Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/XVPdRwX5-mBdI4bSE1r-6UdTw9U.roa
File: XVPdRwX5-mBdI4bSE1r-6UdTw9U.roa (raw, json)
Hash identifier: brssNPOiHcIe9fnp0wAB/TJfXwhY4Sk6upP2LDAQu3E=
Subject key identifier: 5D:53:DD:47:05:F9:FA:60:5D:23:86:D2:13:5A:FE:E9:47:53:C3:D5
Certificate issuer: /CN=b6321eebf4f95be9f81f0f233f89f3602d2f0074
Certificate serial: 01856EEFE89F133E168E61375D56759DB96C
Authority key identifier: B6:32:1E:EB:F4:F9:5B:E9:F8:1F:0F:23:3F:89:F3:60:2D:2F:00:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/XVPdRwX5-mBdI4bSE1r-6UdTw9U.roa
Signing time: Sun 01 Jan 2023 20:04:54 +0000
ROA not before: Sun 01 Jan 2023 20:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30933
IP address blocks: 194.110.250.0/24 maxlen: 24
193.151.124.0/22 maxlen: 22
193.151.125.0/24 maxlen: 24
193.151.124.0/24 maxlen: 24
193.151.127.0/24 maxlen: 24
193.151.126.0/24 maxlen: 24
85.118.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e8:9f:13:3e:16:8e:61:37:5d:56:75:9d:b9:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6321eebf4f95be9f81f0f233f89f3602d2f0074
Validity
Not Before: Jan 1 20:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d53dd4705f9fa605d2386d2135afee94753c3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:7c:f4:ab:0d:3b:1f:96:47:15:ae:9b:99:
be:34:13:70:d0:97:fd:4e:2d:57:36:40:11:54:0c:
61:b0:04:4c:db:e6:c3:2b:93:3e:e1:4e:f6:b0:c7:
12:f3:14:b8:5d:ab:9c:12:9e:7e:c0:07:2a:60:35:
fb:49:e8:a2:eb:d9:82:e9:71:15:4c:fe:b9:86:7a:
d3:48:86:bf:08:0a:26:8c:cc:4e:89:22:b1:42:63:
9a:79:ea:1c:ac:4a:a0:4f:6c:65:23:3b:7a:b3:2e:
2d:3c:2a:87:15:6a:2a:9a:96:38:8f:de:5c:65:0d:
20:c6:ec:28:28:96:ff:00:56:5d:22:eb:c1:90:ee:
20:28:50:4d:71:36:bb:c6:40:3d:d5:ca:7f:ab:35:
c9:1d:e7:5a:02:f4:24:24:a2:65:b2:15:3a:99:25:
c1:4b:c2:30:4f:52:97:82:56:d0:3d:69:4c:89:ad:
50:9c:19:d6:5b:4f:35:6c:2e:29:50:7d:bd:89:b2:
b4:d8:44:29:31:d5:5f:b8:c3:99:9b:df:79:03:15:
07:8b:1c:de:0d:6c:6e:3f:d6:bd:48:f8:17:10:33:
75:ec:74:1b:35:ad:0b:67:9b:ea:59:a4:78:e4:23:
d3:8d:76:fa:93:e0:5c:5a:33:94:d3:9e:0c:82:34:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:53:DD:47:05:F9:FA:60:5D:23:86:D2:13:5A:FE:E9:47:53:C3:D5
X509v3 Authority Key Identifier:
keyid:B6:32:1E:EB:F4:F9:5B:E9:F8:1F:0F:23:3F:89:F3:60:2D:2F:00:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/XVPdRwX5-mBdI4bSE1r-6UdTw9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.232.0/21
193.151.124.0/22
194.110.250.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:1e:e2:31:c4:64:e4:43:cf:c1:a4:57:73:76:5b:83:b8:ec:
