Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/sxu5pdUfVfAnF05nDl3NTfAvU9E.roa
File: sxu5pdUfVfAnF05nDl3NTfAvU9E.roa (raw, json)
Hash identifier: Lg9jTST5kP3ZdmuuExk8wJtsd8bDeX4odlahGLLk8IE=
Subject key identifier: B3:1B:B9:A5:D5:1F:55:F0:27:17:4E:67:0E:5D:CD:4D:F0:2F:53:D1
Certificate issuer: /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial: 0185734CDBF1D5A96AC22380DC2AC57121C2
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/sxu5pdUfVfAnF05nDl3NTfAvU9E.roa
Signing time: Mon 02 Jan 2023 16:24:54 +0000
ROA not before: Mon 02 Jan 2023 16:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41364
IP address blocks: 185.140.168.0/22 maxlen: 22
194.116.108.0/22 maxlen: 22
194.116.106.0/23 maxlen: 23
194.116.112.0/21 maxlen: 21
194.116.124.0/23 maxlen: 23
194.116.120.0/22 maxlen: 22
194.116.126.0/24 maxlen: 24
194.116.127.0/24 maxlen: 24
194.116.72.0/23 maxlen: 23
194.116.74.0/23 maxlen: 23
194.116.76.0/22 maxlen: 24
194.116.80.0/23 maxlen: 23
194.116.82.0/24 maxlen: 24
194.116.83.0/24 maxlen: 24
194.116.84.0/24 maxlen: 24
194.116.85.0/24 maxlen: 24
194.116.86.0/23 maxlen: 23
194.116.88.0/22 maxlen: 22
194.116.94.0/23 maxlen: 23
194.116.92.0/24 maxlen: 24
194.116.93.0/24 maxlen: 24
194.116.100.0/24 maxlen: 24
194.116.100.0/22 maxlen: 24
194.116.101.0/24 maxlen: 24
194.116.102.0/23 maxlen: 23
194.116.104.0/24 maxlen: 24
194.116.105.0/24 maxlen: 24
193.42.134.0/24 maxlen: 24
2a07:1ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:db:f1:d5:a9:6a:c2:23:80:dc:2a:c5:71:21:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Validity
Not Before: Jan 2 16:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b31bb9a5d51f55f027174e670e5dcd4df02f53d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:97:21:0a:8a:49:6f:d2:05:fe:e8:fd:ed:4a:
0d:3e:f5:bc:21:6c:0f:04:51:00:b4:8c:fe:3d:cd:
0d:f3:fb:55:f7:b1:27:78:9d:c6:97:06:9a:18:ff:
65:c9:a5:51:b7:23:02:e2:9c:68:83:c5:b0:fd:41:
f2:1f:80:0f:c4:01:71:cf:6f:46:10:09:f6:98:61:
3d:06:fc:15:19:54:e7:c6:bb:a0:14:41:2d:41:be:
37:14:d1:48:66:75:4b:5d:7e:53:9f:2e:45:ec:30:
af:07:7e:d2:66:5c:a1:54:63:96:5a:2a:de:b1:d1:
ef:12:14:ac:5b:9c:c5:39:af:db:74:be:98:e7:38:
11:3b:da:ba:5b:55:97:b3:b6:5a:f1:c0:1d:18:9c:
99:a6:16:ed:60:1f:17:b8:63:88:74:c6:da:9d:1e:
9b:05:2f:36:21:f3:71:be:68:4b:45:f6:19:2f:4e:
b0:29:2a:82:19:16:73:14:a0:ae:f9:5d:da:44:b7:
c2:f4:f4:d0:09:77:06:22:08:19:0a:9d:4b:30:41:
38:0b:f4:ed:77:0b:a1:d3:1c:51:b6:53:a1:4d:3b:
50:b4:c4:44:66:c4:0b:d7:d6:42:4d:0d:e3:20:c4:
