Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Xwl3FAmefLBCUUI3IE2DmwjlyXg.roa
File: Xwl3FAmefLBCUUI3IE2DmwjlyXg.roa (raw, json)
Hash identifier: mMF0oLRc/6Z09lhpLwYR3lj0PPGQ1X4qcFyTkdhYxxU=
Subject key identifier: 5F:09:77:14:09:9E:7C:B0:42:51:42:37:20:4D:83:9B:08:E5:C9:78
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01904AF11F3C58949CE90B29ADA5074A42DF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Xwl3FAmefLBCUUI3IE2DmwjlyXg.roa
Signing time: Mon 24 Jun 2024 15:50:34 +0000
ROA not before: Mon 24 Jun 2024 15:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
159.255.32.0/22 maxlen: 24
188.214.236.0/22 maxlen: 22
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 17:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:f1:1f:3c:58:94:9c:e9:0b:29:ad:a5:07:4a:42:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 24 15:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f097714099e7cb042514237204d839b08e5c978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6f:ec:79:e1:21:aa:4d:a1:83:fd:37:f9:f4:
69:90:41:29:64:28:e1:ad:ff:fb:2d:8a:22:37:c2:
ec:2b:aa:64:cf:14:4d:a5:90:4c:87:f9:c7:98:e3:
22:e1:3b:b9:2e:f8:67:3b:6f:a4:94:b2:24:38:a8:
a1:e3:03:06:6d:cb:81:67:38:d0:be:f7:94:f2:12:
a2:5e:c3:76:ea:2a:0f:eb:e2:b1:c4:88:73:02:bb:
79:b3:4d:50:91:2f:cd:ff:6d:a2:19:cb:84:fa:86:
96:e4:09:9b:db:6d:01:65:b3:8a:f2:ca:fc:64:3b:
97:7f:e3:09:98:19:2b:48:a8:2e:ba:29:8a:4e:95:
44:d4:a2:48:93:62:02:8e:11:dc:ea:0a:e0:26:6b:
91:6f:eb:76:a0:ea:ab:6b:db:ac:c3:dc:9f:6f:37:
69:ca:14:69:62:10:60:90:79:cc:35:ae:bd:a6:6e:
ab:81:07:e5:1e:e7:88:e2:5d:3d:40:5d:eb:ce:75:
39:62:a3:ae:47:e9:6d:1f:11:e3:00:a2:fa:7f:d8:
64:26:17:8c:28:0c:63:ab:52:02:e7:fd:7c:16:4b:
6b:df:2e:96:b3:48:46:97:55:11:8e:11:75:09:6e:
0c:83:05:5c:db:58:77:88:c8:4d:87:86:c6:bc:8d:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:77:14:09:9E:7C:B0:42:51:42:37:20:4D:83:9B:08:E5:C9:78
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Xwl3FAmefLBCUUI3IE2DmwjlyXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.9.0/24
89.251.10.0/24
91.132.57.0/24
159.255.32.0/22
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:5f:fb:5c:1f:17:52:a4:7b:1a:52:32:c3:37:e7:d6:82:44:
59:f6:cd:76:cb:32:40:74:78:f2:ce:2e:e7:17:d2:90:ac:03:
ed:2f:0e:b4:c8:29:b9:1a:fa:9c:20:46:b7:be:72:02:28:bc:
a6:3e:b9:23:de:21:08:5f:ab:a6:c0:26:11:50:6f:0c:f9:da:
1b:33:ce:1b:b3:5e:e2:5a:fe:da:b8:1d:06:2e:85:fe:5d:73:
d3:c2:ad:db:bc:fe:ca:a3:de:90:0b:ff:f5:69:57:5a:85:77:
f4:7f:4f:a3:d7:c9:f0:35:64:2a:dc:53:ba:90:b9:21:53:f6:
0b:65:22:8a:d9:28:dc:80:5a:5b:69:37:9e:4d:79:a0:c3:ca:
63:7f:88:b3:0f:6d:66:06:2f:8c:5a:ec:95:eb:90:5f:00:c7:
a4:8a:ac:f6:cf:80:18:50:59:c5:17:71:73:57:e5:c2:88:db:
d4:b3:60:30:7c:84:e6:e8:c0:f2:68:14:94:5a:5d:cc:59:d1:
28:61:4d:f2:8d:b6:1e:18:9e:9a:81:c7:c8:cb:37:cb:a2:d6:
9b:de:e8:d3:ab:31:07:74:1a:40:1d:93:1f:f1:ac:3d:73:4c:
41:d2:e2:12:8f:01:40:e5:8d:1a:08:f7:0a:de:9e:5b:b6:a4:
5c:3e:e0:c8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZBK8R88WJSc6QspraUHSkLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI0MTU1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA5NzcxNDA5OWU3Y2IwNDI1MTQyMzcyMDRkODM5YjA4ZTVjOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG/seeEhqk2hg/03+fRpkEEpZCjh
rf/7LYoiN8LsK6pkzxRNpZBMh/nHmOMi4Tu5LvhnO2+klLIkOKih4wMGbcuBZzjQ
vveU8hKiXsN26ioP6+KxxIhzArt5s01QkS/N/22iGcuE+oaW5Amb220BZbOK8sr8
ZDuXf+MJmBkrSKguuimKTpVE1KJIk2ICjhHc6grgJmuRb+t2oOqra9usw9yfbzdp
yhRpYhBgkHnMNa69pm6rgQflHueI4l09QF3rznU5YqOuR+ltHxHjAKL6f9hkJheM
KAxjq1IC5/18Fktr3y6Ws0hGl1URjhF1CW4MgwVc21h3iMhNh4bGvI3OwwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF8JdxQJnnywQlFCNyBNg5sI5cl4MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWHdsM0ZBbWVmTEJDVVVJM0lFMkRtd2pseVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnMJAwQA
WfsKAwQAW4Q5AwQCn/8gAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0GCSqGSIb3
DQEBCwUAA4IBAQDOX/tcHxdSpHsaUjLDN+fWgkRZ9s12yzJAdHjyzi7nF9KQrAPt
Lw60yCm5GvqcIEa3vnICKLymPrkj3iEIX6umwCYRUG8M+dobM84bs17iWv7auB0G
LoX+XXPTwq3bvP7Ko96QC//1aVdahXf0f0+j18nwNWQq3FO6kLkhU/YLZSKK2Sjc
gFpbaTeeTXmgw8pjf4izD21mBi+MWuyV65BfAMekiqz2z4AYUFnFF3FzV+XCiNvU
s2AwfITm6MDyaBSUWl3MWdEoYU3yjbYeGJ6agcfIyzfLotab3ujTqzEHdBpAHZMf
8aw9c0xB0uISjwFA5Y0aCPcK3p5btqRcPuDI
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:58:39 2024 by rpki-client on console-fra.rpki-client.org