Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xloqwEjyRnuKWhh29LgyYhtc-Ow.roa
File: xloqwEjyRnuKWhh29LgyYhtc-Ow.roa (raw, json)
Hash identifier: Wo/FYmBrdSGxtwvXrUiK9o6hQucEUFpH6g4ugPXLui0=
Subject key identifier: C6:5A:2A:C0:48:F2:46:7B:8A:5A:18:76:F4:B8:32:62:1B:5C:F8:EC
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01857142D4CAE39A48231EA30C7D51BD4558
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xloqwEjyRnuKWhh29LgyYhtc-Ow.roa
Signing time: Mon 02 Jan 2023 06:54:43 +0000
ROA not before: Mon 02 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24973
IP address blocks: 185.117.248.0/22 maxlen: 22
81.88.32.0/20 maxlen: 20
2001:880::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Jul 2023 13:28:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d4:ca:e3:9a:48:23:1e:a3:0c:7d:51:bd:45:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 2 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c65a2ac048f2467b8a5a1876f4b832621b5cf8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:1e:37:cc:2c:e3:68:99:e5:d3:bc:a3:17:
ec:91:4c:21:cd:32:b4:8f:28:71:dd:e4:ca:89:9e:
07:c7:cd:8d:33:29:36:1f:27:bb:a3:d9:6c:2e:3c:
bf:7c:45:63:40:46:27:f3:80:00:a4:ab:d0:21:4b:
b7:47:06:95:f9:e2:4e:6f:84:bb:4f:8f:79:24:ef:
78:2d:69:28:ca:e4:46:1f:1a:3d:45:f9:5c:37:1d:
04:90:2a:b9:8f:14:19:ee:34:3f:e9:45:4e:ed:7c:
4e:5f:10:c6:f8:b7:79:f5:a7:85:04:09:37:9e:fb:
d8:c3:7b:8f:d9:f8:0c:0c:3b:d0:0a:da:ab:3a:12:
7b:bd:ac:84:02:23:ec:c2:87:66:e7:c5:fc:a7:26:
dd:7c:a7:90:fe:cf:90:69:d8:9f:57:9a:e1:08:f0:
a8:aa:06:79:76:aa:8b:68:81:48:4d:8c:da:c2:02:
77:dd:ac:79:ce:14:d7:a9:8b:46:5a:25:05:fd:cc:
e9:84:b8:bd:dc:84:76:22:f2:4a:94:eb:5c:c4:98:
b6:ef:cd:6f:f1:50:13:76:51:43:18:23:85:f3:0f:
08:40:e4:b1:59:d3:09:90:24:32:e8:b2:b3:ff:00:
a9:6d:81:8d:ea:4f:6e:5e:ed:5c:ca:bd:ee:59:33:
fe:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5A:2A:C0:48:F2:46:7B:8A:5A:18:76:F4:B8:32:62:1B:5C:F8:EC
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xloqwEjyRnuKWhh29LgyYhtc-Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.32.0/20
185.117.248.0/22
IPv6:
2001:880::/32
Signature Algorithm: sha256WithRSAEncryption
14:70:57:a3:73:78:25:e0:15:71:cb:7c:03:34:66:ff:c0:cf:
62:a7:f7:ac:4b:5e:0a:7c:ef:a8:d7:94:c7:0e:9e:e8:d9:55:
1c:f2:40:c6:25:2e:3d:c0:ef:8b:d2:e0:f1:f2:4d:c6:91:a0:
c6:94:23:2f:e2:98:97:67:ac:54:10:cc:75:6c:78:38:fb:d2:
1c:35:52:6b:9d:92:03:6e:f8:68:75:70:95:8f:e6:05:ac:ac:
37:2b:84:6a:a7:aa:20:35:07:1f:ef:a2:c9:1b:49:e7:a9:b6:
d5:4b:e4:9e:1f:19:b9:9e:b1:35:d9:f1:58:16:81:5f:bf:a2:
d5:1c:7a:9d:cb:70:55:48:4e:61:8f:c5:31:e7:9b:2d:06:fb:
ea:9c:7c:47:66:a5:90:77:9e:f3:50:5c:e3:33:6c:c2:f7:82:
6a:68:7d:ab:8c:af:67:c4:2e:14:01:b1:ff:9f:da:fb:ee:fb:
9c:80:32:df:05:43:1c:c1:3d:2f:71:8c:bb:c1:ab:ea:aa:a7:
8b:76:60:3a:37:77:07:e3:9a:dc:8b:a0:52:27:dc:4c:0c:ab:
d7:f5:a8:19:36:fb:e0:11:54:c1:ed:16:97:0f:97:10:8e:35:
03:3d:37:44:51:a9:7b:78:06:e3:b7:e1:c6:be:60:93:2c:3b:
10:e1:1e:9b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxQtTK45pIIx6jDH1RvUVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjVhMmFjMDQ4ZjI0NjdiOGE1YTE4NzZmNGI4MzI2MjFiNWNmOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGYeN8ws42iZ5dO8oxfskUwhzTK0
jyhx3eTKiZ4Hx82NMyk2Hye7o9lsLjy/fEVjQEYn84AApKvQIUu3RwaV+eJOb4S7
T495JO94LWkoyuRGHxo9RflcNx0EkCq5jxQZ7jQ/6UVO7XxOXxDG+Ld59aeFBAk3
nvvYw3uP2fgMDDvQCtqrOhJ7vayEAiPswodm58X8pybdfKeQ/s+QadifV5rhCPCo
qgZ5dqqLaIFITYzawgJ33ax5zhTXqYtGWiUF/czphLi93IR2IvJKlOtcxJi2781v
8VATdlFDGCOF8w8IQOSxWdMJkCQy6LKz/wCpbYGN6k9uXu1cyr3uWTP+wQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMZaKsBI8kZ7iloYdvS4MmIbXPjsMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEveGxvcXdFanlSbnVLV2hoMjlMZ3lZaHRjLU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVggAwQC
uXX4MA0EAgACMAcDBQAgAQiAMA0GCSqGSIb3DQEBCwUAA4IBAQAUcFejc3gl4BVx
y3wDNGb/wM9ip/esS14KfO+o15THDp7o2VUc8kDGJS49wO+L0uDx8k3GkaDGlCMv
4piXZ6xUEMx1bHg4+9IcNVJrnZIDbvhodXCVj+YFrKw3K4Rqp6ogNQcf76LJG0nn
qbbVS+SeHxm5nrE12fFYFoFfv6LVHHqdy3BVSE5hj8Ux55stBvvqnHxHZqWQd57z
UFzjM2zC94JqaH2rjK9nxC4UAbH/n9r77vucgDLfBUMcwT0vcYy7wavqqqeLdmA6
N3cH45rci6BSJ9xMDKvX9agZNvvgEVTB7RaXD5cQjjUDPTdEUal7eAbjt+HGvmCT
LDsQ4R6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org