80:05:cf:6a:43:33:44:f2:80:34:0f:e5:86:f4:e9:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1B:B9:A5:D5:1F:55:F0:27:17:4E:67:0E:5D:CD:4D:F0:2F:53:D1
X509v3 Authority Key Identifier:
keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/sxu5pdUfVfAnF05nDl3NTfAvU9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.168.0/22
193.42.134.0/24
194.116.72.0-194.116.95.255
194.116.100.0-194.116.127.255
IPv6:
2a07:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
06:c1:73:34:67:c4:c2:32:d1:93:2d:91:b6:3f:56:15:35:55:
7e:7c:91:0a:1f:83:03:bc:48:f6:af:9d:6b:95:89:60:05:82:
3f:6b:c3:3d:a0:85:1c:82:76:04:b2:f8:a8:bf:a9:52:6f:87:
04:72:9b:53:72:dc:3d:16:de:fd:2f:fb:09:82:53:5b:d1:70:
8d:bf:a6:dc:86:7f:7e:bb:5f:62:9a:8f:55:62:00:49:36:a2:
bb:e3:c6:d2:ae:01:cf:10:1f:73:93:37:fe:93:22:b4:77:af:
21:ef:80:5d:89:16:ea:3c:7a:b1:5a:7e:da:c0:8d:cd:a9:38:
c1:62:bc:3d:23:ec:34:e6:75:d8:f3:92:de:47:53:4d:3f:aa:
0c:96:6c:98:e4:5b:60:d7:27:0c:06:71:f8:b8:54:6f:cb:1e:
54:4d:37:94:08:a6:d4:78:cc:37:57:49:17:c3:9d:3e:4f:04:
ae:38:0b:d7:71:34:d5:98:a1:19:05:de:66:91:1f:af:1d:14:
ff:3a:12:52:3c:a0:d8:52:45:ef:45:eb:25:e2:22:a9:3d:76:
ee:82:5a:b4:01:93:da:54:bd:fe:54:18:c4:20:6d:b2:8c:00:
97:1c:c5:9d:40:d0:8b:cf:6a:bf:0a:79:17:55:55:bb:86:dc:
c4:64:60:b1
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVzTNvx1alqwiOA3CrFcSHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFiYjlhNWQ1MWY1NWYwMjcxNzRlNjcwZTVkY2Q0ZGYwMmY1M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZchCopJb9IF/uj97UoNPvW8IWwP
BFEAtIz+Pc0N8/tV97EneJ3GlwaaGP9lyaVRtyMC4pxog8Ww/UHyH4APxAFxz29G
EAn2mGE9BvwVGVTnxrugFEEtQb43FNFIZnVLXX5Tny5F7DCvB37SZlyhVGOWWire
sdHvEhSsW5zFOa/bdL6Y5zgRO9q6W1WXs7Za8cAdGJyZphbtYB8XuGOIdMbanR6b
BS82IfNxvmhLRfYZL06wKSqCGRZzFKCu+V3aRLfC9PTQCXcGIggZCp1LMEE4C/Tt
dwuh0xxRtlOhTTtQtMREZsQL19ZCTQ3jIMSABc9qQzNE8oA0D+WG9Olx6QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLMbuaXVH1XwJxdOZw5dzU3wL1PRMB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEvc3h1NXBkVWZWZkFuRjA1bkRsM05UZkF2VTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQCuYyoAwQA
wSqGMAwDBAPCdEgDBAXCdEAwDAMEAsJ0ZAMEB8J0ADANBAIAAjAHAwUDKgcewDAN
BgkqhkiG9w0BAQsFAAOCAQEABsFzNGfEwjLRky2Rtj9WFTVVfnyRCh+DA7xI9q+d
a5WJYAWCP2vDPaCFHIJ2BLL4qL+pUm+HBHKbU3LcPRbe/S/7CYJTW9Fwjb+m3IZ/
frtfYpqPVWIASTaiu+PG0q4BzxAfc5M3/pMitHevIe+AXYkW6jx6sVp+2sCNzak4
wWK8PSPsNOZ12POS3kdTTT+qDJZsmORbYNcnDAZx+LhUb8seVE03lAim1HjMN1dJ
F8OdPk8ErjgL13E01ZihGQXeZpEfrx0U/zoSUjyg2FJF70XrJeIiqT127oJatAGT
2lS9/lQYxCBtsowAlxzFnUDQi89qvwp5F1VVu4bcxGRgsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org