Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa
File: XYNlfOTyczgvui8GJ-CZrwFAhTM.roa (raw, json)
Hash identifier: EAfMetcgrsCoFHbRC3TAmPfAUyftcF9ynZLjVRMOhcQ=
Subject key identifier: 5D:83:65:7C:E4:F2:73:38:2F:BA:2F:06:27:E0:99:AF:01:40:85:33
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190E45BE075F8413412B538E8E96D9A94CA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa
Signing time: Wed 24 Jul 2024 10:49:04 +0000
ROA not before: Wed 24 Jul 2024 10:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399114
IP address blocks: 185.80.197.0/24 maxlen: 24
188.253.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 02:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:5b:e0:75:f8:41:34:12:b5:38:e8:e9:6d:9a:94:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 24 10:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d83657ce4f273382fba2f0627e099af01408533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:98:45:65:ef:4e:71:5a:46:cf:03:39:c2:da:
a7:08:00:45:24:39:ef:d3:82:25:77:51:7d:f2:ac:
72:e6:23:63:ec:2e:fb:f1:70:28:6c:fc:5e:12:9b:
85:2e:c7:d9:25:3c:9a:df:a1:e2:d6:92:c1:11:76:
ce:e5:c2:82:02:80:e8:18:6a:4a:73:2a:72:c1:4a:
86:b5:40:db:f8:42:be:50:4b:58:3a:c2:2f:b1:98:
77:a3:d0:93:f5:4d:82:81:04:ba:40:d7:53:82:e6:
42:f8:5f:ad:37:90:20:6b:ff:aa:e4:2c:f8:83:a3:
c8:71:1b:9b:77:cc:06:9e:9a:4e:22:ac:c2:74:1f:
f8:d3:c3:a9:fd:e4:82:ce:d0:de:16:ae:9e:81:a2:
d1:96:a9:2c:26:79:30:9c:19:af:55:3a:92:0a:86:
9c:e4:b8:1c:b0:93:45:07:02:4b:96:ea:81:78:03:
43:e8:c7:34:1e:d9:8f:a8:c3:8d:ed:6d:2f:fb:e2:
fd:54:50:01:80:2c:9d:71:84:c8:c2:13:30:dc:87:
30:a9:b5:7f:1e:e6:b7:69:2a:4c:ac:80:7c:df:3c:
6f:31:5c:9b:1b:98:ee:92:67:90:db:49:e2:16:2d:
28:fc:75:01:fd:24:67:0e:69:3a:69:28:92:24:91:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:83:65:7C:E4:F2:73:38:2F:BA:2F:06:27:E0:99:AF:01:40:85:33
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.197.0/24
188.253.8.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:21:5c:b4:7e:da:57:51:ba:23:9a:c4:79:06:ca:47:c4:db:
0f:e2:35:50:3d:ad:cd:b4:d4:65:3a:d2:6d:b9:eb:5d:a1:4f:
df:91:66:71:3d:b9:12:74:be:d2:4e:86:25:c2:22:cc:7e:2b:
6d:c1:a2:ef:ff:63:68:9c:8a:1e:5f:3b:3e:9e:1b:26:f4:33:
5d:57:8d:82:9c:90:eb:cd:c6:c4:cf:cc:da:5d:2a:a1:7e:e3:
ce:45:27:e6:5a:23:1d:ec:8d:75:ee:98:3e:ad:bc:62:e4:84:
03:82:c7:67:6b:4d:13:26:3b:77:ff:16:0d:b9:40:9c:08:30:
91:b2:fd:72:6b:c8:09:84:39:c8:af:36:fb:da:99:19:86:4e:
6f:c4:df:42:50:f3:98:8e:b4:8b:f4:80:63:ae:a3:da:18:ec:
a1:33:36:42:b3:9c:db:c5:8f:13:63:3c:38:94:9d:99:1b:ec:
1e:63:5f:8e:25:38:02:0b:10:95:0e:40:38:8d:99:39:5c:dc:
5a:7b:98:c4:b9:01:05:cf:b3:3f:51:d1:71:20:0f:29:3b:1b:
4f:30:ba:9a:10:ee:38:fe:ec:3a:7f:10:57:84:ac:08:69:33:
78:e9:cc:e9:13:0a:83:30:3c:2f:4c:9b:f9:56:b5:fe:30:23:
ba:b9:e6:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDkW+B1+EE0ErU46OltmpTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNzI0MTA0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDgzNjU3Y2U0ZjI3MzM4MmZiYTJmMDYyN2UwOTlhZjAxNDA4NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJhFZe9OcVpGzwM5wtqnCABFJDnv
04Ild1F98qxy5iNj7C778XAobPxeEpuFLsfZJTya36Hi1pLBEXbO5cKCAoDoGGpK
cypywUqGtUDb+EK+UEtYOsIvsZh3o9CT9U2CgQS6QNdTguZC+F+tN5Aga/+q5Cz4
g6PIcRubd8wGnppOIqzCdB/408Op/eSCztDeFq6egaLRlqksJnkwnBmvVTqSCoac
5LgcsJNFBwJLluqBeAND6Mc0HtmPqMON7W0v++L9VFABgCydcYTIwhMw3IcwqbV/
Hua3aSpMrIB83zxvMVybG5jukmeQ20niFi0o/HUB/SRnDmk6aSiSJJFjMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF2DZXzk8nM4L7ovBifgma8BQIUzMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWFlObGZPVHljemd2dWk4R0otQ1pyd0ZBaFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVDFAwQA
vP0IMA0GCSqGSIb3DQEBCwUAA4IBAQC1IVy0ftpXUbojmsR5BspHxNsP4jVQPa3N
tNRlOtJtuetdoU/fkWZxPbkSdL7SToYlwiLMfittwaLv/2NonIoeXzs+nhsm9DNd
V42CnJDrzcbEz8zaXSqhfuPORSfmWiMd7I117pg+rbxi5IQDgsdna00TJjt3/xYN
uUCcCDCRsv1ya8gJhDnIrzb72pkZhk5vxN9CUPOYjrSL9IBjrqPaGOyhMzZCs5zb
xY8TYzw4lJ2ZG+weY1+OJTgCCxCVDkA4jZk5XNxae5jEuQEFz7M/UdFxIA8pOxtP
MLqaEO44/uw6fxBXhKwIaTN46czpEwqDMDwvTJv5VrX+MCO6ueYC
-----END CERTIFICATE-----
Generated at Mon Oct 7 06:38:32 2024 by rpki-client on console-ams.rpki-client.org