ac:41:14:55:72:8b:16:33:bf:a1:ff:7f:11:ad:0a:2e:d6:e1:
89:53:09:f1:ea:55:5a:bb:dc:f0:32:0a:40:5b:af:8d:a9:e0:
86:2e:ad:2c:1e:2e:4e:6d:ff:bc:7a:cc:fe:df:54:2a:17:02:
74:44:2e:05:6e:f1:28:f1:4f:a4:f6:5c:2a:24:df:12:65:7d:
da:37:ca:d2:ba:07:49:e4:68:29:72:60:6d:9e:dc:75:1a:6c:
7a:a2:16:2a:84:c3:fa:65:78:f3:2b:c8:18:d7:e8:1e:92:c0:
47:57:2f:b5:c1:3c:76:ef:fb:73:8f:3f:e9:f2:b4:7e:0d:9a:
c6:9e:47:8f:04:16:ba:a8:d1:bc:52:eb:c6:84:b7:19:a1:22:
9d:40:e5:86:5b:49:22:22:72:e9:96:cb:1d:38:7c:1d:5b:f9:
06:22:55:0e:d7:51:fd:36:ae:68:13:a5:6b:a7:85:9f:31:b4:
e9:60:a2:65:a7:88:19:14:82:6a:9d:4a:34:2c:ee:34:92:3b:
92:38:84:61:ca:ba:48:af:ac:17:6d:9d:56:f3:f5:70:2c:fa:
9b:e2:6e:cb:e1:20:8b:a8:fc:62:f9:20:3e:2f:06:d7:ed:43:
35:f7:b9:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu7+ifEz4WjmE3XVZ1nblsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzIxZWViZjRmOTViZTlmODFmMGYyMzNmODlmMzYwMmQy
ZjAwNzQwHhcNMjMwMTAxMjAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUzZGQ0NzA1ZjlmYTYwNWQyMzg2ZDIxMzVhZmVlOTQ3NTNjM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoql89KsNOx+WRxWum5m+NBNw0Jf9
Ti1XNkARVAxhsARM2+bDK5M+4U72sMcS8xS4XaucEp5+wAcqYDX7Seii69mC6XEV
TP65hnrTSIa/CAomjMxOiSKxQmOaeeocrEqgT2xlIzt6sy4tPCqHFWoqmpY4j95c
ZQ0gxuwoKJb/AFZdIuvBkO4gKFBNcTa7xkA91cp/qzXJHedaAvQkJKJlshU6mSXB
S8IwT1KXglbQPWlMia1QnBnWW081bC4pUH29ibK02EQpMdVfuMOZm995AxUHixze
DWxuP9a9SPgXEDN17HQbNa0LZ5vqWaR45CPTjXb6k+BcWjOU054MgjQs4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF1T3UcF+fpgXSOG0hNa/ulHU8PVMB8GA1UdIwQY
MBaAFLYyHuv0+Vvp+B8PIz+J82AtLwB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpJZTZfVDVXLW40SHc4alA0bnpZQzB2QUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81YzkyZDEtNDFlNS00NDNlLWEyNTAt
MDFiYWY3OGVjNzNmLzEvWFZQZFJ3WDUtbUJkSTRiU0Uxci02VWRUdzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81YzkyZDEtNDFlNS00NDNlLWEyNTAtMDFiYWY3OGVjNzNm
LzEvdGpJZTZfVDVXLW40SHc4alA0bnpZQzB2QUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVXboAwQC
wZd8AwQAwm76MA0GCSqGSIb3DQEBCwUAA4IBAQC8HuIxxGTkQ8/BpFdzdluDuOys
QRRVcosWM7+h/38RrQou1uGJUwnx6lVau9zwMgpAW6+NqeCGLq0sHi5Obf+8esz+
31QqFwJ0RC4FbvEo8U+k9lwqJN8SZX3aN8rSugdJ5GgpcmBtntx1Gmx6ohYqhMP6
ZXjzK8gY1+geksBHVy+1wTx27/tzjz/p8rR+DZrGnkePBBa6qNG8UuvGhLcZoSKd
QOWGW0kiInLplssdOHwdW/kGIlUO11H9Nq5oE6Vrp4WfMbTpYKJlp4gZFIJqnUo0
LO40kjuSOIRhyrpIr6wXbZ1W8/VwLPqb4m7L4SCLqPxi+SA+LwbX7UM197l0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org