:6c:af:
cf:3e:53:c6:14:2d:e7:f7:30:71:24:ff:0f:68:c7:
58:a3:0d:5c:45:25:a5:8d:75:66:84:10:44:ee:ca:
0e:7f:b1:09:72:2a:7f:0e:ff:70:66:17:9a:19:64:
58:19:0f:52:71:7f:fe:89:ca:57:e6:1f:1b:7d:46:
2d:48:c1:24:14:d5:51:e9:57:a0:4f:27:09:8e:95:
6c:75:e4:99:2b:d0:98:8f:38:51:01:ef:30:4c:7d:
f7:0d:19:34:3c:cc:2a:c8:6a:29:96:61:39:bf:1e:
32:27:0c:47:c8:d3:4f:52:e6:ba:b5:da:19:fa:4d:
c9:cb:da:6f:b1:73:f6:1f:00:5d:37:a9:49:c6:59:
9b:8c:1d:1f:cd:af:14:74:06:9a:1d:50:d8:69:8f:
9b:85:a3:51:97:fb:c9:20:7d:34:96:9f:d5:74:81:
02:83:e0:d1:75:ae:40:06:25:09:aa:b0:1e:46:69:
dd:1b:f3:72:70:ed:7d:e2:49:7e:6f:70:69:e7:c4:
fd:e8:48:f4:63:f9:fd:9b:a8:34:5c:05:0a:63:14:
1f:53:ff:f9:7a:e8:70:30:85:cf:39:74:d6:0d:e4:
80:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E4:78:F7:1F:52:28:31:A2:C4:F4:50:57:BA:44:5C:18:85:72:45
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/XOR49x9SKDGixPRQV7pEXBiFckU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:b7:26:da:6b:2a:f7:fd:53:56:cb:f4:b0:55:e0:b1:bc:8c:
ee:4b:e6:dd:d6:42:7b:f6:17:fe:ed:ec:46:1d:1e:16:74:ee:
e3:9b:3f:00:8b:37:ea:04:35:55:a9:95:88:b3:56:a2:80:ee:
46:bc:f1:76:d2:15:9a:76:29:36:5f:65:f5:c4:08:55:d3:d1:
1f:eb:18:3e:a3:2e:b6:1d:35:8e:b7:b6:fb:5b:5a:fe:cb:f2:
57:c2:e6:d0:f9:1b:cb:41:ac:52:69:4a:80:33:6a:ad:79:b5:
c6:1b:25:fd:dc:b4:a3:b7:61:77:7a:7d:84:b1:37:4a:d9:63:
93:c0:68:74:a3:5f:e1:43:62:eb:f3:6c:7d:47:9e:1a:25:4c:
9c:35:e9:87:86:bf:28:63:a1:f4:ca:52:3b:9b:2d:f0:c8:7c:
80:01:f8:38:82:46:ed:a9:9e:35:51:72:ef:7c:79:fd:d4:6b:
ab:8f:38:38:a6:85:35:ae:ab:7a:e0:ac:5a:3e:60:db:23:15:
22:a7:bf:f2:3d:58:07:fc:60:b8:9f:2c:84:ac:34:11:93:c9:
02:9f:fd:04:0e:2f:43:43:6b:c4:b6:d1:c0:6a:cc:7d:94:e7:
cd:47:de:f0:78:c4:a9:d3:c8:44:a3:46:6d:e7:b8:63:f9:7b:
53:b7:4c:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvS0mkAlmVxxH9t/Ai9j2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmU4YjZkNzNmMmYzODU0ODk5NmY2NjYyMTMzMGE4ZDcx
MDg1MjkwHhcNMjMwMTAxMjE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U0NzhmNzFmNTIyODMxYTJjNGY0NTA1N2JhNDQ1YzE4ODU3MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFrmF434fzFB3hK684bl6eOnge9J
S7hcwOM7bK/PPlPGFC3n9zBxJP8PaMdYow1cRSWljXVmhBBE7soOf7EJcip/Dv9w
ZheaGWRYGQ9ScX/+icpX5h8bfUYtSMEkFNVR6VegTycJjpVsdeSZK9CYjzhRAe8w
TH33DRk0PMwqyGoplmE5vx4yJwxHyNNPUua6tdoZ+k3Jy9pvsXP2HwBdN6lJxlmb
jB0fza8UdAaaHVDYaY+bhaNRl/vJIH00lp/VdIECg+DRda5ABiUJqrAeRmndG/Ny
cO194kl+b3Bp58T96Ej0Y/n9m6g0XAUKYxQfU//5euhwMIXPOXTWDeSAqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFzkePcfUigxosT0UFe6RFwYhXJFMB8GA1UdIwQY
MBaAFLlui21z8vOFSJlvZmITMKjXEIUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYt
YmMwMDQ2NDllZTk5LzEvWE9SNDl4OVNLREdpeFBSUVY3cEVYQmlGY2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYtYmMwMDQ2NDllZTk5
LzEvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYVUAwQC
ucW8AwQCuc3wAwQCwJEYMA0GCSqGSIb3DQEBCwUAA4IBAQBPtybaayr3/VNWy/Sw
VeCxvIzuS+bd1kJ79hf+7exGHR4WdO7jmz8AizfqBDVVqZWIs1aigO5GvPF20hWa
dik2X2X1xAhV09Ef6xg+oy62HTWOt7b7W1r+y/JXwubQ+RvLQaxSaUqAM2qtebXG
GyX93LSjt2F3en2EsTdK2WOTwGh0o1/hQ2Lr82x9R54aJUycNemHhr8oY6H0ylI7
my3wyHyAAfg4gkbtqZ41UXLvfHn91Gurjzg4poU1rqt64KxaPmDbIxUip7/yPVgH
/GC4nyyErDQRk8kCn/0EDi9DQ2vEttHAasx9lOfNR97weMSp08hEo0Zt57hj+XtT
t0wK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org