Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XsYcvAkgywlwgt67a68ssqZOxbA.roa
File: XsYcvAkgywlwgt67a68ssqZOxbA.roa (raw, json)
Hash identifier: xCXznchWp1O96pQR4NtVQXQh9rkqEtHjZl+uUBngMdU=
Subject key identifier: 5E:C6:1C:BC:09:20:CB:09:70:82:DE:BB:6B:AF:2C:B2:A6:4E:C5:B0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50107777C30C30F0A8737BEFBA441DB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XsYcvAkgywlwgt67a68ssqZOxbA.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.242.2.0/24 maxlen: 24
45.85.104.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 07:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:07:77:7c:30:c3:0f:0a:87:37:be:fb:a4:41:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ec61cbc0920cb097082debb6baf2cb2a64ec5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:33:21:1a:fd:6f:03:31:21:57:71:95:1e:f0:
ca:b8:a4:98:dc:40:db:cf:8f:63:37:6b:0c:50:10:
2e:78:8a:6b:47:7a:c1:a4:a6:d1:af:15:5b:60:e2:
56:38:aa:44:37:15:99:08:d4:90:30:1d:4a:43:06:
5e:bf:75:c9:eb:cd:5e:38:01:df:d5:ba:d3:3f:78:
71:46:27:f1:88:ff:bb:ef:d4:8d:eb:df:fe:4f:aa:
4d:79:8c:bc:87:6c:0c:85:2f:34:ad:c1:5a:fa:c0:
98:fe:96:75:37:56:f5:47:fa:4c:6a:67:5a:ee:dd:
ca:c8:4c:12:0f:d1:5d:93:f7:70:3e:67:ee:6a:00:
12:bd:1c:c5:54:f7:f0:c8:3e:bb:5b:1a:c1:8b:a1:
d0:6e:66:7a:0c:f9:60:31:2d:f0:b3:c0:13:08:d8:
42:d9:b4:f8:bc:62:26:7f:95:f7:53:00:0d:86:f6:
cb:9a:2e:40:d6:28:a2:ee:8d:a1:f6:eb:1a:a0:e5:
e8:b1:03:3b:30:28:36:04:5b:93:4b:90:b9:d1:14:
ca:a0:35:91:6d:62:e6:e1:55:40:04:ca:ca:a9:47:
6b:1f:59:f3:c9:1f:99:ee:d3:ca:42:1f:e4:ed:e9:
0e:51:4c:94:ad:a8:73:c3:d2:da:15:92:e0:3e:f9:
ba:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C6:1C:BC:09:20:CB:09:70:82:DE:BB:6B:AF:2C:B2:A6:4E:C5:B0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XsYcvAkgywlwgt67a68ssqZOxbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.104.0/24
185.192.16.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
63:97:44:f4:ce:a0:f1:08:bb:a6:87:14:43:ae:52:f1:40:80:
c1:73:7a:af:22:fd:2e:cc:d3:1a:a4:cb:94:76:79:90:a1:ba:
15:9a:e2:b8:ac:95:85:a9:a4:15:c6:d3:40:53:cc:8d:67:d9:
7d:e2:35:4e:da:36:b2:38:66:18:b6:ec:de:6c:31:76:82:6c:
8c:11:95:8a:a4:b5:83:6a:34:8b:e7:74:6f:74:2a:09:ea:fa:
b2:44:cc:12:2c:bb:bb:30:0f:0f:73:2d:8f:62:3e:bf:5a:3b:
3c:00:5b:c3:ec:b1:c7:c4:87:63:b1:6c:31:eb:e5:c3:28:04:
3d:c8:0f:5a:50:cc:35:3e:53:a4:f2:bf:a0:e4:d3:e4:0a:54:
42:4c:73:9e:76:52:b8:2f:4f:e5:62:36:aa:e5:5b:78:c8:d2:
d7:ca:24:04:70:67:2c:c6:05:02:c6:ca:46:55:ae:79:29:ab:
60:ea:94:33:72:30:a2:c2:58:2e:2a:8f:ac:8b:8b:17:9e:fc:
20:ab:82:8d:5f:45:45:80:91:78:d5:e7:d2:df:e0:68:6e:72:
e4:b6:38:10:d3:60:ab:74:6d:90:29:d0:93:4c:e9:88:c4:c9:
63:b8:2a:94:f7:f4:0c:a1:0e:c5:a3:99:68:ac:44:b4:59:6c:
05:d7:a8:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAQd3fDDDDwqHN777pEHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWM2MWNiYzA5MjBjYjA5NzA4MmRlYmI2YmFmMmNiMmE2NGVjNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DMhGv1vAzEhV3GVHvDKuKSY3EDb
z49jN2sMUBAueIprR3rBpKbRrxVbYOJWOKpENxWZCNSQMB1KQwZev3XJ681eOAHf
1brTP3hxRifxiP+779SN69/+T6pNeYy8h2wMhS80rcFa+sCY/pZ1N1b1R/pMamda
7t3KyEwSD9Fdk/dwPmfuagASvRzFVPfwyD67WxrBi6HQbmZ6DPlgMS3ws8ATCNhC
2bT4vGImf5X3UwANhvbLmi5A1iii7o2h9usaoOXosQM7MCg2BFuTS5C50RTKoDWR
bWLm4VVABMrKqUdrH1nzyR+Z7tPKQh/k7ekOUUyUrahzw9LaFZLgPvm6WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF7GHLwJIMsJcILeu2uvLLKmTsWwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWHNZY3ZBa2d5d2x3Z3Q2N2E2OHNzcVpPeGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVVoAwQA
ucAQAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQBjl0T0zqDxCLumhxRD
rlLxQIDBc3qvIv0uzNMapMuUdnmQoboVmuK4rJWFqaQVxtNAU8yNZ9l94jVO2jay
OGYYtuzebDF2gmyMEZWKpLWDajSL53RvdCoJ6vqyRMwSLLu7MA8Pcy2PYj6/Wjs8
AFvD7LHHxIdjsWwx6+XDKAQ9yA9aUMw1PlOk8r+g5NPkClRCTHOedlK4L0/lYjaq
5Vt4yNLXyiQEcGcsxgUCxspGVa55Katg6pQzcjCiwlguKo+si4sXnvwgq4KNX0VF
gJF41efS3+BobnLktjgQ02CrdG2QKdCTTOmIxMljuCqU9/QMoQ7Fo5lorES0WWwF
16jo
-----END CERTIFICATE-----
Generated at Mon Apr 8 11:45:25 2024 by rpki-client on console-fra.rpki-client.org